{"url":"http://public2.vulnerablecode.io/api/packages/476166?format=json","purl":"pkg:apk/alpine/webkit2gtk@2.18.4-r0?arch=armhf&distroversion=v3.19&reponame=community","type":"apk","namespace":"alpine","name":"webkit2gtk","version":"2.18.4-r0","qualifiers":{"arch":"armhf","distroversion":"v3.19","reponame":"community"},"subpath":"","is_vulnerable":false,"next_non_vulnerable_version":"2.22.4-r0","latest_non_vulnerable_version":"2.36.5-r0","affected_by_vulnerabilities":[],"fixing_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/104266?format=json","vulnerability_id":"VCID-91y5-h3dr-jqh4","summary":"An issue was discovered in certain Apple products. iOS before 11.2 is affected. Safari before 11.0.2 is affected. iCloud before 7.2 on Windows is affected. iTunes before 12.7.2 on Windows is affected. tvOS before 11.2 is affected. The issue involves the \"WebKit\" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-13856.json","reference_id":"","reference_type":"","scores":[{"value":"6.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-13856.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-13856","reference_id":"","reference_type":"","scores":[{"value":"0.00947","scoring_system":"epss","scoring_elements":"0.76722","published_at":"2026-06-09T12:55:00Z"},{"value":"0.00947","scoring_system":"epss","scoring_elements":"0.767","published_at":"2026-06-08T12:55:00Z"},{"value":"0.0198","scoring_system":"epss","scoring_elements":"0.83915","published_at":"2026-06-05T12:55:00Z"},{"value":"0.0198","scoring_system":"epss","scoring_elements":"0.83918","published_at":"2026-06-06T12:55:00Z"},{"value":"0.0198","scoring_system":"epss","scoring_elements":"0.83913","published_at":"2026-06-07T12:55:00Z"},{"value":"0.0198","scoring_system":"epss","scoring_elements":"0.83892","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-13856"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13856","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13856"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:P/I:P/A:P"},{"value":"6.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1527747","reference_id":"1527747","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1527747"},{"reference_url":"https://security.gentoo.org/glsa/201801-09","reference_id":"GLSA-201801-09","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201801-09"},{"reference_url":"https://usn.ubuntu.com/3514-1/","reference_id":"USN-3514-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3514-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/476166?format=json","purl":"pkg:apk/alpine/webkit2gtk@2.18.4-r0?arch=armhf&distroversion=v3.19&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/webkit2gtk@2.18.4-r0%3Farch=armhf&distroversion=v3.19&reponame=community"}],"aliases":["CVE-2017-13856"],"risk_score":2.9,"exploitability":"0.5","weighted_severity":"5.7","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-91y5-h3dr-jqh4"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/104269?format=json","vulnerability_id":"VCID-ar4k-6ngw-wubj","summary":"An issue was discovered in certain Apple products. iOS before 11.2 is affected. Safari before 11.0.2 is affected. iCloud before 7.2 on Windows is affected. iTunes before 12.7.2 on Windows is affected. tvOS before 11.2 is affected. The issue involves the \"WebKit\" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-13870.json","reference_id":"","reference_type":"","scores":[{"value":"6.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-13870.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-13870","reference_id":"","reference_type":"","scores":[{"value":"0.0198","scoring_system":"epss","scoring_elements":"0.83892","published_at":"2026-06-04T12:55:00Z"},{"value":"0.0198","scoring_system":"epss","scoring_elements":"0.83917","published_at":"2026-06-09T12:55:00Z"},{"value":"0.0198","scoring_system":"epss","scoring_elements":"0.83913","published_at":"2026-06-07T12:55:00Z"},{"value":"0.0198","scoring_system":"epss","scoring_elements":"0.83903","published_at":"2026-06-08T12:55:00Z"},{"value":"0.0198","scoring_system":"epss","scoring_elements":"0.83915","published_at":"2026-06-05T12:55:00Z"},{"value":"0.0198","scoring_system":"epss","scoring_elements":"0.83918","published_at":"2026-06-06T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-13870"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13870","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13870"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:P/I:P/A:P"},{"value":"6.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1527757","reference_id":"1527757","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1527757"},{"reference_url":"https://security.gentoo.org/glsa/201801-09","reference_id":"GLSA-201801-09","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201801-09"},{"reference_url":"https://usn.ubuntu.com/3514-1/","reference_id":"USN-3514-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3514-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/476166?format=json","purl":"pkg:apk/alpine/webkit2gtk@2.18.4-r0?arch=armhf&distroversion=v3.19&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/webkit2gtk@2.18.4-r0%3Farch=armhf&distroversion=v3.19&reponame=community"}],"aliases":["CVE-2017-13870"],"risk_score":2.9,"exploitability":"0.5","weighted_severity":"5.7","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ar4k-6ngw-wubj"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/104408?format=json","vulnerability_id":"VCID-skbt-pqsk-33b3","summary":"An issue was discovered in certain Apple products. iOS before 11.2 is affected. Safari before 11.0.2 is affected. iCloud before 7.2 on Windows is affected. iTunes before 12.7.2 on Windows is affected. tvOS before 11.2 is affected. The issue involves the \"WebKit\" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7157.json","reference_id":"","reference_type":"","scores":[{"value":"6.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7157.