{"url":"http://public2.vulnerablecode.io/api/packages/78153?format=json","purl":"pkg:ebuild/app-emulation/qemu@2.9.0-r2","type":"ebuild","namespace":"app-emulation","name":"qemu","version":"2.9.0-r2","qualifiers":{},"subpath":"","is_vulnerable":false,"next_non_vulnerable_version":"2.11.1-r1","latest_non_vulnerable_version":"8.0.0","affected_by_vulnerabilities":[],"fixing_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/50141?format=json","vulnerability_id":"VCID-3zgd-7juv-43aw","summary":"Multiple vulnerabilities have been found in QEMU, the worst of\n    which may allow a remote attacker to cause a Denial of Service or gain\n    elevated privileges from a guest VM.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7471.json","reference_id":"","reference_type":"","scores":[{"value":"7.6","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:A/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7471.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-7471","reference_id":"","reference_type":"","scores":[{"value":"0.00566","scoring_system":"epss","scoring_elements":"0.68395","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00566","scoring_system":"epss","scoring_elements":"0.68549","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00566","scoring_system":"epss","scoring_elements":"0.68489","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00566","scoring_system":"epss","scoring_elements":"0.68538","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00566","scoring_system":"epss","scoring_elements":"0.68543","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00566","scoring_system":"epss","scoring_elements":"0.68415","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00566","scoring_system":"epss","scoring_elements":"0.68435","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00566","scoring_system":"epss","scoring_elements":"0.68411","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00566","scoring_system":"epss","scoring_elements":"0.68461","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00566","scoring_system":"epss","scoring_elements":"0.68478","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00566","scoring_system":"epss","scoring_elements":"0.68504","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00566","scoring_system":"epss","scoring_elements":"0.68492","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00566","scoring_system":"epss","scoring_elements":"0.68459","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00566","scoring_system":"epss","scoring_elements":"0.68497","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00566","scoring_system":"epss","scoring_elements":"0.6851","published_at":"2026-04-18T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-7471"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-7471","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-7471"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7471","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7471"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6","scoring_system":"cvssv2","scoring_elements":"AV:L/AC:H/Au:S/C:C/I:C/A:C"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://git.qemu.org/?p=qemu.git%3Ba=commitdiff%3Bh=9c6b899f7a46893ab3b671e341a2234e9c0c060e","reference_id":"","reference_type":"","scores":[],"url":"https://git.qemu.org/?p=qemu.git%3Ba=commitdiff%3Bh=9c6b899f7a46893ab3b671e341a2234e9c0c060e"},{"reference_url":"http://www.openwall.com/lists/oss-security/2017/04/19/2","reference_id":"","reference_type":"","scores":[],"url":"http://www.openwall.com/lists/oss-security/2017/04/19/2"},{"reference_url":"http://www.securityfocus.com/bid/97970","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/97970"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1443401","reference_id":"1443401","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1443401"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=860785","reference_id":"860785","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=860785"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:qemu:qemu:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:qemu:qemu:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:qemu:qemu:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:qemu:qemu:2.9.0:rc0:*:*:*:*:*:*","reference_id":"cpe:2.3:a:qemu:qemu:2.9.0:rc0:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:qemu:qemu:2.9.0:rc0:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:qemu:qemu:2.9.0:rc1:*:*:*:*:*:*","reference_id":"cpe:2.3:a:qemu:qemu:2.9.0:rc1:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:qemu:qemu:2.9.0:rc1:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:qemu:qemu:2.9.0:rc2:*:*:*:*:*:*","reference_id":"cpe:2.3:a:qemu:qemu:2.9.0:rc2:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:qemu:qemu:2.9.0:rc2:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:qemu:qemu:2.9.0:rc3:*:*:*:*:*:*","reference_id":"cpe:2.3:a:qemu:qemu:2.9.0:rc3:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:qemu:qemu:2.9.0:rc3:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:qemu:qemu:2.9.0:rc4:*:*:*:*:*:*","reference_id":"cpe:2.3:a:qemu:qemu:2.9.0:rc4:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:qemu:qemu:2.9.0:rc4:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2017-7471","reference_id":"CVE-2017-7471","reference_type":"","scores":[{"value":"7.7","scoring_system":"cvssv2","scoring_elements":"AV:A/AC:L/Au:S/C:C/I:C/A:C"},{"value":"9.0","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2017-7471"},{"reference_url":"https://security.gentoo.org/glsa/201706-03","reference_id":"GLSA-201706-03","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201706-03"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/78153?format=json","purl":"pkg:ebuild/app-emulation/qemu@2.9.0-r2","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/app-emulation/qemu@2.9.0-r2"}],"aliases":["CVE-2017-7471"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.1","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-3zgd-7juv-43aw"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/50143?format=json","vulnerability_id":"VCID-4mkn-nd4b-huhh","summary":"Multiple vulnerabilities have been found in QEMU, the worst of\n    which may allow a remote attacker to cause a Denial of Service or gain\n    elevated privileges from a guest VM.","references":[{"reference_url":"http://git.qemu-project.org/?p=qemu.git%3Ba=commit%3Bh=215902d7b6fb50c6fc216fc74f770858278ed904","reference_id":"","reference_type":"","scores":[],"url":"http://git.qemu-project.org/?p=qemu.git%3Ba=commit%3Bh=215902d7b6fb50c6fc216fc74f770858278ed904"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7718.json","reference_id":"","reference_type":"","scores":[{"value":"4.0","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:A/AC:H/PR:H/UI:N/S:C/C:L/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7718.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-7718","reference_id":"","reference_type":"","scores":[{"value":"0.00103","scoring_system":"epss","scoring_elements":"0.27773","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00103","scoring_system":"epss","scoring_elements":"0.27962","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00103","scoring_system":"epss","scoring_elements":"0.2785","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00127","scoring_system":"epss","scoring_elements":"0.32032","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00127","scoring_system":"epss","scoring_elements":"0.32159","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00127","scoring_system":"epss","scoring_elements":"0.32198","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00127","scoring_system":"epss","scoring_elements":"0.32021","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00127","scoring_system":"epss","scoring_elements":"0.32072","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00127","scoring_system":"epss","scoring_elements":"0.32102","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00127","scoring_system":"epss","scoring_elements":"0.32105","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