Package Instance
Lookup for vulnerable packages by Package URL.
GET /api/packages/390727?format=api
{ "url": "http://public2.vulnerablecode.io/api/packages/390727?format=api", "purl": "pkg:apk/alpine/webkit2gtk@2.14.5-r0?arch=armv7&distroversion=v3.20&reponame=community", "type": "apk", "namespace": "alpine", "name": "webkit2gtk", "version": "2.14.5-r0", "qualifiers": { "arch": "armv7", "distroversion": "v3.20", "reponame": "community" }, "subpath": "", "is_vulnerable": false, "next_non_vulnerable_version": "2.18.4-r0", "latest_non_vulnerable_version": "2.36.5-r0", "affected_by_vulnerabilities": [], "fixing_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/104283?format=api", "vulnerability_id": "VCID-244k-u13j-5ued", "summary": "An issue was discovered in certain Apple products. iOS before 10.2.1 is affected. Safari before 10.0.3 is affected. tvOS before 10.1.1 is affected. The issue involves the \"WebKit\" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-2369", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.02245", "scoring_system": "epss", "scoring_elements": "0.84903", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.02245", "scoring_system": "epss", "scoring_elements": "0.84902", "published_at": "2026-06-09T12:55:00Z" }, { "value": "0.02245", "scoring_system": "epss", "scoring_elements": "0.84898", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.02245", "scoring_system": "epss", "scoring_elements": "0.84876", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.02245", "scoring_system": "epss", "scoring_elements": "0.84897", "published_at": "2026-06-07T12:55:00Z" }, { "value": "0.02245", "scoring_system": "epss", "scoring_elements": "0.84887", "published_at": "2026-06-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-2369" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-2369", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-2369" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.8", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:P/I:P/A:P" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.chromium.org/p/project-zero/issues/detail?id=999", "reference_id": "CVE-2017-2369", "reference_type": "exploit", "scores": [], "url": "https://bugs.chromium.org/p/project-zero/issues/detail?id=999" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/dos/41215.html", "reference_id": "CVE-2017-2369", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/dos/41215.html" }, { "reference_url": "https://security.gentoo.org/glsa/201706-15", "reference_id": "GLSA-201706-15", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201706-15" }, { "reference_url": "https://usn.ubuntu.com/3200-1/", "reference_id": "USN-3200-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3200-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/390727?format=api", "purl": "pkg:apk/alpine/webkit2gtk@2.14.5-r0?arch=armv7&distroversion=v3.20&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/webkit2gtk@2.14.5-r0%3Farch=armv7&distroversion=v3.20&reponame=community" } ], "aliases": [ "CVE-2017-2369" ], "risk_score": 6.8, "exploitability": "2.0", "weighted_severity": "3.4", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-244k-u13j-5ued" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/104285?format=api", "vulnerability_id": "VCID-2gur-bgqb-zqgm", "summary": "An issue was discovered in certain Apple products. iOS before 10.2.1 is affected. Safari before 10.0.3 is affected. tvOS before 10.1.1 is affected. The issue involves the \"WebKit\" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-2373", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.03898", "scoring_system": "epss", "scoring_elements": "0.88486", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.03898", "scoring_system": "epss", "scoring_elements": "0.88504", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.03898", "scoring_system": "epss", "scoring_elements": "0.88506", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.03898", "scoring_system": "epss", "scoring_elements": "0.88505", "published_at": "2026-06-08T12:55:00Z" }, { "value": "0.03898", "scoring_system": "epss", "scoring_elements": "0.88522", "published_at": "2026-06-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-2373" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-2373", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-2373" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.8", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:P/I:P/A:P" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.chromium.org/p/project-zero/issues/detail?id=1038", "reference_id": "CVE-2017-2373", "reference_type": "exploit", "scores": [], "url": "https://bugs.chromium.org/p/project-zero/issues/detail?id=1038" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/dos/41216.html", "reference_id": "CVE-2017-2373", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/dos/41216.html" }, { "reference_url": "https://security.gentoo.org/glsa/201706-15", "reference_id": "GLSA-201706-15", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201706-15" }, { "reference_url": "https://usn.ubuntu.com/3200-1/", "reference_id": "USN-3200-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3200-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/390727?format=api", "purl": "pkg:apk/alpine/webkit2gtk@2.14.5-r0?arch=armv7&distroversion=v3.20&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/webkit2gtk@2.14.5-r0%3Farch=armv7&distroversion=v3.20&reponame=community" } ], "aliases": [ "CVE-2017-2373" ], "risk_score": 6.8, "exploitability": "2.0", "weighted_severity": "3.4", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-2gur-bgqb-zqgm" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/104280?format=api", "vulnerability_id": "VCID-8yen-dgh8-afga", "summary": "An issue was discovered in certain Apple products. iOS before 10.2.1 is affected. Safari before 10.0.3 is affected. The issue involves the \"WebKit\" component. It allows remote attackers to bypass the Same Origin Policy and obtain sensitive information via a crafted web site.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-2364", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.11201", "scoring_system": "epss", "scoring_elements": "0.93651", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.11201", "scoring_system": "epss", "scoring_elements": "0.93656", "published_at": "2026-06-09T12:55:00Z" }, { "value": "0.11201", "scoring_system": "epss", "scoring_elements": "0.93652", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.11201", "scoring_system": "epss", "scoring_elements": "0.93642", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.11201", "scoring_system": "epss", "scoring_elements": "0.9365", "published_at": "2026-06-07T12:55:00Z" }, { "value": "0.11201", "scoring_system": "epss", "scoring_elements": "0.93649", "published_at": "2026-06-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-2364" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-2364", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-2364" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:P/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.chromium.org/p/project-zero/issues/detail?id=1056", "reference_id": "CVE-2017-2364", "reference_type": "exploit", "scores": [], "url": "https://bugs.chromium.org/p/project-zero/issues/detail?id=1056" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/webapps/41799.html", "reference_id": "CVE-2017-2364", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/webapps/41799.html" }, { "reference_url": "https://security.gentoo.org/glsa/201706-15", "reference_id": "GLSA-201706-15", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201706-15" }, { "reference_url": "https://usn.ubuntu.com/3200-1/", "reference_id": "USN-3200-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3200-1/" }, { "reference_url": "https://usn.ubuntu.com/3257-1/", "reference_id": "USN-3257-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3257-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/390727?format=api", "purl": "pkg:apk/alpine/webkit2gtk@2.14.5-r0?arch=armv7&distroversion=v3.20&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/webkit2gtk@2.14.5-r0%3Farch=armv7&distroversion=v3.20&reponame=community" } ], "aliases": [ "CVE-2017-2364" ], "risk_score": 4.2, "exploitability": "2.0", "weighted_severity": "2.1", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-8yen-dgh8-afga" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/104274?format=api", "vulnerability_id": "VCID-auzs-v96t-zbab", "summary": "An issue was discovered in certain Apple products. iOS before 10.2.1 is affected. Safari before 10.0.3 is affected. tvOS before 10.1.1 is affected. The issue involves the \"WebKit\" component. It allows remote attackers to bypass the Same Origin Policy and obtain sensitive information via a crafted web site.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-2350", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00361", "scoring_system": "epss", "scoring_elements": "0.58538", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.00361", "scoring_system": "epss", "scoring_elements": "0.58585", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.00361", "scoring_system": "epss", "scoring_elements": "0.58594", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.00361", "scoring_system": "epss", "scoring_elements": "0.58587", "published_at": "2026-06-09T12:55:00Z" }, { "value": "0.00361", "scoring_system": "epss", "scoring_elements": "0.58572", "published_at": "2026-06-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-2350" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-2350", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-2350" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.8", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:P/I:P/A:P" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://security.gentoo.org/glsa/201706-15", "reference_id": "GLSA-201706-15", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201706-15" }, { "reference_url": "https://usn.ubuntu.com/3200-1/", "reference_id": "USN-3200-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3200-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/390727?format=api", "purl": "pkg:apk/alpine/webkit2gtk@2.14.5-r0?arch=armv7&distroversion=v3.20&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/webkit2gtk@2.14.5-r0%3Farch=armv7&distroversion=v3.20&reponame=community" } ], "aliases": [ "CVE-2017-2350" ], "risk_score": 1.7, "exploitability": "0.5", "weighted_severity": "3.4", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-auzs-v96t-zbab" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/104275?format=api", "vulnerability_id": "VCID-bmnp-tbb6-puec", "summary": "An issue was discovered in certain Apple products. iOS before 10.2.1 is affected. Safari before 10.0.3 is affected. iCloud before 6.1.1 is affected. iTunes before 12.5.5 is affected. tvOS before 10.1.1 is affected. The issue involves the \"WebKit\" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-2354", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00316", "scoring_system": "epss", "scoring_elements": "0.55089", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.00316", "scoring_system": "epss", "scoring_elements": "0.55083", "published_at": "2026-06-09T12:55:00Z" }, { "value": "0.00316", "scoring_system": "epss", "scoring_elements": "0.5508", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.00316", "scoring_system": "epss", "scoring_elements": "0.55023", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.00316", "scoring_system": "epss", "scoring_elements": "0.55079", "published_at": "2026-06-07T12:55:00Z" }, { "value": "0.00316", "scoring_system": "epss", "scoring_elements": "0.55062", "published_at": "2026-06-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-2354" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-2354", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-2354" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.8", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:P/I:P/A:P" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://security.gentoo.org/glsa/201706-15", "reference_id": "GLSA-201706-15", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201706-15" }, { "reference_url": "https://usn.ubuntu.com/3200-1/", "reference_id": "USN-3200-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3200-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/390727?format=api", "purl": "pkg:apk/alpine/webkit2gtk@2.14.5-r0?arch=armv7&distroversion=v3.20&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/webkit2gtk@2.14.5-r0%3Farch=armv7&distroversion=v3.20&reponame=community" } ], "aliases": [ "CVE-2017-2354" ], "risk_score": 1.7, "exploitability": "0.5", "weighted_severity": "3.4", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-bmnp-tbb6-puec" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/104281?format=api", "vulnerability_id": "VCID-cjth-f8ur-1uda", "summary": "An issue was discovered in certain Apple products. iOS before 10.2.1 is affected. Safari before 10.0.3 is affected. tvOS before 10.1.1 is affected. The issue involves the \"WebKit\" component. It allows remote attackers to bypass the Same Origin Policy and obtain sensitive information via a crafted web site.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-2365", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.1034", "scoring_system": "epss", "scoring_elements": "0.93335", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.1034", "scoring_system": "epss", "scoring_elements": "0.93339", "published_at": "2026-06-09T12:55:00Z" }, { "value": "0.1034", "scoring_system": "epss", "scoring_elements": "0.93333", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.1034", "scoring_system": "epss", "scoring_elements": "0.93322", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.1034", "scoring_system": "epss", "scoring_elements": "0.93332", "published_at": "2026-06-07T12:55:00Z" }, { "value": "0.1034", "scoring_system": "epss", "scoring_elements": "0.93331", "published_at": "2026-06-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-2365" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-2365", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-2365" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:P/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.chromium.org/p/project-zero/issues/detail?id=1057", "reference_id": "CVE-2017-2365;HT207485;HT207484;HT207482", "reference_type": "exploit", "scores": [], "url": "https://bugs.chromium.org/p/project-zero/issues/detail?id=1057" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/webapps/41453.html", "reference_id": "CVE-2017-2365;HT207485;HT207484;HT207482", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/webapps/41453.html" }, { "reference_url": "https://security.gentoo.org/glsa/201706-15", "reference_id": "GLSA-201706-15", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201706-15" }, { "reference_url": "https://usn.ubuntu.com/3200-1/", "reference_id": "USN-3200-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3200-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/390727?format=api", "purl": "pkg:apk/alpine/webkit2gtk@2.14.5-r0?arch=armv7&distroversion=v3.20&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/webkit2gtk@2.14.5-r0%3Farch=armv7&distroversion=v3.20&reponame=community" } ], "aliases": [ "CVE-2017-2365" ], "risk_score": 4.2, "exploitability": "2.0", "weighted_severity": "2.1", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-cjth-f8ur-1uda" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/104277?format=api", "vulnerability_id": "VCID-d3ah-66t6-1kay", "summary": "An issue was discovered in certain Apple products. iOS before 10.2.1 is affected. Safari before 10.0.3 is affected. iCloud before 6.1.1 is affected. iTunes before 12.5.5 is affected. tvOS before 10.1.1 is affected. The issue involves the \"WebKit\" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-2356", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00361", "scoring_system": "epss", "scoring_elements": "0.58555", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.00361", "scoring_system": "epss", "scoring_elements": "0.58548", "published_at": "2026-06-09T12:55:00Z" }, { "value": "0.00361", "scoring_system": "epss", "scoring_elements": "0.58546", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.00361", "scoring_system": "epss", "scoring_elements": "0.585", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.00361", "scoring_system": "epss", "scoring_elements": "0.58547", "published_at": "2026-06-07T12:55:00Z" }, { "value": "0.00361", "scoring_system": "epss", "scoring_elements": "0.58533", "published_at": "2026-06-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-2356" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-2356", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-2356" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.8", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:P/I:P/A:P" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://security.gentoo.org/glsa/201706-15", "reference_id": "GLSA-201706-15", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201706-15" }, { "reference_url": "https://usn.ubuntu.com/3200-1/", "reference_id": "USN-3200-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3200-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/390727?format=api", "purl": "pkg:apk/alpine/webkit2gtk@2.14.5-r0?arch=armv7&distroversion=v3.20&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/webkit2gtk@2.14.5-r0%3Farch=armv7&distroversion=v3.20&reponame=community" } ], "aliases": [ "CVE-2017-2356" ], "risk_score": 1.7, "exploitability": "0.5", "weighted_severity": "3.4", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-d3ah-66t6-1kay" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/104278?format=api", "vulnerability_id": "VCID-esqf-aazh-s7e4", "summary": "An issue was discovered in certain Apple products. iOS before 10.2.1 is affected. Safari before 10.0.3 is affected. tvOS before 10.1.1 is affected. The issue involves the \"WebKit\" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-2362", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.02558", "scoring_system": "epss", "scoring_elements": "0.8581", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.02558", "scoring_system": "epss", "scoring_elements": "0.85806", "published_at": "2026-06-09T12:55:00Z" }, { "value": "0.02558", "scoring_system": "epss", "scoring_elements": "0.85808", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.02558", "scoring_system": "epss", "scoring_elements": "0.85786", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.02558", "scoring_system": "epss", "scoring_elements": "0.85807", "published_at": "2026-06-07T12:55:00Z" }, { "value": "0.02558", "scoring_system": "epss", "scoring_elements": "0.85792", "published_at": "2026-06-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-2362" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-2362", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-2362" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.8", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:P/I:P/A:P" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.chromium.org/p/project-zero/issues/detail?id=1044", "reference_id": "CVE-2017-2362", "reference_type": "exploit", "scores": [], "url": "https://bugs.chromium.org/p/project-zero/issues/detail?id=1044" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/osx/dos/41213.html", "reference_id": "CVE-2017-2362", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/osx/dos/41213.html" }, { "reference_url": "https://security.gentoo.org/glsa/201706-15", "reference_id": "GLSA-201706-15", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201706-15" }, { "reference_url": "https://usn.ubuntu.com/3200-1/", "reference_id": "USN-3200-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3200-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/390727?format=api", "purl": "pkg:apk/alpine/webkit2gtk@2.14.5-r0?arch=armv7&distroversion=v3.20&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/webkit2gtk@2.14.5-r0%3Farch=armv7&distroversion=v3.20&reponame=community" } ], "aliases": [ "CVE-2017-2362" ], "risk_score": 