{"url":"http://public2.vulnerablecode.io/api/packages/457004?format=json","purl":"pkg:apk/alpine/wireshark@2.2.6-r0?arch=armhf&distroversion=v3.17&reponame=community","type":"apk","namespace":"alpine","name":"wireshark","version":"2.2.6-r0","qualifiers":{"arch":"armhf","distroversion":"v3.17","reponame":"community"},"subpath":"","is_vulnerable":false,"next_non_vulnerable_version":"2.2.7-r0","latest_non_vulnerable_version":"3.6.8-r0","affected_by_vulnerabilities":[],"fixing_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/105224?format=json","vulnerability_id":"VCID-3nyc-ahsd-zycq","summary":"In Wireshark 2.2.0 to 2.2.5 and 2.0.0 to 2.0.11, the RPC over RDMA dissector could go into an infinite loop, triggered by packet injection or a malformed capture file. This was addressed in epan/dissectors/packet-rpcrdma.c by correctly checking for going beyond the maximum offset.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7705.json","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7705.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-7705","reference_id":"","reference_type":"","scores":[{"value":"0.0053","scoring_system":"epss","scoring_elements":"0.67616","published_at":"2026-06-09T12:55:00Z"},{"value":"0.0053","scoring_system":"epss","scoring_elements":"0.67628","published_at":"2026-06-06T12:55:00Z"},{"value":"0.0053","scoring_system":"epss","scoring_elements":"0.67618","published_at":"2026-06-07T12:55:00Z"},{"value":"0.0053","scoring_system":"epss","scoring_elements":"0.67601","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00533","scoring_system":"epss","scoring_elements":"0.67739","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00533","scoring_system":"epss","scoring_elements":"0.67779","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-7705"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7705","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7705"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.1","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:N/I:N/A:C"},{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1441972","reference_id":"1441972","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1441972"},{"reference_url":"https://security.gentoo.org/glsa/201706-12","reference_id":"GLSA-201706-12","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201706-12"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/457004?format=json","purl":"pkg:apk/alpine/wireshark@2.2.6-r0?arch=armhf&distroversion=v3.17&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/wireshark@2.2.6-r0%3Farch=armhf&distroversion=v3.17&reponame=community"}],"aliases":["CVE-2017-7705"],"risk_score":2.6,"exploitability":"0.5","weighted_severity":"5.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-3nyc-ahsd-zycq"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/105218?format=json","vulnerability_id":"VCID-84ba-yfr9-x7bp","summary":"In Wireshark 2.2.0 to 2.2.5 and 2.0.0 to 2.0.11, the NetScaler file parser could go into an infinite loop, triggered by a malformed capture file. This was addressed in wiretap/netscaler.c by ensuring a nonzero record size.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7700.json","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7700.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-7700","reference_id":"","reference_type":"","scores":[{"value":"0.00282","scoring_system":"epss","scoring_elements":"0.51805","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00282","scoring_system":"epss","scoring_elements":"0.51839","published_at":"2026-06-09T12:55:00Z"},{"value":"0.00282","scoring_system":"epss","scoring_elements":"0.51851","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00282","scoring_system":"epss","scoring_elements":"0.5182","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00282","scoring_system":"epss","scoring_elements":"0.51864","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00282","scoring_system":"epss","scoring_elements":"0.51873","published_at":"2026-06-06T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-7700"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7700","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7700"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.1","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:N/I:N/A:C"},{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1441971","reference_id":"1441971","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1441971"},{"reference_url":"https://security.gentoo.org/glsa/201706-12","reference_id":"GLSA-201706-12","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201706-12"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/457004?format=json","purl":"pkg:apk/alpine/wireshark@2.2.6-r0?arch=armhf&distroversion=v3.17&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/wireshark@2.2.6-r0%3Farch=armhf&distroversion=v3.17&reponame=community"}],"aliases":["CVE-2017-7700"],"risk_score":2.6,"exploitability":"0.5","weighted_severity":"5.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-84ba-yfr9-x7bp"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/105222?format=json","vulnerability_id":"VCID-9f66-rcng-qfdu","summary":"In Wireshark 2.2.0 to 2.2.5 and 2.0.0 to 2.0.11, the IMAP dissector could crash, triggered by packet injection or a malformed capture file. This was addressed in epan/dissectors/packet-imap.c by calculating a line's end correctly.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7703.json","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7703.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-7703","reference_id":"","reference_type":"","scores":[{"value":"0.00915","scoring_system":"epss","scoring_elements":"0.76291","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00915","scoring_system":"epss","scoring_elements":"0.76326","published_at":"2026-06-09T12:55:00Z"},{"value":"0.00915","scoring_system":"epss","scoring_elements":"0.76313","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00915","scoring_system":"epss","scoring_elements":"0.76302","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00915","scoring_system":"epss","scoring_elements":"0.76317","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00915","scoring_system":"epss","scoring_elements":"0.76319","published_at":"2026-06-06T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-7703"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7703","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7703"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"1.9","scoring_system":"cvssv2","scoring_elements":"AV:L/AC:M/Au:N/C:N/I:N/A:P"},{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1441969","reference_id":"1441969","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1441969"},{"reference_url":"https://security.gentoo.org/glsa/201706-12","reference_id":"GLSA-201706-12","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201706-12"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/457004?format=json","purl":"pkg:apk/alpine/wireshark@2.2.6-r0?arch=armhf&distroversion=v3.17&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/wireshark@2.2.6-r0%3Farch=armhf&distroversion=v3.17&reponame=community"}],"aliases":["CVE-2017-7703"],"risk_score":2.6,"exploitability":"0.5","weighted_severity":"5.