00127","scoring_system":"epss","scoring_elements":"0.32067","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00127","scoring_system":"epss","scoring_elements":"0.32036","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00127","scoring_system":"epss","scoring_elements":"0.32069","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00127","scoring_system":"epss","scoring_elements":"0.32046","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00127","scoring_system":"epss","scoring_elements":"0.32019","published_at":"2026-04-21T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-7718"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7718","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7718"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"2.4","scoring_system":"cvssv2","scoring_elements":"AV:L/AC:H/Au:S/C:P/I:N/A:P"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2018/09/msg00007.html","reference_id":"","reference_type":"","scores":[],"url":"https://lists.debian.org/debian-lts-announce/2018/09/msg00007.html"},{"reference_url":"http://www.openwall.com/lists/oss-security/2017/04/19/4","reference_id":"","reference_type":"","scores":[],"url":"http://www.openwall.com/lists/oss-security/2017/04/19/4"},{"reference_url":"http://www.securityfocus.com/bid/97957","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/97957"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1443441","reference_id":"1443441","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1443441"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:qemu:qemu:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:qemu:qemu:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:qemu:qemu:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:qemu:qemu:2.9.0:rc0:*:*:*:*:*:*","reference_id":"cpe:2.3:a:qemu:qemu:2.9.0:rc0:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:qemu:qemu:2.9.0:rc0:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2017-7718","reference_id":"CVE-2017-7718","reference_type":"","scores":[{"value":"2.1","scoring_system":"cvssv2","scoring_elements":"AV:L/AC:L/Au:N/C:N/I:N/A:P"},{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2017-7718"},{"reference_url":"https://security.gentoo.org/glsa/201706-03","reference_id":"GLSA-201706-03","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201706-03"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:0980","reference_id":"RHSA-2017:0980","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:0980"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:0981","reference_id":"RHSA-2017:0981","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:0981"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:0982","reference_id":"RHSA-2017:0982","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:0982"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:0983","reference_id":"RHSA-2017:0983","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:0983"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:0984","reference_id":"RHSA-2017:0984","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:0984"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:0988","reference_id":"RHSA-2017:0988","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:0988"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:1205","reference_id":"RHSA-2017:1205","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:1205"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:1206","reference_id":"RHSA-2017:1206","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:1206"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:1430","reference_id":"RHSA-2017:1430","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:1430"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:1431","reference_id":"RHSA-2017:1431","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:1431"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:1441","reference_id":"RHSA-2017:1441","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:1441"},{"reference_url":"https://usn.ubuntu.com/3289-1/","reference_id":"USN-3289-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3289-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/78153?format=json","purl":"pkg:ebuild/app-emulation/qemu@2.9.0-r2","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/app-emulation/qemu@2.9.0-r2"}],"aliases":["CVE-2017-7718"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-4mkn-nd4b-huhh"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/50140?format=json","vulnerability_id":"VCID-542n-bbu2-dyfc","summary":"Multiple vulnerabilities have been found in QEMU, the worst of\n    which may allow a remote attacker to cause a Denial of Service or gain\n    elevated privileges from a guest VM.","references":[{"reference_url":"http://git.qemu-project.org/?p=qemu.git%3Ba=commit%3Bh=d63fb193e71644a073b77ff5ac6f1216f2f6cf6e","reference_id":"","reference_type":"","scores":[],"url":"http://git.qemu-project.org/?p=qemu.git%3Ba=commit%3Bh=d63fb193e71644a073b77ff5ac6f1216f2f6cf6e"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7377.json","reference_id":"","reference_type":"","scores":[{"value":"3.0","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:A/AC:H/PR:L/UI:N/S:C/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7377.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-7377","reference_id":"","reference_type":"","scores":[{"value":"0.00075","scoring_system":"epss","scoring_elements":"0.22474","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00075","scoring_system":"epss","scoring_elements":"0.22328","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00075","scoring_system":"epss","scoring_elements":"0.22496","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00075","scoring_system":"epss","scoring_elements":"0.22341","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00075","scoring_system":"epss","scoring_elements":"0.22331","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00075","scoring_system":"epss","scoring_elements":"0.22648","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00075","scoring_system":"epss","scoring_elements":"0.22691","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00075","scoring_system":"epss","scoring_elements":"0.22482","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00075","scoring_system":"epss","scoring_elements":"0.22563","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00075","scoring_system":"epss","scoring_elements":"0.22618","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00075","scoring_system":"epss","scoring_elements":"0.22634","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00075","scoring_system":"epss","scoring_elements":"0.22592","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00075","scoring_system":"epss","scoring_elements":"0.22537","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00075","scoring_system":"epss","scoring_elements":"0.22552","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00075","scoring_system":"epss","scoring_elements":"0.22546","published_at":"2026-04-18T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-7377"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7377","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7377"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"1.5","scoring_system":"cvssv2","scoring_elements":"AV:L/AC:M/Au:S/C:N/I:N/A:P"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2018/09/msg00007.html","reference_id":"","reference_type":"","scores":[],"url":"https://lists.debian.org/debian-lts-announce/2018/09/msg00007.html"},{"reference_url":"https://lists.gnu.org/archive/html/qemu-devel/2017-03/msg05449.html","reference_id":"","reference_type":"","scores":[],"url":"https://lists.gnu.org/archive/html/qemu-devel/2017-03/msg05449.html"},{"reference_url":"http://www.openwall.com/lists/oss-security/2017/04/03/2","reference_id":"","reference_type":"","scores":[],"url":"http://www.openwall.com/lists/oss-security/2017/04/03/2"},{"reference_url":"http://www.securityfocus.com/bid/97319","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/97319"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