{"url":"http://public2.vulnerablecode.io/api/packages/5821?format=json","purl":"pkg:deb/debian/tcpreplay@3.4.4-2","type":"deb","namespace":"debian","name":"tcpreplay","version":"3.4.4-2","qualifiers":{},"subpath":"","is_vulnerable":true,"next_non_vulnerable_version":"4.5.2-1","latest_non_vulnerable_version":"4.5.2-1","affected_by_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/102057?format=json","vulnerability_id":"VCID-4n7j-r5az-7ubn","summary":"Tcpreplay before 4.3.1 has a heap-based buffer over-read in packet2tree in tree.c.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-20552","reference_id":"","reference_type":"","scores":[{"value":"0.00213","scoring_system":"epss","scoring_elements":"0.43885","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00213","scoring_system":"epss","scoring_elements":"0.43955","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00213","scoring_system":"epss","scoring_elements":"0.43964","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00213","scoring_system":"epss","scoring_elements":"0.43939","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00213","scoring_system":"epss","scoring_elements":"0.43904","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00213","scoring_system":"epss","scoring_elements":"0.43914","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-20552"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20552","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20552"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=917574","reference_id":"917574","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=917574"},{"reference_url":"https://usn.ubuntu.com/USN-5205-1/","reference_id":"USN-USN-5205-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/USN-5205-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/5824?format=json","purl":"pkg:deb/debian/tcpreplay@4.3.1-1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-a68t-cu78-duay"},{"vulnerability":"VCID-akvk-777h-qyej"},{"vulnerability":"VCID-ecxu-484v-xygm"},{"vulnerability":"VCID-gprh-wzs6-57cj"},{"vulnerability":"VCID-u4q2-42mf-jfga"},{"vulnerability":"VCID-veqv-p9ca-eyee"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tcpreplay@4.3.1-1"}],"aliases":["CVE-2018-20552"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-4n7j-r5az-7ubn"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/102054?format=json","vulnerability_id":"VCID-7web-fj9b-mybg","summary":"A heap-based buffer over-read was discovered in the tcpreplay-edit binary of Tcpreplay 4.3.0 beta1, during the incremental checksum operation. The issue gets triggered in the function csum_replace4() in incremental_checksum.h, causing a denial of service.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-18407","reference_id":"","reference_type":"","scores":[{"value":"0.00282","scoring_system":"epss","scoring_elements":"0.51827","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00282","scoring_system":"epss","scoring_elements":"0.51885","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00282","scoring_system":"epss","scoring_elements":"0.51894","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00282","scoring_system":"epss","scoring_elements":"0.51873","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00282","scoring_system":"epss","scoring_elements":"0.51842","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00282","scoring_system":"epss","scoring_elements":"0.51861","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-18407"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-18407","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-18407"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=911454","reference_id":"911454","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=911454"},{"reference_url":"https://usn.ubuntu.com/USN-5205-1/","reference_id":"USN-USN-5205-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/USN-5205-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/5824?format=json","purl":"pkg:deb/debian/tcpreplay@4.3.1-1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-a68t-cu78-duay"},{"vulnerability":"VCID-akvk-777h-qyej"},{"vulnerability":"VCID-ecxu-484v-xygm"},{"vulnerability":"VCID-gprh-wzs6-57cj"},{"vulnerability":"VCID-u4q2-42mf-jfga"},{"vulnerability":"VCID-veqv-p9ca-eyee"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tcpreplay@4.3.1-1"}],"aliases":["CVE-2018-18407"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-7web-fj9b-mybg"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/102048?format=json","vulnerability_id":"VCID-9j2g-f6t3-3bg5","summary":"tcprewrite in tcpreplay before 4.1.2 allows remote attackers to cause a denial of service (segmentation fault) via a large frame, a related issue to CVE-2017-14266.