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-7157","reference_id":"","reference_type":"","scores":[{"value":"0.0198","scoring_system":"epss","scoring_elements":"0.83892","published_at":"2026-06-04T12:55:00Z"},{"value":"0.0198","scoring_system":"epss","scoring_elements":"0.83917","published_at":"2026-06-09T12:55:00Z"},{"value":"0.0198","scoring_system":"epss","scoring_elements":"0.83913","published_at":"2026-06-07T12:55:00Z"},{"value":"0.0198","scoring_system":"epss","scoring_elements":"0.83903","published_at":"2026-06-08T12:55:00Z"},{"value":"0.0198","scoring_system":"epss","scoring_elements":"0.83915","published_at":"2026-06-05T12:55:00Z"},{"value":"0.0198","scoring_system":"epss","scoring_elements":"0.83918","published_at":"2026-06-06T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-7157"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7157","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7157"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:P/I:P/A:P"},{"value":"6.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1527760","reference_id":"1527760","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1527760"},{"reference_url":"https://security.gentoo.org/glsa/201801-09","reference_id":"GLSA-201801-09","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201801-09"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/476166?format=json","purl":"pkg:apk/alpine/webkit2gtk@2.18.4-r0?arch=armhf&distroversion=v3.19&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/webkit2gtk@2.18.4-r0%3Farch=armhf&distroversion=v3.19&reponame=community"}],"aliases":["CVE-2017-7157"],"risk_score":2.9,"exploitability":"0.5","weighted_severity":"5.7","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-skbt-pqsk-33b3"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/104267?format=json","vulnerability_id":"VCID-u54k-r36u-z7h9","summary":"An issue was discovered in certain Apple products. iOS before 11.2 is affected. Safari before 11.0.2 is affected. iCloud before 7.2 on Windows is affected. iTunes before 12.7.2 on Windows is affected. tvOS before 11.2 is affected. The issue involves the \"WebKit\" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-13866.json","reference_id":"","reference_type":"","scores":[{"value":"6.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-13866.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-13866","reference_id":"","reference_type":"","scores":[{"value":"0.0198","scoring_system":"epss","scoring_elements":"0.83892","published_at":"2026-06-04T12:55:00Z"},{"value":"0.0198","scoring_system":"epss","scoring_elements":"0.83917","published_at":"2026-06-09T12:55:00Z"},{"value":"0.0198","scoring_system":"epss","scoring_elements":"0.83913","published_at":"2026-06-07T12:55:00Z"},{"value":"0.0198","scoring_system":"epss","scoring_elements":"0.83903","published_at":"2026-06-08T12:55:00Z"},{"value":"0.0198","scoring_system":"epss","scoring_elements":"0.83915","published_at":"2026-06-05T12:55:00Z"},{"value":"0.0198","scoring_system":"epss","scoring_elements":"0.83918","published_at":"2026-06-06T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-13866"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13866","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13866"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:P/I:P/A:P"},{"value":"6.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1527756","reference_id":"1527756","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1527756"},{"reference_url":"https://security.gentoo.org/glsa/201801-09","reference_id":"GLSA-201801-09","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201801-09"},{"reference_url":"https://usn.ubuntu.com/3514-1/","reference_id":"USN-3514-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3514-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/476166?format=json","purl":"pkg:apk/alpine/webkit2gtk@2.18.4-r0?arch=armhf&distroversion=v3.19&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/webkit2gtk@2.18.4-r0%3Farch=armhf&distroversion=v3.19&reponame=community"}],"aliases":["CVE-2017-13866"],"risk_score":2.9,"exploitability":"0.5","weighted_severity":"5.7","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-u54k-r36u-z7h9"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/104407?format=json","vulnerability_id":"VCID-yvw5-2jfz-43br","summary":"An issue was discovered in certain Apple products. iOS before 11.2 is affected. Safari before 11.0.2 is affected. iCloud before 7.2 on Windows is affected. iTunes before 12.7.2 on Windows is affected. tvOS before 11.2 is affected. The issue involves the \"WebKit\" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7156.json","reference_id":"","reference_type":"","scores":[{"value":"6.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7156.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-7156","reference_id":"","reference_type":"","scores":[{"value":"0.00947","scoring_system":"epss","scoring_elements":"0.76687","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00947","scoring_system":"epss","scoring_elements":"0.767","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00947","scoring_system":"epss","scoring_elements":"0.76722","published_at":"2026-06-09T12:55:00Z"},{"value":"0.00947","scoring_system":"epss","scoring_elements":"0.76711","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00947","scoring_system":"epss","scoring_elements":"0.76716","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-7156"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7156","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7156"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:P/I:P/A:P"},{"value":"6.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1527759","reference_id":"1527759","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1527759"},{"reference_url":"https://security.gentoo.org/glsa/201801-09","reference_id":"GLSA-201801-09","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201801-09"},{"reference_url":"https://usn.ubuntu.com/3514-1/","reference_id":"USN-3514-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3514-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/476166?format=json","purl":"pkg:apk/alpine/webkit2gtk@2.18.4-r0?arch=armhf&distroversion=v3.19&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/webkit2gtk@2.18.4-r0%3Farch=armhf&distroversion=v3.19&reponame=community"}],"aliases":["CVE-2017-7156"],"risk_score":2.9,"exploitability":"0.5","weighted_severity":"5.7","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-yvw5-2jfz-43br"}],"risk_score":null,"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/webkit2gtk@2.18.4-r0%3Farch=armhf&distroversion=v3.19&reponame=community"}