1437871","reference_id":"1437871","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1437871"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=859854","reference_id":"859854","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=859854"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:qemu:qemu:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:qemu:qemu:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:qemu:qemu:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:qemu:qemu:2.9.0:rc0:*:*:*:*:*:*","reference_id":"cpe:2.3:a:qemu:qemu:2.9.0:rc0:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:qemu:qemu:2.9.0:rc0:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:qemu:qemu:2.9.0:rc1:*:*:*:*:*:*","reference_id":"cpe:2.3:a:qemu:qemu:2.9.0:rc1:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:qemu:qemu:2.9.0:rc1:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2017-7377","reference_id":"CVE-2017-7377","reference_type":"","scores":[{"value":"2.1","scoring_system":"cvssv2","scoring_elements":"AV:L/AC:L/Au:N/C:N/I:N/A:P"},{"value":"6.0","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2017-7377"},{"reference_url":"https://security.gentoo.org/glsa/201706-03","reference_id":"GLSA-201706-03","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201706-03"},{"reference_url":"https://usn.ubuntu.com/3289-1/","reference_id":"USN-3289-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3289-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/78153?format=json","purl":"pkg:ebuild/app-emulation/qemu@2.9.0-r2","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/app-emulation/qemu@2.9.0-r2"}],"aliases":["CVE-2017-7377"],"risk_score":2.7,"exploitability":"0.5","weighted_severity":"5.4","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-542n-bbu2-dyfc"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/50142?format=json","vulnerability_id":"VCID-55q4-p9np-kkh6","summary":"Multiple vulnerabilities have been found in QEMU, the worst of\n    which may allow a remote attacker to cause a Denial of Service or gain\n    elevated privileges from a guest VM.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7493.json","reference_id":"","reference_type":"","scores":[{"value":"7.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:A/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7493.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-7493","reference_id":"","reference_type":"","scores":[{"value":"0.0006","scoring_system":"epss","scoring_elements":"0.18712","published_at":"2026-04-01T12:55:00Z"},{"value":"0.0006","scoring_system":"epss","scoring_elements":"0.1885","published_at":"2026-04-02T12:55:00Z"},{"value":"0.0006","scoring_system":"epss","scoring_elements":"0.18903","published_at":"2026-04-04T12:55:00Z"},{"value":"0.0006","scoring_system":"epss","scoring_elements":"0.18623","published_at":"2026-04-07T12:55:00Z"},{"value":"0.0006","scoring_system":"epss","scoring_elements":"0.18702","published_at":"2026-04-08T12:55:00Z"},{"value":"0.0006","scoring_system":"epss","scoring_elements":"0.18757","published_at":"2026-04-09T12:55:00Z"},{"value":"0.0006","scoring_system":"epss","scoring_elements":"0.18762","published_at":"2026-04-11T12:55:00Z"},{"value":"0.0006","scoring_system":"epss","scoring_elements":"0.18715","published_at":"2026-04-12T12:55:00Z"},{"value":"0.0006","scoring_system":"epss","scoring_elements":"0.18665","published_at":"2026-04-13T12:55:00Z"},{"value":"0.0006","scoring_system":"epss","scoring_elements":"0.18612","published_at":"2026-04-16T12:55:00Z"},{"value":"0.0006","scoring_system":"epss","scoring_elements":"0.18624","published_at":"2026-04-18T12:55:00Z"},{"value":"0.0006","scoring_system":"epss","scoring_elements":"0.18643","published_at":"2026-04-21T12:55:00Z"},{"value":"0.0006","scoring_system":"epss","scoring_elements":"0.18534","published_at":"2026-04-24T12:55:00Z"},{"value":"0.0006","scoring_system":"epss","scoring_elements":"0.18515","published_at":"2026-04-26T12:55:00Z"},{"value":"0.0006","scoring_system":"epss","scoring_elements":"0.1847","published_at":"2026-04-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-7493"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7493","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7493"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1451709","reference_id":"1451709","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1451709"},{"reference_url":"https://security.gentoo.org/glsa/201706-03","reference_id":"GLSA-201706-03","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201706-03"},{"reference_url":"https://usn.ubuntu.com/3414-1/","reference_id":"USN-3414-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3414-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/78153?format=json","purl":"pkg:ebuild/app-emulation/qemu@2.9.0-r2","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/app-emulation/qemu@2.9.0-r2"}],"aliases":["CVE-2017-7493"],"risk_score":3.2,"exploitability":"0.5","weighted_severity":"6.4","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-55q4-p9np-kkh6"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/4093?format=json","vulnerability_id":"VCID-895c-wwg8-cbe5","summary":"Cirrus VGA Heap overflow via display refresh","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9603.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:A/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9603.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-9603","reference_id":"","reference_type":"","scores":[{"value":"0.01587","scoring_system":"epss","scoring_elements":"0.81552","published_at":"2026-04-01T12:55:00Z"},{"value":"0.01587","scoring_system":"epss","scoring_elements":"0.81563","published_at":"2026-04-02T12:55:00Z"},{"value":"0.01587","scoring_system":"epss","scoring_elements":"0.81585","published_at":"2026-04-04T12:55:00Z"},{"value":"0.01587","scoring_system":"epss","scoring_elements":"0.81583","published_at":"2026-04-07T12:55:00Z"},{"value":"0.01587","scoring_system":"epss","scoring_elements":"0.81611","published_at":"2026-04-08T12:55:00Z"},{"value":"0.01587","scoring_system":"epss","scoring_elements":"0.81616","published_at":"2026-04-13T12:55:00Z"},{"value":"0.01587","scoring_system":"epss","scoring_elements":"0.81636","published_at":"2026-04-11T12:55:00Z"},{"value":"0.01587","scoring_system":"epss","scoring_elements":"0.81623","published_at":"2026-04-12T12:55:00Z"},{"value":"0.01587","scoring_system":"epss","scoring_elements":"0.81653","published_at":"2026-04-16T12:55:00Z"},{"value":"0.01587","scoring_system":"epss","scoring_elements":"0.81654","published_at":"2026-04-18T12:55:00Z"},{"value":"0.01587","scoring_system":"epss","scoring_elements":"0.81657","published_at":"2026-04-21T12:55:00Z"},{"value":"0.01587","scoring_system":"epss","scoring_elements":"0.81681","published_at":"2026-04-24T12:55:00Z"},{"value":"0.01587","scoring_system":"epss","scoring_elements":"0.81691","published_at":"2026-04-26T12:55:00Z"},{"value":"0.01587","scoring_system":"epss","scoring_elements":"0.81695","published_at":"2026-04-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-9603"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9603","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9603"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"3.5","scoring_system":"cvssv2","scoring_elements":"AV:L/AC:H/Au:S/C:P/I:P/A:P"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1430056","reference_id":"1430056","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1430056"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=857744","reference_id":"857744","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=857744"},{"reference_url":"https://security.gentoo.org/glsa/201706-03","reference_id":"GLSA-201706-03","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201706-03"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:0980","reference_id":"RHSA-2017:0980","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:0980"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:0981","reference_id":"RHSA-2017:0981","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:0981"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