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-6160","reference_id":"","reference_type":"","scores":[{"value":"0.0062","scoring_system":"epss","scoring_elements":"0.70417","published_at":"2026-06-04T12:55:00Z"},{"value":"0.0062","scoring_system":"epss","scoring_elements":"0.70458","published_at":"2026-06-05T12:55:00Z"},{"value":"0.0062","scoring_system":"epss","scoring_elements":"0.70467","published_at":"2026-06-06T12:55:00Z"},{"value":"0.0062","scoring_system":"epss","scoring_elements":"0.7045","published_at":"2026-06-07T12:55:00Z"},{"value":"0.0062","scoring_system":"epss","scoring_elements":"0.70438","published_at":"2026-06-08T12:55:00Z"},{"value":"0.0062","scoring_system":"epss","scoring_elements":"0.70461","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-6160"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6160","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6160"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=829350","reference_id":"829350","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=829350"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/5823?format=json","purl":"pkg:deb/debian/tcpreplay@3.4.4-3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4n7j-r5az-7ubn"},{"vulnerability":"VCID-7web-fj9b-mybg"},{"vulnerability":"VCID-a68t-cu78-duay"},{"vulnerability":"VCID-akvk-777h-qyej"},{"vulnerability":"VCID-d1b3-k5c8-tffv"},{"vulnerability":"VCID-ecxu-484v-xygm"},{"vulnerability":"VCID-gprh-wzs6-57cj"},{"vulnerability":"VCID-gvg4-ghcz-r7h5"},{"vulnerability":"VCID-hw45-wrab-r3e9"},{"vulnerability":"VCID-pmqf-2y4d-gfb2"},{"vulnerability":"VCID-qxpq-9dnq-9kdb"},{"vulnerability":"VCID-u4q2-42mf-jfga"},{"vulnerability":"VCID-veqv-p9ca-eyee"},{"vulnerability":"VCID-y4wh-5hg3-k7ec"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tcpreplay@3.4.4-3"}],"aliases":["CVE-2016-6160"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-9j2g-f6t3-3bg5"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/102062?format=json","vulnerability_id":"VCID-a68t-cu78-duay","summary":"Heap-buffer overflow in the randomize_iparp function in edit_packet.c. of Tcpreplay v4.3.2 allows attackers to cause a denial of service (DOS) via a crafted pcap.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-23273","reference_id":"","reference_type":"","scores":[{"value":"0.00161","scoring_system":"epss","scoring_elements":"0.36743","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00161","scoring_system":"epss","scoring_elements":"0.36835","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00161","scoring_system":"epss","scoring_elements":"0.36841","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00161","scoring_system":"epss","scoring_elements":"0.36806","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00161","scoring_system":"epss","scoring_elements":"0.36768","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00161","scoring_system":"epss","scoring_elements":"0.36781","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-23273"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-23273","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-23273"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/5825?format=json","purl":"pkg:deb/debian/tcpreplay@4.3.3-2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4r9m-bgcb-5qh8"},{"vulnerability":"VCID-5cau-18mr-kuan"},{"vulnerability":"VCID-7x5v-269w-k7dk"},{"vulnerability":"VCID-8mb3-jqas-d3ct"},{"vulnerability":"VCID-9353-9rs4-aya8"},{"vulnerability":"VCID-aa6z-puc9-b7et"},{"vulnerability":"VCID-aarc-k2zj-43ct"},{"vulnerability":"VCID-advk-e3w8-4fdp"},{"vulnerability":"VCID-b7p8-vv49-qqgu"},{"vulnerability":"VCID-bfbt-mv5d-vkhy"},{"vulnerability":"VCID-bk8t-sj6f-fyau"},{"vulnerability":"VCID-cj8f-yw83-c7hj"},{"vulnerability":"VCID-dm4j-kbxb-gbed"},{"vulnerability":"VCID-fb3w-p83c-yfdm"},{"vulnerability":"VCID-hcyv-wr46-dffs"},{"vulnerability":"VCID-k5bg-hqhm-6kg2"},{"vulnerability":"VCID-kp1j-h1mf-auap"},{"vulnerability":"VCID-m5h4-rgz8-57ak"},{"vulnerability":"VCID-mwj4-7bcn-3ygx"},{"vulnerability":"VCID-pvjf-3wcs-2ffy"},{"vulnerability":"VCID-q6td-s3sz-s7cj"},{"vulnerability":"VCID-ryv8-acv5-t7h8"},{"vulnerability":"VCID-rz31-v75n-wkc8"},{"vulnerability":"VCID-s9g8-sckb-tkfw"},{"vulnerability":"VCID-tp3u-gh67-kqg2"},{"vulnerability":"VCID-ttcc-5rsd-xyfy"},{"vulnerability":"VCID-u3h9-v2d6-akbm"},{"vulnerability":"VCID-v7qj-czys-37dy"},{"vulnerability":"VCID-vkhr-4x7z-nbc3"},{"vulnerability":"VCID-xy9w-6kw6-gufu"},{"vulnerability":"VCID-ynar-9vnj-sbge"},{"vulnerability":"VCID-zs6u-hmvq-3bd8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tcpreplay@4.3.3-2"}],"aliases":["CVE-2020-23273"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-a68t-cu78-duay"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/6142?format=json","vulnerability_id":"VCID-akvk-777h-qyej","summary":"multiple