6.8, "exploitability": "2.0", "weighted_severity": "3.4", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-esqf-aazh-s7e4" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/104282?format=api", "vulnerability_id": "VCID-qhs5-kw44-fbdh", "summary": "An issue was discovered in certain Apple products. iOS before 10.2.1 is affected. Safari before 10.0.3 is affected. iCloud before 6.1.1 is affected. iTunes before 12.5.5 is affected. The issue involves the \"WebKit\" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-2366", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00382", "scoring_system": "epss", "scoring_elements": "0.59942", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.00382", "scoring_system": "epss", "scoring_elements": "0.59934", "published_at": "2026-06-09T12:55:00Z" }, { "value": "0.00382", "scoring_system": "epss", "scoring_elements": "0.59939", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.00382", "scoring_system": "epss", "scoring_elements": "0.5989", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.00382", "scoring_system": "epss", "scoring_elements": "0.59933", "published_at": "2026-06-07T12:55:00Z" }, { "value": "0.00382", "scoring_system": "epss", "scoring_elements": "0.59915", "published_at": "2026-06-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-2366" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-2366", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-2366" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.8", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:P/I:P/A:P" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://security.gentoo.org/glsa/201706-15", "reference_id": "GLSA-201706-15", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201706-15" }, { "reference_url": "https://usn.ubuntu.com/3200-1/", "reference_id": "USN-3200-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3200-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/390727?format=api", "purl": "pkg:apk/alpine/webkit2gtk@2.14.5-r0?arch=armv7&distroversion=v3.20&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/webkit2gtk@2.14.5-r0%3Farch=armv7&distroversion=v3.20&reponame=community" } ], "aliases": [ "CVE-2017-2366" ], "risk_score": 1.7, "exploitability": "0.5", "weighted_severity": "3.4", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-qhs5-kw44-fbdh" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/104279?format=api", "vulnerability_id": "VCID-r9qm-9pzj-mbed", "summary": "An issue was discovered in certain Apple products. iOS before 10.2.1 is affected. Safari before 10.0.3 is affected. tvOS before 10.1.1 is affected. watchOS before 3.1.3 is affected. The issue involves the \"WebKit\" component. It allows remote attackers to bypass the Same Origin Policy and obtain sensitive information via a crafted web site.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-2363", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.12341", "scoring_system": "epss", "scoring_elements": "0.94009", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.12341", "scoring_system": "epss", "scoring_elements": "0.94018", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.12341", "scoring_system": "epss", "scoring_elements": "0.94017", "published_at": "2026-06-08T12:55:00Z" }, { "value": "0.12341", "scoring_system": "epss", "scoring_elements": "0.94019", "published_at": "2026-06-07T12:55:00Z" }, { "value": "0.12341", "scoring_system": "epss", "scoring_elements": "0.94023", "published_at": "2026-06-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-2363" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-2363", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-2363" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:P/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.chromium.org/p/project-zero/issues/detail?id=1049", "reference_id": "CVE-2017-2363;HT207487;HT207485;HT207484;HT207482", "reference_type": "exploit", "scores": [], "url": "https://bugs.chromium.org/p/project-zero/issues/detail?id=1049" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/macos/webapps/41449.html", "reference_id": "CVE-2017-2363;HT207487;HT207485;HT207484;HT207482", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/macos/webapps/41449.html" }, { "reference_url": "https://security.gentoo.org/glsa/201706-15", "reference_id": "GLSA-201706-15", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201706-15" }, { "reference_url": "https://usn.ubuntu.com/3200-1/", "reference_id": "USN-3200-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3200-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/390727?format=api", "purl": "pkg:apk/alpine/webkit2gtk@2.14.5-r0?arch=armv7&distroversion=v3.20&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/webkit2gtk@2.14.5-r0%3Farch=armv7&distroversion=v3.20&reponame=community" } ], "aliases": [ "CVE-2017-2363" ], "risk_score": 4.2, "exploitability": "2.0", "weighted_severity": "2.1", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-r9qm-9pzj-mbed" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/104284?format=api", "vulnerability_id": "VCID-s9xg-273a-vbcf", "summary": "An issue was discovered in certain Apple products. iOS before 10.2.1 is affected. The issue involves the \"WebKit\" component, which allows remote attackers to launch popups via a crafted web site.