:0982","reference_id":"RHSA-2017:0982","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:0982"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:0983","reference_id":"RHSA-2017:0983","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:0983"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:0984","reference_id":"RHSA-2017:0984","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:0984"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:0985","reference_id":"RHSA-2017:0985","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:0985"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:0987","reference_id":"RHSA-2017:0987","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:0987"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:0988","reference_id":"RHSA-2017:0988","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:0988"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:1205","reference_id":"RHSA-2017:1205","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:1205"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:1206","reference_id":"RHSA-2017:1206","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:1206"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:1441","reference_id":"RHSA-2017:1441","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:1441"},{"reference_url":"https://usn.ubuntu.com/3261-1/","reference_id":"USN-3261-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3261-1/"},{"reference_url":"https://usn.ubuntu.com/3268-1/","reference_id":"USN-3268-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3268-1/"},{"reference_url":"https://xenbits.xen.org/xsa/advisory-211.html","reference_id":"XSA-211","reference_type":"","scores":[],"url":"https://xenbits.xen.org/xsa/advisory-211.html"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/78153?format=json","purl":"pkg:ebuild/app-emulation/qemu@2.9.0-r2","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/app-emulation/qemu@2.9.0-r2"}],"aliases":["CVE-2016-9603","XSA-211"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-895c-wwg8-cbe5"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/50146?format=json","vulnerability_id":"VCID-ajxn-xuzk-2qez","summary":"Multiple vulnerabilities have been found in QEMU, the worst of\n    which may allow a remote attacker to cause a Denial of Service or gain\n    elevated privileges from a guest VM.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-8112.json","reference_id":"","reference_type":"","scores":[{"value":"3.0","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:A/AC:H/PR:L/UI:N/S:C/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-8112.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-8112","reference_id":"","reference_type":"","scores":[{"value":"0.00056","scoring_system":"epss","scoring_elements":"0.17574","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00056","scoring_system":"epss","scoring_elements":"0.17389","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00056","scoring_system":"epss","scoring_elements":"0.17569","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00056","scoring_system":"epss","scoring_elements":"0.17479","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00056","scoring_system":"epss","scoring_elements":"0.17456","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00056","scoring_system":"epss","scoring_elements":"0.17736","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00056","scoring_system":"epss","scoring_elements":"0.17783","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00056","scoring_system":"epss","scoring_elements":"0.17512","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00056","scoring_system":"epss","scoring_elements":"0.17601","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00056","scoring_system":"epss","scoring_elements":"0.17662","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00056","scoring_system":"epss","scoring_elements":"0.1768","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00056","scoring_system":"epss","scoring_elements":"0.17634","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00056","scoring_system":"epss","scoring_elements":"0.17581","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00056","scoring_system":"epss","scoring_elements":"0.17527","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00056","scoring_system":"epss","scoring_elements":"0.17536","published_at":"2026-04-18T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-8112"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-8112","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-8112"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"1.5","scoring_system":"cvssv2","scoring_elements":"AV:L/AC:M/Au:S/C:N/I:N/A:P"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2018/09/msg00007.html","reference_id":"","reference_type":"","scores":[],"url":"https://lists.debian.org/debian-lts-announce/2018/09/msg00007.html"},{"reference_url":"https://lists.gnu.org/archive/html/qemu-devel/2017-04/msg04578.html","reference_id":"","reference_type":"","scores":[],"url":"https://lists.gnu.org/archive/html/qemu-devel/2017-04/msg04578.html"},{"reference_url":"http://www.openwall.com/lists/oss-security/2017/04/26/5","reference_id":"","reference_type":"","scores":[],"url":"http://www.openwall.com/lists/oss-security/2017/04/26/5"},{"reference_url":"http://www.securityfocus.com/bid/98015","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/98015"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1445621","reference_id":"1445621","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1445621"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=861351","reference_id":"861351","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=861351"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:qemu:qemu:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:qemu:qemu:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:qemu:qemu:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2017-8112","reference_id":"CVE-2017-8112","reference_type":"","scores":[{"value":"4.9","scoring_system":"cvssv2","scoring_elements":"AV:L/AC:L/Au:N/C:N/I:N/A:C"},{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2017-8112"},{"reference_url":"https://security.gentoo.org/glsa/201706-03","reference_id":"GLSA-201706-03","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201706-03"},{"reference_url":"https://usn.ubuntu.com/3414-1/","reference_id":"USN-3414-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3414-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/78153?format=json","purl":"pkg:ebuild/app-emulation/qemu@2.9.0-r2","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/app-emulation/qemu@2.9.0-r2"}],"aliases":["CVE-2017-8112"],"risk_score":3.0,"exploitability":"0.5","weighted_severity":"5.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ajxn-xuzk-2qez"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/50147?format=json","vulnerability_id":"VCID-bq4s-ner8-9bew","summary":"Multiple vulnerabilities have been found in QEMU, the worst of\n    which may allow a remote attacker to cause a Denial of Service or gain\n    elevated privileges from a guest VM.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-8309.json","reference_id":"","reference_type":"","scores":[{"value":"3.0","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:A/AC:H/PR:L/UI:N/S:C/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-8309.