issues","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-8376","reference_id":"","reference_type":"","scores":[{"value":"0.00236","scoring_system":"epss","scoring_elements":"0.46736","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00236","scoring_system":"epss","scoring_elements":"0.46667","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00236","scoring_system":"epss","scoring_elements":"0.46733","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00236","scoring_system":"epss","scoring_elements":"0.46699","published_at":"2026-06-09T12:55:00Z"},{"value":"0.00236","scoring_system":"epss","scoring_elements":"0.46717","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00236","scoring_system":"epss","scoring_elements":"0.46689","published_at":"2026-06-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-8376"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8376","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8376"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=922624","reference_id":"922624","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=922624"},{"reference_url":"https://security.archlinux.org/ASA-201905-5","reference_id":"ASA-201905-5","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201905-5"},{"reference_url":"https://security.archlinux.org/AVG-902","reference_id":"AVG-902","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-902"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/5825?format=json","purl":"pkg:deb/debian/tcpreplay@4.3.3-2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4r9m-bgcb-5qh8"},{"vulnerability":"VCID-5cau-18mr-kuan"},{"vulnerability":"VCID-7x5v-269w-k7dk"},{"vulnerability":"VCID-8mb3-jqas-d3ct"},{"vulnerability":"VCID-9353-9rs4-aya8"},{"vulnerability":"VCID-aa6z-puc9-b7et"},{"vulnerability":"VCID-aarc-k2zj-43ct"},{"vulnerability":"VCID-advk-e3w8-4fdp"},{"vulnerability":"VCID-b7p8-vv49-qqgu"},{"vulnerability":"VCID-bfbt-mv5d-vkhy"},{"vulnerability":"VCID-bk8t-sj6f-fyau"},{"vulnerability":"VCID-cj8f-yw83-c7hj"},{"vulnerability":"VCID-dm4j-kbxb-gbed"},{"vulnerability":"VCID-fb3w-p83c-yfdm"},{"vulnerability":"VCID-hcyv-wr46-dffs"},{"vulnerability":"VCID-k5bg-hqhm-6kg2"},{"vulnerability":"VCID-kp1j-h1mf-auap"},{"vulnerability":"VCID-m5h4-rgz8-57ak"},{"vulnerability":"VCID-mwj4-7bcn-3ygx"},{"vulnerability":"VCID-pvjf-3wcs-2ffy"},{"vulnerability":"VCID-q6td-s3sz-s7cj"},{"vulnerability":"VCID-ryv8-acv5-t7h8"},{"vulnerability":"VCID-rz31-v75n-wkc8"},{"vulnerability":"VCID-s9g8-sckb-tkfw"},{"vulnerability":"VCID-tp3u-gh67-kqg2"},{"vulnerability":"VCID-ttcc-5rsd-xyfy"},{"vulnerability":"VCID-u3h9-v2d6-akbm"},{"vulnerability":"VCID-v7qj-czys-37dy"},{"vulnerability":"VCID-vkhr-4x7z-nbc3"},{"vulnerability":"VCID-xy9w-6kw6-gufu"},{"vulnerability":"VCID-ynar-9vnj-sbge"},{"vulnerability":"VCID-zs6u-hmvq-3bd8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tcpreplay@4.3.3-2"}],"aliases":["CVE-2019-8376"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-akvk-777h-qyej"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/102049?format=json","vulnerability_id":"VCID-cqjb-td1r-tyeb","summary":"tcprewrite in Tcpreplay 3.4.4 has a Heap-Based Buffer Overflow vulnerability triggered by a crafted PCAP file, a related issue to CVE-2016-6160.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-14266","reference_id":"","reference_type":"","scores":[{"value":"0.01454","scoring_system":"epss","scoring_elements":"0.81149","published_at":"2026-06-04T12:55:00Z"},{"value":"0.01454","scoring_system":"epss","scoring_elements":"0.81177","published_at":"2026-06-05T12:55:00Z"},{"value":"0.01454","scoring_system":"epss","scoring_elements":"0.81182","published_at":"2026-06-06T12:55:00Z"},{"value":"0.01454","scoring_system":"epss","scoring_elements":"0.81179","published_at":"2026-06-07T12:55:00Z"},{"value":"0.01454","scoring_system":"epss","scoring_elements":"0.81175","published_at":"2026-06-08T12:55:00Z"},{"value":"0.01454","scoring_system":"epss","scoring_elements":"0.81192","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-14266"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14266","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14266"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/dos/42652.txt","reference_id":"CVE-2017-14266","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/dos/42652.txt"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/5823?format=json","purl":"pkg:deb/debian/tcpreplay@3.4.4-3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4n7j-r5az-7ubn"},{"vulnerability":"VCID-7web-fj9b-mybg"},{"vulnerability":"VCID-a68t-cu78-duay"},{"vulnerability":"VCID-akvk-777h-qyej"},{"vulnerability":"VCID-d1b3-k5c8-tffv"},{"vulnerability":"VCID-ecxu-484v-xygm"},{"vulnerability":"VCID-gprh-wzs6-57cj"},{"vulnerability":"VCID-gvg4-ghcz-r7h5"},{"vulnerability":"VCID-hw45-wrab-r3e9"},{"vulnerability":"VCID-pmqf-2y4d-gfb2"},{"vulnerability":"VCID-qxpq-9dnq-9kdb"},{"vulnerability":"VCID-u4q2-42mf-jfga"},{"vulnerability":"VCID-veqv-p9ca-eyee"},{"vulnerability":"VCID-y4wh-5hg3-k7ec"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tcpreplay@3.4.4-3"}],"aliases":["CVE-2017-14266"],"risk_score":null,"exploitability":"2.0","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-cqjb-td1r-tyeb"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/102058?format=json","vulnerability_id":"VCID-d1b3-k5c8-tffv","summary":"Tcpreplay before 4.3.1 has a heap-based buffer over-read in get_l2len in common/get.c.