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-9f66-rcng-qfdu"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/105220?format=json","vulnerability_id":"VCID-bs5s-3wbm-2ueb","summary":"In Wireshark 2.2.0 to 2.2.5 and 2.0.0 to 2.0.11, the BGP dissector could go into an infinite loop, triggered by packet injection or a malformed capture file. This was addressed in epan/dissectors/packet-bgp.c by using a different integer data type.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7701.json","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7701.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-7701","reference_id":"","reference_type":"","scores":[{"value":"0.00694","scoring_system":"epss","scoring_elements":"0.72272","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00694","scoring_system":"epss","scoring_elements":"0.72311","published_at":"2026-06-09T12:55:00Z"},{"value":"0.00694","scoring_system":"epss","scoring_elements":"0.723","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00694","scoring_system":"epss","scoring_elements":"0.72285","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00694","scoring_system":"epss","scoring_elements":"0.72314","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00694","scoring_system":"epss","scoring_elements":"0.7232","published_at":"2026-06-06T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-7701"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7701","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7701"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:N/I:N/A:P"},{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1441973","reference_id":"1441973","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1441973"},{"reference_url":"https://security.gentoo.org/glsa/201706-12","reference_id":"GLSA-201706-12","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201706-12"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/457004?format=json","purl":"pkg:apk/alpine/wireshark@2.2.6-r0?arch=armhf&distroversion=v3.17&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/wireshark@2.2.6-r0%3Farch=armhf&distroversion=v3.17&reponame=community"}],"aliases":["CVE-2017-7701"],"risk_score":2.6,"exploitability":"0.5","weighted_severity":"5.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-bs5s-3wbm-2ueb"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/105221?format=json","vulnerability_id":"VCID-kyww-pm96-yfgb","summary":"In Wireshark 2.2.0 to 2.2.5 and 2.0.0 to 2.0.11, the WBXML dissector could go into an infinite loop, triggered by packet injection or a malformed capture file. This was addressed in epan/dissectors/packet-wbxml.c by adding length validation.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7702.json","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7702.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-7702","reference_id":"","reference_type":"","scores":[{"value":"0.0053","scoring_system":"epss","scoring_elements":"0.6758","published_at":"2026-06-04T12:55:00Z"},{"value":"0.0053","scoring_system":"epss","scoring_elements":"0.67616","published_at":"2026-06-09T12:55:00Z"},{"value":"0.0053","scoring_system":"epss","scoring_elements":"0.67628","published_at":"2026-06-06T12:55:00Z"},{"value":"0.0053","scoring_system":"epss","scoring_elements":"0.67618","published_at":"2026-06-07T12:55:00Z"},{"value":"0.0053","scoring_system":"epss","scoring_elements":"0.67601","published_at":"2026-06-08T12:55:00Z"},{"value":"0.0053","scoring_system":"epss","scoring_elements":"0.67621","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-7702"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7702","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7702"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.1","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:N/I:N/A:C"},{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1441970","reference_id":"1441970","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1441970"},{"reference_url":"https://security.archlinux.org/ASA-201707-28","reference_id":"ASA-201707-28","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201707-28"},{"reference_url":"https://security.archlinux.org/AVG-356","reference_id":"AVG-356","reference_type":"","scores":[{"value":"Low","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-356"},{"reference_url":"https://security.gentoo.org/glsa/201706-12","reference_id":"GLSA-201706-12","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201706-12"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/457004?format=json","purl":"pkg:apk/alpine/wireshark@2.2.6-r0?arch=armhf&distroversion=v3.17&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/wireshark@2.2.6-r0%3Farch=armhf&distroversion=v3.17&reponame=community"}],"aliases":["CVE-2017-7702"],"risk_score":2.6,"exploitability":"0.5","weighted_severity":"5.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-kyww-pm96-yfgb"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/105223?format=json","vulnerability_id":"VCID-xz2z-ewyj-67bh","summary":"In Wireshark 2.2.0 to 2.2.5, the DOF dissector could go into an infinite loop, triggered by packet injection or a malformed capture file. This was addressed in epan/dissectors/packet-dof.c by using a different integer data type and adjusting a return value.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7704.json","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7704.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-7704","reference_id":"","reference_type":"","scores":[{"value":"0.00694","scoring_system":"epss","scoring_elements":"0.72272","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00694","scoring_system":"epss","scoring_elements":"0.72311","published_at":"2026-06-09T12:55:00Z"},{"value":"0.00694","scoring_system":"epss","scoring_elements":"0.723","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00694","scoring_system":"epss","scoring_elements":"0.72285","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00694","scoring_system":"epss","scoring_elements":"0.72314","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00694","scoring_system":"epss","scoring_elements":"0.7232","published_at":"2026-06-06T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-7704"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7704","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7704"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.1","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:N/I:N/A:C"},{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1441975","reference_id":"1441975","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1441975"},{"reference_url":"https://security.gentoo.org/glsa/201706-12","reference_id":"GLSA-201706-12","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201706-12"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/457004?format=json","purl":"pkg:apk/alpine/wireshark@2.2.6-r0?arch=armhf&distroversion=v3.17&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/wireshark@2.2.6-r0%3Farch=armhf&distroversion=v3.17&reponame=community"}],"aliases":["CVE-2017-7704"],"risk_score":2.6,"exploitability":"0.5","weighted_severity":"5.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-xz2z-ewyj-67bh"}],"risk_score":null,"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/wireshark@2.2.6-r0%3Farch=armhf&distroversion=v3.17&reponame=community"}