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-8309","reference_id":"","reference_type":"","scores":[{"value":"0.01106","scoring_system":"epss","scoring_elements":"0.78177","published_at":"2026-04-29T12:55:00Z"},{"value":"0.01106","scoring_system":"epss","scoring_elements":"0.78157","published_at":"2026-04-24T12:55:00Z"},{"value":"0.01106","scoring_system":"epss","scoring_elements":"0.78163","published_at":"2026-04-26T12:55:00Z"},{"value":"0.01768","scoring_system":"epss","scoring_elements":"0.826","published_at":"2026-04-04T12:55:00Z"},{"value":"0.01768","scoring_system":"epss","scoring_elements":"0.82596","published_at":"2026-04-07T12:55:00Z"},{"value":"0.01768","scoring_system":"epss","scoring_elements":"0.82622","published_at":"2026-04-08T12:55:00Z"},{"value":"0.01768","scoring_system":"epss","scoring_elements":"0.8263","published_at":"2026-04-09T12:55:00Z"},{"value":"0.01768","scoring_system":"epss","scoring_elements":"0.82648","published_at":"2026-04-11T12:55:00Z"},{"value":"0.01768","scoring_system":"epss","scoring_elements":"0.82642","published_at":"2026-04-12T12:55:00Z"},{"value":"0.01768","scoring_system":"epss","scoring_elements":"0.8257","published_at":"2026-04-01T12:55:00Z"},{"value":"0.01768","scoring_system":"epss","scoring_elements":"0.82585","published_at":"2026-04-02T12:55:00Z"},{"value":"0.01779","scoring_system":"epss","scoring_elements":"0.8273","published_at":"2026-04-18T12:55:00Z"},{"value":"0.01779","scoring_system":"epss","scoring_elements":"0.82733","published_at":"2026-04-21T12:55:00Z"},{"value":"0.01779","scoring_system":"epss","scoring_elements":"0.82691","published_at":"2026-04-13T12:55:00Z"},{"value":"0.01779","scoring_system":"epss","scoring_elements":"0.82729","published_at":"2026-04-16T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-8309"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-8309","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-8309"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"1.5","scoring_system":"cvssv2","scoring_elements":"AV:L/AC:M/Au:S/C:N/I:N/A:P"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1446517","reference_id":"1446517","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1446517"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=862280","reference_id":"862280","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=862280"},{"reference_url":"https://security.gentoo.org/glsa/201706-03","reference_id":"GLSA-201706-03","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201706-03"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:2408","reference_id":"RHSA-2017:2408","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:2408"},{"reference_url":"https://usn.ubuntu.com/3289-1/","reference_id":"USN-3289-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3289-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/78153?format=json","purl":"pkg:ebuild/app-emulation/qemu@2.9.0-r2","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/app-emulation/qemu@2.9.0-r2"}],"aliases":["CVE-2017-8309"],"risk_score":1.4,"exploitability":"0.5","weighted_severity":"2.7","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-bq4s-ner8-9bew"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/50145?format=json","vulnerability_id":"VCID-jkk4-3w76-5kha","summary":"Multiple vulnerabilities have been found in QEMU, the worst of\n    which may allow a remote attacker to cause a Denial of Service or gain\n    elevated privileges from a guest VM.","references":[{"reference_url":"http://git.qemu.org/?p=qemu.git%3Ba=commit%3Bh=4ffcdef4277a91af15a3c09f7d16af072c29f3f2","reference_id":"","reference_type":"","scores":[],"url":"http://git.qemu.org/?p=qemu.git%3Ba=commit%3Bh=4ffcdef4277a91af15a3c09f7d16af072c29f3f2"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-8086.json","reference_id":"","reference_type":"","scores":[{"value":"3.0","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:A/AC:H/PR:L/UI:N/S:C/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-8086.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-8086","reference_id":"","reference_type":"","scores":[{"value":"0.00076","scoring_system":"epss","scoring_elements":"0.2275","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00076","scoring_system":"epss","scoring_elements":"0.22608","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00076","scoring_system":"epss","scoring_elements":"0.22782","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00076","scoring_system":"epss","scoring_elements":"0.22621","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00076","scoring_system":"epss","scoring_elements":"0.22612","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00076","scoring_system":"epss","scoring_elements":"0.22922","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00076","scoring_system":"epss","scoring_elements":"0.22966","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00076","scoring_system":"epss","scoring_elements":"0.22759","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00076","scoring_system":"epss","scoring_elements":"0.22833","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00076","scoring_system":"epss","scoring_elements":"0.22887","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00076","scoring_system":"epss","scoring_elements":"0.22907","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00076","scoring_system":"epss","scoring_elements":"0.2287","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00076","scoring_system":"epss","scoring_elements":"0.22814","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00076","scoring_system":"epss","scoring_elements":"0.22827","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00076","scoring_system":"epss","scoring_elements":"0.22821","published_at":"2026-04-18T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-8086"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-8086","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-8086"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"1.5","scoring_system":"cvssv2","scoring_elements":"AV:L/AC:M/Au:S/C:N/I:N/A:P"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2018/09/msg00007.html","reference_id":"","reference_type":"","scores":[],"url":"https://lists.debian.org/debian-lts-announce/2018/09/msg00007.html"},{"reference_url":"https://lists.gnu.org/archive/html/qemu-devel/2017-04/msg01636.html","reference_id":"","reference_type":"","scores":[],"url":"https://lists.gnu.org/archive/html/qemu-devel/2017-04/msg01636.html"},{"reference_url":"http://www.openwall.com/lists/oss-security/2017/04/25/5","reference_id":"","reference_type":"","scores":[],"url":"http://www.openwall.com/lists/oss-security/2017/04/25/5"},{"reference_url":"http://www.securityfocus.com/bid/98012","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/98012"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1444781","reference_id":"1444781","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1444781"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=861348","reference_id":"861348","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=861348"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:qemu:qemu:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:qemu:qemu:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:qemu:qemu:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:qemu:qemu:2.9.0:rc0:*:*:*:*:*:*","reference_id":"cpe:2.3:a:qemu:qemu:2.9.0:rc0:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:qemu:qemu:2.9.0:rc0:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:qemu:qemu:2.9.0:rc1:*:*:*:*:*:*","reference_id":"cpe:2.3:a:qemu:qemu:2.9.0:rc1:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:qemu:qemu:2.9.0:rc1:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:qemu:qemu:2.9.0:rc2:*:*:*:*:*:*","reference_id":"cpe:2.3:a:qemu:qemu:2.9.0:rc2:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:qemu:qemu:2.9.0:rc2:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:qemu:qemu:2.9.0:rc3:*:*:*:*:*:*","reference_id":"cpe:2.3:a:qemu:qemu:2.9.0:rc3:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:qemu:qemu:2.9.0:rc3:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2017-8086","reference_id":"CVE-2017-8086","reference_type":"","scores":[{"value":"4.9","scoring_system":"cvssv2","scoring_elements":"AV:L/AC:L/Au:N/C:N/I:N/A:C"},{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2017-8086"},{"reference_url":"https://security.gentoo.org/glsa/201706-03","reference_id":"GLSA-201706-03","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201706-03"},{"reference_url":"https://usn.ubuntu.com/3289-1/","reference_id":"USN-3289-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3289-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/78153?format=json","purl":"pkg:ebuild/app-emulation/qemu@2.9.0-r2","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/app-emulation/qemu@2.9.0-r2"}],"aliases":["CVE-2017-8086"],"risk_score":3.0,"exploitability":"0.5","weighted_severity":"5.