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-20553","reference_id":"","reference_type":"","scores":[{"value":"0.00204","scoring_system":"epss","scoring_elements":"0.42511","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00204","scoring_system":"epss","scoring_elements":"0.42585","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00204","scoring_system":"epss","scoring_elements":"0.42597","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00204","scoring_system":"epss","scoring_elements":"0.4257","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00204","scoring_system":"epss","scoring_elements":"0.42534","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00204","scoring_system":"epss","scoring_elements":"0.42544","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-20553"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20553","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20553"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=917574","reference_id":"917574","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=917574"},{"reference_url":"https://usn.ubuntu.com/USN-5205-1/","reference_id":"USN-USN-5205-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/USN-5205-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/5824?format=json","purl":"pkg:deb/debian/tcpreplay@4.3.1-1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-a68t-cu78-duay"},{"vulnerability":"VCID-akvk-777h-qyej"},{"vulnerability":"VCID-ecxu-484v-xygm"},{"vulnerability":"VCID-gprh-wzs6-57cj"},{"vulnerability":"VCID-u4q2-42mf-jfga"},{"vulnerability":"VCID-veqv-p9ca-eyee"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tcpreplay@4.3.1-1"}],"aliases":["CVE-2018-20553"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-d1b3-k5c8-tffv"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/102060?format=json","vulnerability_id":"VCID-ecxu-484v-xygm","summary":"tcprewrite in Tcpreplay through 4.3.2 has a heap-based buffer over-read during a get_c operation. The issue is being triggered in the function get_ipv6_next() at common/get.c.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-12740","reference_id":"","reference_type":"","scores":[{"value":"0.00513","scoring_system":"epss","scoring_elements":"0.6695","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00513","scoring_system":"epss","scoring_elements":"0.66901","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00513","scoring_system":"epss","scoring_elements":"0.66941","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00513","scoring_system":"epss","scoring_elements":"0.66935","published_at":"2026-06-09T12:55:00Z"},{"value":"0.00513","scoring_system":"epss","scoring_elements":"0.66934","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00513","scoring_system":"epss","scoring_elements":"0.66918","published_at":"2026-06-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-12740"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12740","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12740"},{"reference_url":"https://security.archlinux.org/ASA-202007-3","reference_id":"ASA-202007-3","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-202007-3"},{"reference_url":"https://security.archlinux.org/AVG-1154","reference_id":"AVG-1154","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1154"},{"reference_url":"https://usn.ubuntu.com/USN-5205-1/","reference_id":"USN-USN-5205-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/USN-5205-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/5825?format=json","purl":"pkg:deb/debian/tcpreplay@4.3.3-2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4r9m-bgcb-5qh8"},{"vulnerability":"VCID-5cau-18mr-kuan"},{"vulnerability":"VCID-7x5v-269w-k7dk"},{"vulnerability":"VCID-8mb3-jqas-d3ct"},{"vulnerability":"VCID-9353-9rs4-aya8"},{"vulnerability":"VCID-aa6z-puc9-b7et"},{"vulnerability":"VCID-aarc-k2zj-43ct"},{"vulnerability":"VCID-advk-e3w8-4fdp"},{"vulnerability":"VCID-b7p8-vv49-qqgu"},{"vulnerability":"VCID-bfbt-mv5d-vkhy"},{"vulnerability":"VCID-bk8t-sj6f-fyau"},{"vulnerability":"VCID-cj8f-yw83-c7hj"},{"vulnerability":"VCID-dm4j-kbxb-gbed"},{"vulnerability":"VCID-fb3w-p83c-yfdm"},{"vulnerability":"VCID-hcyv-wr46-dffs"},{"vulnerability":"VCID-k5bg-hqhm-6kg2"},{"vulnerability":"VCID-kp1j-h1mf-auap"},{"vulnerability":"VCID-m5h4-rgz8-57ak"},{"vulnerability":"VCID-mwj4-7bcn-3ygx"},{"vulnerability":"VCID-pvjf-3wcs-2ffy"},{"vulnerability":"VCID-q6td-s3sz-s7cj"},{"vulnerability":"VCID-ryv8-acv5-t7h8"},{"vulnerability":"VCID-rz31-v75n-wkc8"},{"vulnerability":"VCID-s9g8-sckb-tkfw"},{"vulnerability":"VCID-tp3u-gh67-kqg2"},{"vulnerability":"VCID-ttcc-5rsd-xyfy"},{"vulnerability":"VCID-u3h9-v2d6-akbm"},{"vulnerability":"VCID-v7qj-czys-37dy"},{"vulnerability":"VCID-vkhr-4x7z-nbc3"},{"vulnerability":"VCID-xy9w-6kw6-gufu"},{"vulnerability":"VCID-ynar-9vnj-sbge"},{"vulnerability":"VCID-zs6u-hmvq-3bd8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tcpreplay@4.3.3-2"}],"aliases":["CVE-2020-12740"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ecxu-484v-xygm"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/6141?format=json","vulnerability_id":"VCID-gprh-wzs6-57cj","summary":"multiple