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-2371", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.06793", "scoring_system": "epss", "scoring_elements": "0.91493", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.06793", "scoring_system": "epss", "scoring_elements": "0.91502", "published_at": "2026-06-09T12:55:00Z" }, { "value": "0.06793", "scoring_system": "epss", "scoring_elements": "0.91491", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.06793", "scoring_system": "epss", "scoring_elements": "0.91478", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.06793", "scoring_system": "epss", "scoring_elements": "0.9149", "published_at": "2026-06-07T12:55:00Z" }, { "value": "0.06793", "scoring_system": "epss", "scoring_elements": "0.91487", "published_at": "2026-06-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-2371" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-2371", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-2371" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:N/I:P/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.chromium.org/p/project-zero/issues/detail?id=1050", "reference_id": "CVE-2017-2371;HT207482", "reference_type": "exploit", "scores": [], "url": "https://bugs.chromium.org/p/project-zero/issues/detail?id=1050" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/webapps/41451.html", "reference_id": "CVE-2017-2371;HT207482", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/webapps/41451.html" }, { "reference_url": "https://security.gentoo.org/glsa/201706-15", "reference_id": "GLSA-201706-15", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201706-15" }, { "reference_url": "https://usn.ubuntu.com/3200-1/", "reference_id": "USN-3200-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3200-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/390727?format=api", "purl": "pkg:apk/alpine/webkit2gtk@2.14.5-r0?arch=armv7&distroversion=v3.20&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/webkit2gtk@2.14.5-r0%3Farch=armv7&distroversion=v3.20&reponame=community" } ], "aliases": [ "CVE-2017-2371" ], "risk_score": 4.2, "exploitability": "2.0", "weighted_severity": "2.1", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-s9xg-273a-vbcf" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/104276?format=api", "vulnerability_id": "VCID-sx7v-ryw5-gkdq", "summary": "An issue was discovered in certain Apple products. iOS before 10.2.1 is affected. Safari before 10.0.3 is affected. iCloud before 6.1.1 is affected. iTunes before 12.5.5 is affected. tvOS before 10.1.1 is affected. The issue involves the \"WebKit\" component. It allows remote attackers to execute arbitrary code or cause a denial of service (uninitialized memory access and application crash) via a crafted web site.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-2355", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00235", "scoring_system": "epss", "scoring_elements": "0.46553", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.00235", "scoring_system": "epss", "scoring_elements": "0.46518", "published_at": "2026-06-09T12:55:00Z" }, { "value": "0.00235", "scoring_system": "epss", "scoring_elements": "0.46552", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.00235", "scoring_system": "epss", "scoring_elements": "0.46486", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.00235", "scoring_system": "epss", "scoring_elements": "0.46532", "published_at": "2026-06-07T12:55:00Z" }, { "value": "0.00235", "scoring_system": "epss", "scoring_elements": "0.46506", "published_at": "2026-06-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-2355" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-2355", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-2355" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.8", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:P/I:P/A:P" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://security.gentoo.org/glsa/201706-15", "reference_id": "GLSA-201706-15", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201706-15" }, { "reference_url": "https://usn.ubuntu.com/3200-1/", "reference_id": "USN-3200-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3200-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/390727?format=api", "purl": "pkg:apk/alpine/webkit2gtk@2.14.5-r0?arch=armv7&distroversion=v3.20&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/webkit2gtk@2.14.5-r0%3Farch=armv7&distroversion=v3.20&reponame=community" } ], "aliases": [ "CVE-2017-2355" ], "risk_score": 1.7, "exploitability": "0.5", "weighted_severity": "3.4", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-sx7v-ryw5-gkdq" } ], "risk_score": null, "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/webkit2gtk@2.14.5-r0%3Farch=armv7&distroversion=v3.20&reponame=community" }