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-jkk4-3w76-5kha"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/50144?format=json","vulnerability_id":"VCID-m7uv-6346-8kbq","summary":"Multiple vulnerabilities have been found in QEMU, the worst of\n    which may allow a remote attacker to cause a Denial of Service or gain\n    elevated privileges from a guest VM.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7980.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:A/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7980.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-7980","reference_id":"","reference_type":"","scores":[{"value":"0.00166","scoring_system":"epss","scoring_elements":"0.37659","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00166","scoring_system":"epss","scoring_elements":"0.3738","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00166","scoring_system":"epss","scoring_elements":"0.37492","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00166","scoring_system":"epss","scoring_elements":"0.3747","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00166","scoring_system":"epss","scoring_elements":"0.37841","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00166","scoring_system":"epss","scoring_elements":"0.37866","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00166","scoring_system":"epss","scoring_elements":"0.37745","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00166","scoring_system":"epss","scoring_elements":"0.37796","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00166","scoring_system":"epss","scoring_elements":"0.37809","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00166","scoring_system":"epss","scoring_elements":"0.37823","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00166","scoring_system":"epss","scoring_elements":"0.37788","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00166","scoring_system":"epss","scoring_elements":"0.37763","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00166","scoring_system":"epss","scoring_elements":"0.37811","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00166","scoring_system":"epss","scoring_elements":"0.37791","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00166","scoring_system":"epss","scoring_elements":"0.3773","published_at":"2026-04-21T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-7980"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7980","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7980"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.1","scoring_system":"cvssv2","scoring_elements":"AV:L/AC:M/Au:S/C:P/I:P/A:P"},{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1444371","reference_id":"1444371","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1444371"},{"reference_url":"https://security.gentoo.org/glsa/201706-03","reference_id":"GLSA-201706-03","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201706-03"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:0980","reference_id":"RHSA-2017:0980","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:0980"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:0981","reference_id":"RHSA-2017:0981","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:0981"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:0982","reference_id":"RHSA-2017:0982","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:0982"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:0983","reference_id":"RHSA-2017:0983","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:0983"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:0984","reference_id":"RHSA-2017:0984","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:0984"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:0988","reference_id":"RHSA-2017:0988","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:0988"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:1205","reference_id":"RHSA-2017:1205","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:1205"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:1206","reference_id":"RHSA-2017:1206","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:1206"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:1430","reference_id":"RHSA-2017:1430","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:1430"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:1441","reference_id":"RHSA-2017:1441","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:1441"},{"reference_url":"https://usn.ubuntu.com/3289-1/","reference_id":"USN-3289-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3289-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/78153?format=json","purl":"pkg:ebuild/app-emulation/qemu@2.9.0-r2","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/app-emulation/qemu@2.9.0-r2"}],"aliases":["CVE-2017-7980"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-m7uv-6346-8kbq"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/50150?format=json","vulnerability_id":"VCID-ncpf-ttuc-fqe7","summary":"Multiple vulnerabilities have been found in QEMU, the worst of\n    which may allow a remote attacker to cause a Denial of Service or gain\n    elevated privileges from a guest VM.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-9060.json","reference_id":"","reference_type":"","scores":[{"value":"3.0","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:A/AC:H/PR:L/UI:N/S:C/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-9060.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-9060","reference_id":"","reference_type":"","scores":[{"value":"0.00091","scoring_system":"epss","scoring_elements":"0.25654","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00091","scoring_system":"epss","scoring_elements":"0.25425","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00091","scoring_system":"epss","scoring_elements":"0.25481","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00091","scoring_system":"epss","scoring_elements":"0.25473","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00091","scoring_system":"epss","scoring_elements":"0.25724","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00091","scoring_system":"epss","scoring_elements":"0.25766","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00091","scoring_system":"epss","scoring_elements":"0.25535","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00091","scoring_system":"epss","scoring_elements":"0.25608","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00091","scoring_system":"epss","scoring_elements":"0.25655","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00091","scoring_system":"epss","scoring_elements":"0.25666","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00091","scoring_system":"epss","scoring_elements":"0.25625","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00091","scoring_system":"epss","scoring_elements":"0.25568","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00091","scoring_system":"epss","scoring_elements":"0.25572","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00091","scoring_system":"epss","scoring_elements":"0.25558","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00091","scoring_system":"epss","scoring_elements":"0.2553","published_at":"2026-04-21T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-9060"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9060","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9060"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"3.5","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:S/C:N/I:N/A:P"},{"value":"5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1452597","reference_id":"1452597","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1452597"},{"reference_url":"https://security.gentoo.org/glsa/201706-03","reference_id":"GLSA-201706-03","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201706-03"},{"reference_url":"https://usn.ubuntu.com/3414-1/","reference_id":"USN-3414-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3414-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/78153?format=json","purl":"pkg:ebuild/app-emulation/qemu@2.9.0-r2","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/app-emulation/qemu@2.9.0-r2"}],"aliases":["CVE-2017-9060"],"risk_score":1.4,"exploitability":"0.5","weighted_severity":"2.7","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ncpf-ttuc-fqe7"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/50151?format=json","vulnerability_id":"VCID-vefc-bfc3-fyg2","summary":"Multiple vulnerabilities have been found in QEMU, the worst of\n    which may allow a remote attacker to cause a Denial of Service or gain\n    elevated privileges from a guest VM.