issues","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-8377","reference_id":"","reference_type":"","scores":[{"value":"0.00231","scoring_system":"epss","scoring_elements":"0.46015","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00231","scoring_system":"epss","scoring_elements":"0.45943","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00231","scoring_system":"epss","scoring_elements":"0.46012","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00231","scoring_system":"epss","scoring_elements":"0.4598","published_at":"2026-06-09T12:55:00Z"},{"value":"0.00231","scoring_system":"epss","scoring_elements":"0.45994","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00231","scoring_system":"epss","scoring_elements":"0.45968","published_at":"2026-06-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-8377"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8377","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8377"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=922623","reference_id":"922623","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=922623"},{"reference_url":"https://security.archlinux.org/ASA-201905-5","reference_id":"ASA-201905-5","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201905-5"},{"reference_url":"https://security.archlinux.org/AVG-902","reference_id":"AVG-902","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-902"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/5825?format=json","purl":"pkg:deb/debian/tcpreplay@4.3.3-2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4r9m-bgcb-5qh8"},{"vulnerability":"VCID-5cau-18mr-kuan"},{"vulnerability":"VCID-7x5v-269w-k7dk"},{"vulnerability":"VCID-8mb3-jqas-d3ct"},{"vulnerability":"VCID-9353-9rs4-aya8"},{"vulnerability":"VCID-aa6z-puc9-b7et"},{"vulnerability":"VCID-aarc-k2zj-43ct"},{"vulnerability":"VCID-advk-e3w8-4fdp"},{"vulnerability":"VCID-b7p8-vv49-qqgu"},{"vulnerability":"VCID-bfbt-mv5d-vkhy"},{"vulnerability":"VCID-bk8t-sj6f-fyau"},{"vulnerability":"VCID-cj8f-yw83-c7hj"},{"vulnerability":"VCID-dm4j-kbxb-gbed"},{"vulnerability":"VCID-fb3w-p83c-yfdm"},{"vulnerability":"VCID-hcyv-wr46-dffs"},{"vulnerability":"VCID-k5bg-hqhm-6kg2"},{"vulnerability":"VCID-kp1j-h1mf-auap"},{"vulnerability":"VCID-m5h4-rgz8-57ak"},{"vulnerability":"VCID-mwj4-7bcn-3ygx"},{"vulnerability":"VCID-pvjf-3wcs-2ffy"},{"vulnerability":"VCID-q6td-s3sz-s7cj"},{"vulnerability":"VCID-ryv8-acv5-t7h8"},{"vulnerability":"VCID-rz31-v75n-wkc8"},{"vulnerability":"VCID-s9g8-sckb-tkfw"},{"vulnerability":"VCID-tp3u-gh67-kqg2"},{"vulnerability":"VCID-ttcc-5rsd-xyfy"},{"vulnerability":"VCID-u3h9-v2d6-akbm"},{"vulnerability":"VCID-v7qj-czys-37dy"},{"vulnerability":"VCID-vkhr-4x7z-nbc3"},{"vulnerability":"VCID-xy9w-6kw6-gufu"},{"vulnerability":"VCID-ynar-9vnj-sbge"},{"vulnerability":"VCID-zs6u-hmvq-3bd8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tcpreplay@4.3.3-2"}],"aliases":["CVE-2019-8377"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-gprh-wzs6-57cj"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/102052?format=json","vulnerability_id":"VCID-gvg4-ghcz-r7h5","summary":"Tcpreplay v4.3.0 beta1 contains a heap-based buffer over-read. The get_next_packet() function in the send_packets.c file uses the memcpy() function unsafely to copy sequences from the source buffer pktdata to the destination (*prev_packet)->pktdata. This will result in a Denial of Service (DoS) and potentially Information Exposure when the application attempts to process a file.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-17582","reference_id":"","reference_type":"","scores":[{"value":"0.00208","scoring_system":"epss","scoring_elements":"0.43143","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00208","scoring_system":"epss","scoring_elements":"0.43217","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00208","scoring_system":"epss","scoring_elements":"0.43225","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00208","scoring_system":"epss","scoring_elements":"0.43204","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00208","scoring_system":"epss","scoring_elements":"0.43169","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00208","scoring_system":"epss","scoring_elements":"0.43179","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-17582"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-17582","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-17582"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=910597","reference_id":"910597","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=910597"},{"reference_url":"https://usn.ubuntu.com/USN-5205-1/","reference_id":"USN-USN-5205-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/USN-5205-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/5824?format=json","purl":"pkg:deb/debian/tcpreplay@4.3.1-1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-a68t-cu78-duay"},{"vulnerability":"VCID-akvk-777h-qyej"},{"vulnerability":"VCID-ecxu-484v-xygm"},{"vulnerability":"VCID-gprh-wzs6-57cj"},{"vulnerability":"VCID-u4q2-42mf-jfga"},{"vulnerability":"VCID-veqv-p9ca-eyee"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tcpreplay@4.3.1-1"}],"aliases":["CVE-2018-17582"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-gvg4-ghcz-r7h5"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/102050?format=json","vulnerability_id":"VCID-hw45-wrab-r3e9","summary":"get_l2len in common/get.c in Tcpreplay 4.3.0 beta1 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via crafted packets, as demonstrated by tcpprep.