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-9310.json","reference_id":"","reference_type":"","scores":[{"value":"3.0","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:A/AC:H/PR:L/UI:N/S:C/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-9310.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-9310","reference_id":"","reference_type":"","scores":[{"value":"0.00093","scoring_system":"epss","scoring_elements":"0.26017","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00093","scoring_system":"epss","scoring_elements":"0.26101","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00093","scoring_system":"epss","scoring_elements":"0.2614","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00093","scoring_system":"epss","scoring_elements":"0.25906","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00093","scoring_system":"epss","scoring_elements":"0.25974","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00093","scoring_system":"epss","scoring_elements":"0.26026","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00093","scoring_system":"epss","scoring_elements":"0.26036","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00093","scoring_system":"epss","scoring_elements":"0.25991","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00093","scoring_system":"epss","scoring_elements":"0.25932","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00093","scoring_system":"epss","scoring_elements":"0.25937","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00093","scoring_system":"epss","scoring_elements":"0.25919","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00093","scoring_system":"epss","scoring_elements":"0.25889","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00093","scoring_system":"epss","scoring_elements":"0.25824","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00093","scoring_system":"epss","scoring_elements":"0.25818","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00093","scoring_system":"epss","scoring_elements":"0.25771","published_at":"2026-04-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-9310"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10664","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10664"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10911","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10911"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9310","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9310"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9330","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9330"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9373","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9373"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9374","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9374"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1452620","reference_id":"1452620","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1452620"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=863840","reference_id":"863840","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=863840"},{"reference_url":"https://security.gentoo.org/glsa/201706-03","reference_id":"GLSA-201706-03","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201706-03"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:2392","reference_id":"RHSA-2017:2392","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:2392"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:2408","reference_id":"RHSA-2017:2408","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:2408"},{"reference_url":"https://usn.ubuntu.com/3414-1/","reference_id":"USN-3414-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3414-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/78153?format=json","purl":"pkg:ebuild/app-emulation/qemu@2.9.0-r2","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/app-emulation/qemu@2.9.0-r2"}],"aliases":["CVE-2017-9310"],"risk_score":1.4,"exploitability":"0.5","weighted_severity":"2.7","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-vefc-bfc3-fyg2"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/50152?format=json","vulnerability_id":"VCID-w1je-asqn-fbcr","summary":"Multiple vulnerabilities have been found in QEMU, the worst of\n    which may allow a remote attacker to cause a Denial of Service or gain\n    elevated privileges from a guest VM.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-9330.json","reference_id":"","reference_type":"","scores":[{"value":"3.0","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:A/AC:H/PR:L/UI:N/S:C/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-9330.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-9330","reference_id":"","reference_type":"","scores":[{"value":"0.00036","scoring_system":"epss","scoring_elements":"0.10597","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00036","scoring_system":"epss","scoring_elements":"0.10493","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00036","scoring_system":"epss","scoring_elements":"0.10563","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00036","scoring_system":"epss","scoring_elements":"0.10427","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00036","scoring_system":"epss","scoring_elements":"0.10501","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00036","scoring_system":"epss","scoring_elements":"0.10568","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00036","scoring_system":"epss","scoring_elements":"0.10565","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00053","scoring_system":"epss","scoring_elements":"0.16329","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00053","scoring_system":"epss","scoring_elements":"0.16284","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00053","scoring_system":"epss","scoring_elements":"0.164","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00053","scoring_system":"epss","scoring_elements":"0.16438","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00053","scoring_system":"epss","scoring_elements":"0.1633","published_at":"2026-04-24T12:55:00Z"},{"value":"0.0007","scoring_system":"epss","scoring_elements":"0.21443","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00104","scoring_system":"epss","scoring_elements":"0.28348","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00104","scoring_system":"epss","scoring_elements":"0.28337","published_at":"2026-04-13T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-9330"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10664","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10664"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10911","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10911"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9310","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9310"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9330","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9330"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9373","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9373"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9374","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9374"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"1.5","scoring_system":"cvssv2","scoring_elements":"AV:L/AC:M/Au:S/C:N/I:N/A:P"},{"value":"3.