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-13112","reference_id":"","reference_type":"","scores":[{"value":"0.00752","scoring_system":"epss","scoring_elements":"0.73544","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00752","scoring_system":"epss","scoring_elements":"0.7358","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00752","scoring_system":"epss","scoring_elements":"0.73585","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00752","scoring_system":"epss","scoring_elements":"0.73572","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00752","scoring_system":"epss","scoring_elements":"0.73558","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00752","scoring_system":"epss","scoring_elements":"0.73584","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-13112"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-13112","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-13112"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=902952","reference_id":"902952","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=902952"},{"reference_url":"https://usn.ubuntu.com/USN-5205-1/","reference_id":"USN-USN-5205-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/USN-5205-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/5824?format=json","purl":"pkg:deb/debian/tcpreplay@4.3.1-1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-a68t-cu78-duay"},{"vulnerability":"VCID-akvk-777h-qyej"},{"vulnerability":"VCID-ecxu-484v-xygm"},{"vulnerability":"VCID-gprh-wzs6-57cj"},{"vulnerability":"VCID-u4q2-42mf-jfga"},{"vulnerability":"VCID-veqv-p9ca-eyee"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tcpreplay@4.3.1-1"}],"aliases":["CVE-2018-13112"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-hw45-wrab-r3e9"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/102051?format=json","vulnerability_id":"VCID-pmqf-2y4d-gfb2","summary":"A heap-based buffer over-read exists in the function fast_edit_packet() in the file send_packets.c of Tcpreplay v4.3.0 beta1. This can lead to Denial of Service (DoS) and potentially Information Exposure when the application attempts to process a crafted pcap file.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-17580","reference_id":"","reference_type":"","scores":[{"value":"0.00208","scoring_system":"epss","scoring_elements":"0.43143","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00208","scoring_system":"epss","scoring_elements":"0.43217","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00208","scoring_system":"epss","scoring_elements":"0.43225","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00208","scoring_system":"epss","scoring_elements":"0.43204","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00208","scoring_system":"epss","scoring_elements":"0.43169","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00208","scoring_system":"epss","scoring_elements":"0.43179","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-17580"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-17580","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-17580"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=910596","reference_id":"910596","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=910596"},{"reference_url":"https://usn.ubuntu.com/USN-5205-1/","reference_id":"USN-USN-5205-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/USN-5205-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/5824?format=json","purl":"pkg:deb/debian/tcpreplay@4.3.1-1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-a68t-cu78-duay"},{"vulnerability":"VCID-akvk-777h-qyej"},{"vulnerability":"VCID-ecxu-484v-xygm"},{"vulnerability":"VCID-gprh-wzs6-57cj"},{"vulnerability":"VCID-u4q2-42mf-jfga"},{"vulnerability":"VCID-veqv-p9ca-eyee"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tcpreplay@4.3.1-1"}],"aliases":["CVE-2018-17580"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-pmqf-2y4d-gfb2"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/102055?format=json","vulnerability_id":"VCID-qxpq-9dnq-9kdb","summary":"A use-after-free was discovered in the tcpbridge binary of Tcpreplay 4.3.0 beta1. The issue gets triggered in the function post_args() at tcpbridge.c, causing a denial of service or possibly unspecified other impact.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-18408","reference_id":"","reference_type":"","scores":[{"value":"0.00366","scoring_system":"epss","scoring_elements":"0.58878","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00366","scoring_system":"epss","scoring_elements":"0.58924","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00366","scoring_system":"epss","scoring_elements":"0.5893","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00366","scoring_system":"epss","scoring_elements":"0.58922","published_at":"2026-06-09T12:55:00Z"},{"value":"0.00366","scoring_system":"epss","scoring_elements":"0.58906","published_at":"2026-06-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-18408"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-18408","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-18408"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=911493","reference_id":"911493","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=911493"},{"reference_url":"https://usn.ubuntu.com/USN-5205-1/","reference_id":"USN-USN-5205-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/USN-5205-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/5824?format=json","purl":"pkg:deb/debian/tcpreplay@4.3.1-1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-a68t-cu78-duay"},{"vulnerability":"VCID-akvk-777h-qyej"},{"vulnerability":"VCID-ecxu-484v-xygm"},{"vulnerability":"VCID-gprh-wzs6-57cj"},{"vulnerability":"VCID-u4q2-42mf-jfga"},{"vulnerability":"VCID-veqv-p9ca-eyee"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tcpreplay@4.3.1-1"}],"aliases":["CVE-2018-18408"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-qxpq-9dnq-9kdb"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/102061?format=json","vulnerability_id":"VCID-u4q2-42mf-jfga","summary":"Buffer Overflow in Tcpreplay v4.3.2 allows attackers to cause a Denial of Service via the 'do_checksum' function in 'checksum.c'. It can be triggered by sending a crafted pcap file to the 'tcpreplay-edit' binary. This issue is different than CVE-2019-8381.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-18976","reference_id":"","reference_type":"","scores":[{"value":"0.00272","scoring_system":"epss","scoring_elements":"0.50794","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00272","scoring_system":"epss","scoring_elements":"0.50854","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00272","scoring_system":"epss","scoring_elements":"0.50859","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00272","scoring_system":"epss","scoring_elements":"0.50838","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00272","scoring_system":"epss","scoring_elements":"0.50807","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00272","scoring_system":"epss","scoring_elements":"0.50824","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-18976"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-18976","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-18976"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/5825?format=json","purl":"pkg:deb/debian/tcpreplay@4.3.3-2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4r9m-bgcb-5qh8"},{"vulnerability":"VCID-5cau-18mr-kuan"},{"vulnerability":"VCID-7x5v-269w-k7dk"},{"vulnerability":"VCID-8mb3-jqas-d3ct"},{"vulnerability":"VCID-9353-9rs4-aya8"},{"vulnerability":"VCID-aa6z-puc9-b7et"},{"vulnerability":"VCID-aarc-k2zj-43ct"},{"vulnerability":"VCID-advk-e3w8-4fdp"},{"vulnerability":"VCID-b7p8-vv49-qqgu"},{"vulnerability":"VCID-bfbt-mv5d-vkhy"},{"vulnerability":"VCID-bk8t-sj6f-fyau"},{"vulnerability":"VCID-cj8f-yw83-c7hj"},{"vulnerability":"VCID-dm4j-kbxb-gbed"},{"vulnerability":"VCID-fb3w-p83c-yfdm"},{"vulnerability":"VCID-hcyv-wr46-dffs"},{"vulnerability":"VCID-k5bg-hqhm-6kg2"},{"vulnerability":"VCID-kp1j-h1mf-auap"},{"vulnerability":"VCID-m5h4-rgz8-57ak"},{"vulnerability":"VCID-mwj4-7bcn-3ygx"},{"vulnerability":"VCID-pvjf-3wcs-2ffy"},{"vulnerability":"VCID-q6td-s3sz-s7cj"},{"vulnerability":"VCID-ryv8-acv5-t7h8"},{"vulnerability":"VCID-rz31-v75n-wkc8"},{"vulnerability":"VCID-s9g8-sckb-tkfw"},{"vulnerability":"VCID-tp3u-gh67-kqg2"},{"vulnerability":"VCID-ttcc-5rsd-xyfy"},{"vulnerability":"VCID-u3h9-v2d6-akbm"},{"vulnerability":"VCID-v7qj-czys-37dy"},{"vulnerability":"VCID-vkhr-4x7z-nbc3"},{"vulnerability":"VCID-xy9w-6kw6-gufu"},{"vulnerability":"VCID-ynar-9vnj-sbge"},{"vulnerability":"VCID-zs6u-hmvq-3bd8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tcpreplay@4.3.3-2"}],"aliases":["CVE-2020-18976"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-u4q2-42mf-jfga"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/6140?format=json","vulnerability_id":"VCID-veqv-p9ca-eyee","summary":"multiple