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1457697","reference_id":"1457697","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1457697"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=863943","reference_id":"863943","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=863943"},{"reference_url":"https://security.gentoo.org/glsa/201706-03","reference_id":"GLSA-201706-03","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201706-03"},{"reference_url":"https://usn.ubuntu.com/3414-1/","reference_id":"USN-3414-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3414-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/78153?format=json","purl":"pkg:ebuild/app-emulation/qemu@2.9.0-r2","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/app-emulation/qemu@2.9.0-r2"}],"aliases":["CVE-2017-9330"],"risk_score":1.4,"exploitability":"0.5","weighted_severity":"2.7","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-w1je-asqn-fbcr"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/50148?format=json","vulnerability_id":"VCID-wpuv-6mdx-j7gm","summary":"Multiple vulnerabilities have been found in QEMU, the worst of\n    which may allow a remote attacker to cause a Denial of Service or gain\n    elevated privileges from a guest VM.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-8379.json","reference_id":"","reference_type":"","scores":[{"value":"3.0","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:A/AC:H/PR:L/UI:N/S:C/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-8379.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-8379","reference_id":"","reference_type":"","scores":[{"value":"0.00076","scoring_system":"epss","scoring_elements":"0.22664","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00076","scoring_system":"epss","scoring_elements":"0.22675","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00076","scoring_system":"epss","scoring_elements":"0.22668","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00143","scoring_system":"epss","scoring_elements":"0.34621","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00143","scoring_system":"epss","scoring_elements":"0.34516","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00143","scoring_system":"epss","scoring_elements":"0.34558","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00143","scoring_system":"epss","scoring_elements":"0.34587","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00143","scoring_system":"epss","scoring_elements":"0.34589","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00143","scoring_system":"epss","scoring_elements":"0.3455","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00143","scoring_system":"epss","scoring_elements":"0.34525","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00143","scoring_system":"epss","scoring_elements":"0.34564","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00143","scoring_system":"epss","scoring_elements":"0.34549","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00143","scoring_system":"epss","scoring_elements":"0.34511","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00143","scoring_system":"epss","scoring_elements":"0.34282","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00143","scoring_system":"epss","scoring_elements":"0.34647","published_at":"2026-04-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-8379"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-8379","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-8379"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"3.5","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:S/C:N/I:N/A:P"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1446547","reference_id":"1446547","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1446547"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=862289","reference_id":"862289","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=862289"},{"reference_url":"https://security.gentoo.org/glsa/201706-03","reference_id":"GLSA-201706-03","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201706-03"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:2408","reference_id":"RHSA-2017:2408","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:2408"},{"reference_url":"https://usn.ubuntu.com/3289-1/","reference_id":"USN-3289-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3289-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/78153?format=json","purl":"pkg:ebuild/app-emulation/qemu@2.9.0-r2","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/app-emulation/qemu@2.9.0-r2"}],"aliases":["CVE-2017-8379"],"risk_score":1.4,"exploitability":"0.5","weighted_severity":"2.7","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-wpuv-6mdx-j7gm"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/50149?format=json","vulnerability_id":"VCID-zpw2-zh1y-ebb3","summary":"Multiple vulnerabilities have been found in QEMU, the worst of\n    which may allow a remote attacker to cause a Denial of Service or gain\n    elevated privileges from a guest VM.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-8380.json","reference_id":"","reference_type":"","scores":[{"value":"4.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:A/AC:H/PR:L/UI:N/S:C/C:L/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-8380.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-8380","reference_id":"","reference_type":"","scores":[{"value":"0.02849","scoring_system":"epss","scoring_elements":"0.86163","published_at":"2026-04-01T12:55:00Z"},{"value":"0.02849","scoring_system":"epss","scoring_elements":"0.86172","published_at":"2026-04-02T12:55:00Z"},{"value":"0.02849","scoring_system":"epss","scoring_elements":"0.86186","published_at":"2026-04-07T12:55:00Z"},{"value":"0.02849","scoring_system":"epss","scoring_elements":"0.86205","published_at":"2026-04-08T12:55:00Z"},{"value":"0.02849","scoring_system":"epss","scoring_elements":"0.86217","published_at":"2026-04-09T12:55:00Z"},{"value":"0.02849","scoring_system":"epss","scoring_elements":"0.86231","published_at":"2026-04-11T12:55:00Z"},{"value":"0.02849","scoring_system":"epss","scoring_elements":"0.86229","published_at":"2026-04-12T12:55:00Z"},{"value":"0.02849","scoring_system":"epss","scoring_elements":"0.86225","published_at":"2026-04-13T12:55:00Z"},{"value":"0.02849","scoring_system":"epss","scoring_elements":"0.86241","published_at":"2026-04-16T12:55:00Z"},{"value":"0.02849","scoring_system":"epss","scoring_elements":"0.86247","published_at":"2026-04-18T12:55:00Z"},{"value":"0.02849","scoring_system":"epss","scoring_elements":"0.86239","published_at":"2026-04-21T12:55:00Z"},{"value":"0.02849","scoring_system":"epss","scoring_elements":"0.8626","published_at":"2026-04-24T12:55:00Z"},{"value":"0.02849","scoring_system":"epss","scoring_elements":"0.8627","published_at":"2026-04-26T12:55:00Z"},{"value":"0.02849","scoring_system":"epss","scoring_elements":"0.86269","published_at":"2026-04-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-8380"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-8380","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-8380"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"1.5","scoring_system":"cvssv2","scoring_elements":"AV:L/AC:M/Au:S/C:N/I:N/A:P"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1446577","reference_id":"1446577","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1446577"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=862282","reference_id":"862282","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=862282"},{"reference_url":"https://security.gentoo.org/glsa/201706-03","reference_id":"GLSA-201706-03","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201706-03"},{"reference_url":"https://usn.ubuntu.com/3414-1/","reference_id":"USN-3414-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3414-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/78153?format=json","purl":"pkg:ebuild/app-emulation/qemu@2.9.0-r2","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/app-emulation/qemu@2.9.0-r2"}],"aliases":["CVE-2017-8380"],"risk_score":2.0,"exploitability":"0.5","weighted_severity":"4.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-zpw2-zh1y-ebb3"}],"risk_score":null,"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/app-emulation/qemu@2.9.0-r2"}