issues","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-8381","reference_id":"","reference_type":"","scores":[{"value":"0.00253","scoring_system":"epss","scoring_elements":"0.48891","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00253","scoring_system":"epss","scoring_elements":"0.48822","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00253","scoring_system":"epss","scoring_elements":"0.48883","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00253","scoring_system":"epss","scoring_elements":"0.48857","published_at":"2026-06-09T12:55:00Z"},{"value":"0.00253","scoring_system":"epss","scoring_elements":"0.48873","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00253","scoring_system":"epss","scoring_elements":"0.48843","published_at":"2026-06-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-8381"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8381","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8381"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=922622","reference_id":"922622","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=922622"},{"reference_url":"https://security.archlinux.org/ASA-201905-5","reference_id":"ASA-201905-5","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201905-5"},{"reference_url":"https://security.archlinux.org/AVG-902","reference_id":"AVG-902","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-902"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/5825?format=json","purl":"pkg:deb/debian/tcpreplay@4.3.3-2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4r9m-bgcb-5qh8"},{"vulnerability":"VCID-5cau-18mr-kuan"},{"vulnerability":"VCID-7x5v-269w-k7dk"},{"vulnerability":"VCID-8mb3-jqas-d3ct"},{"vulnerability":"VCID-9353-9rs4-aya8"},{"vulnerability":"VCID-aa6z-puc9-b7et"},{"vulnerability":"VCID-aarc-k2zj-43ct"},{"vulnerability":"VCID-advk-e3w8-4fdp"},{"vulnerability":"VCID-b7p8-vv49-qqgu"},{"vulnerability":"VCID-bfbt-mv5d-vkhy"},{"vulnerability":"VCID-bk8t-sj6f-fyau"},{"vulnerability":"VCID-cj8f-yw83-c7hj"},{"vulnerability":"VCID-dm4j-kbxb-gbed"},{"vulnerability":"VCID-fb3w-p83c-yfdm"},{"vulnerability":"VCID-hcyv-wr46-dffs"},{"vulnerability":"VCID-k5bg-hqhm-6kg2"},{"vulnerability":"VCID-kp1j-h1mf-auap"},{"vulnerability":"VCID-m5h4-rgz8-57ak"},{"vulnerability":"VCID-mwj4-7bcn-3ygx"},{"vulnerability":"VCID-pvjf-3wcs-2ffy"},{"vulnerability":"VCID-q6td-s3sz-s7cj"},{"vulnerability":"VCID-ryv8-acv5-t7h8"},{"vulnerability":"VCID-rz31-v75n-wkc8"},{"vulnerability":"VCID-s9g8-sckb-tkfw"},{"vulnerability":"VCID-tp3u-gh67-kqg2"},{"vulnerability":"VCID-ttcc-5rsd-xyfy"},{"vulnerability":"VCID-u3h9-v2d6-akbm"},{"vulnerability":"VCID-v7qj-czys-37dy"},{"vulnerability":"VCID-vkhr-4x7z-nbc3"},{"vulnerability":"VCID-xy9w-6kw6-gufu"},{"vulnerability":"VCID-ynar-9vnj-sbge"},{"vulnerability":"VCID-zs6u-hmvq-3bd8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tcpreplay@4.3.3-2"}],"aliases":["CVE-2019-8381"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-veqv-p9ca-eyee"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/102053?format=json","vulnerability_id":"VCID-y4wh-5hg3-k7ec","summary":"An issue was discovered in Tcpreplay 4.3.0 beta1. A heap-based buffer over-read was triggered in the function dlt_en10mb_encode() of the file plugins/dlt_en10mb/en10mb.c, due to inappropriate values in the function memmove(). The length (pktlen + ctx -> l2len) can be larger than source value (packet + ctx->l2len) because the function fails to ensure the length of a packet is valid. This leads to Denial of Service.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-17974","reference_id":"","reference_type":"","scores":[{"value":"0.00214","scoring_system":"epss","scoring_elements":"0.43944","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00214","scoring_system":"epss","scoring_elements":"0.44013","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00214","scoring_system":"epss","scoring_elements":"0.44022","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00214","scoring_system":"epss","scoring_elements":"0.43997","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00214","scoring_system":"epss","scoring_elements":"0.43962","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00214","scoring_system":"epss","scoring_elements":"0.43972","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-17974"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-17974","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-17974"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=910598","reference_id":"910598","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=910598"},{"reference_url":"https://usn.ubuntu.com/USN-5205-1/","reference_id":"USN-USN-5205-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/USN-5205-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/5824?format=json","purl":"pkg:deb/debian/tcpreplay@4.3.1-1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-a68t-cu78-duay"},{"vulnerability":"VCID-akvk-777h-qyej"},{"vulnerability":"VCID-ecxu-484v-xygm"},{"vulnerability":"VCID-gprh-wzs6-57cj"},{"vulnerability":"VCID-u4q2-42mf-jfga"},{"vulnerability":"VCID-veqv-p9ca-eyee"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tcpreplay@4.3.1-1"}],"aliases":["CVE-2018-17974"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-y4wh-5hg3-k7ec"}],"fixing_vulnerabilities":[],"risk_score":"4.0","resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tcpreplay@3.4.4-2"}