Django REST framework

Lookup for vulnerable packages by Package URL.

Purl pkg:deb/debian/libcdio@2.1.0-2?distro=trixie

Type deb

Namespace debian

Name libcdio

Version 2.1.0-2

Qualifiers

distro	trixie

Subpath

Is_vulnerable false

Next_non_vulnerable_version 2.1.0-4

Latest_non_vulnerable_version 2.2.0-4.1

Affected_by_vulnerabilities

Fixing_vulnerabilities

url VCID-bxx8-76v9-gycg

vulnerability_id VCID-bxx8-76v9-gycg

summary A buffer overflow vulnerability has been discovered in libcdio.

references

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-6613.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-6613.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2007-6613

reference_id

reference_type

scores

value	0.22975
scoring_system	epss
scoring_elements	0.95866
published_at	2026-04-01T12:55:00Z

value	0.22975
scoring_system	epss
scoring_elements	0.95874
published_at	2026-04-02T12:55:00Z

value	0.22975
scoring_system	epss
scoring_elements	0.95882
published_at	2026-04-04T12:55:00Z

value	0.22975
scoring_system	epss
scoring_elements	0.95886
published_at	2026-04-07T12:55:00Z

value	0.22975
scoring_system	epss
scoring_elements	0.95895
published_at	2026-04-08T12:55:00Z

value	0.22975
scoring_system	epss
scoring_elements	0.95898
published_at	2026-04-09T12:55:00Z

value	0.22975
scoring_system	epss
scoring_elements	0.95901
published_at	2026-04-12T12:55:00Z

value	0.22975
scoring_system	epss
scoring_elements	0.95902
published_at	2026-04-13T12:55:00Z

value	0.22975
scoring_system	epss
scoring_elements	0.95914
published_at	2026-04-16T12:55:00Z

value	0.22975
scoring_system	epss
scoring_elements	0.95919
published_at	2026-04-18T12:55:00Z

value	0.22975
scoring_system	epss
scoring_elements	0.95921
published_at	2026-04-29T12:55:00Z

value	0.22975
scoring_system	epss
scoring_elements	0.95922
published_at	2026-04-24T12:55:00Z

value	0.22975
scoring_system	epss
scoring_elements	0.95933
published_at	2026-05-05T12:55:00Z

value	0.22975
scoring_system	epss
scoring_elements	0.95936
published_at	2026-05-07T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2007-6613

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6613
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6613

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=427197
reference_id	427197
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=427197

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=459129
reference_id	459129
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=459129

reference_url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/dos/30985.txt
reference_id	CVE-2007-6613;OSVDB-42742
reference_type	exploit
scores
url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/dos/30985.txt

reference_url	https://www.securityfocus.com/bid/27131/info
reference_id	CVE-2007-6613;OSVDB-42742
reference_type	exploit
scores
url	https://www.securityfocus.com/bid/27131/info

reference_url	https://security.gentoo.org/glsa/200801-08
reference_id	GLSA-200801-08
reference_type
scores
url	https://security.gentoo.org/glsa/200801-08

reference_url	https://usn.ubuntu.com/580-1/
reference_id	USN-580-1
reference_type
scores
url	https://usn.ubuntu.com/580-1/

fixed_packages

url	pkg:deb/debian/libcdio@0.78.2%2Bdfsg1-2?distro=trixie
purl	pkg:deb/debian/libcdio@0.78.2%2Bdfsg1-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libcdio@0.78.2%252Bdfsg1-2%3Fdistro=trixie

url	pkg:deb/debian/libcdio@2.1.0-2?distro=trixie
purl	pkg:deb/debian/libcdio@2.1.0-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libcdio@2.1.0-2%3Fdistro=trixie

url	pkg:deb/debian/libcdio@2.1.0-4?distro=trixie
purl	pkg:deb/debian/libcdio@2.1.0-4?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libcdio@2.1.0-4%3Fdistro=trixie

url pkg:deb/debian/libcdio@2.2.0-4?distro=trixie

purl pkg:deb/debian/libcdio@2.2.0-4?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-faaa-jsq9-jucm

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libcdio@2.2.0-4%3Fdistro=trixie

url	pkg:deb/debian/libcdio@2.2.0-4.1?distro=trixie
purl	pkg:deb/debian/libcdio@2.2.0-4.1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libcdio@2.2.0-4.1%3Fdistro=trixie

aliases CVE-2007-6613

risk_score 0.4

exploitability 2.0

weighted_severity 0.2

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-bxx8-76v9-gycg

url VCID-cgzb-rvv6-77ga

vulnerability_id VCID-cgzb-rvv6-77ga

summary

xine-lib contains several vulnerabilities potentially allowing the
    execution of arbitrary code.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2004-1476

reference_id

reference_type

scores

value	0.02053
scoring_system	epss
scoring_elements	0.83811
published_at	2026-04-01T12:55:00Z

value	0.02053
scoring_system	epss
scoring_elements	0.83824
published_at	2026-04-02T12:55:00Z

value	0.02053
scoring_system	epss
scoring_elements	0.8384
published_at	2026-04-04T12:55:00Z

value	0.02053
scoring_system	epss
scoring_elements	0.83842
published_at	2026-04-07T12:55:00Z

value	0.02053
scoring_system	epss
scoring_elements	0.83865
published_at	2026-04-08T12:55:00Z

value	0.02053
scoring_system	epss
scoring_elements	0.83871
published_at	2026-04-09T12:55:00Z

value	0.02053
scoring_system	epss
scoring_elements	0.83888
published_at	2026-04-11T12:55:00Z

value	0.02053
scoring_system	epss
scoring_elements	0.83881
published_at	2026-04-12T12:55:00Z

value	0.02053
scoring_system	epss
scoring_elements	0.83877
published_at	2026-04-13T12:55:00Z

value	0.02053
scoring_system	epss
scoring_elements	0.8391
published_at	2026-04-21T12:55:00Z

value	0.02053
scoring_system	epss
scoring_elements	0.83936
published_at	2026-04-24T12:55:00Z

value	0.02053
scoring_system	epss
scoring_elements	0.83943
published_at	2026-04-26T12:55:00Z

value	0.02053
scoring_system	epss
scoring_elements	0.83948
published_at	2026-04-29T12:55:00Z

value	0.02053
scoring_system	epss
scoring_elements	0.83971
published_at	2026-05-05T12:55:00Z

value	0.02053
scoring_system	epss
scoring_elements	0.83993
published_at	2026-05-07T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2004-1476

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-1476
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-1476

reference_url	https://security.gentoo.org/glsa/200409-30
reference_id	GLSA-200409-30
reference_type
scores
url	https://security.gentoo.org/glsa/200409-30

fixed_packages

url	pkg:deb/debian/libcdio@0.69?distro=trixie
purl	pkg:deb/debian/libcdio@0.69?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libcdio@0.69%3Fdistro=trixie

url	pkg:deb/debian/libcdio@2.1.0-2?distro=trixie
purl	pkg:deb/debian/libcdio@2.1.0-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libcdio@2.1.0-2%3Fdistro=trixie

url	pkg:deb/debian/libcdio@2.1.0-4?distro=trixie
purl	pkg:deb/debian/libcdio@2.1.0-4?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libcdio@2.1.0-4%3Fdistro=trixie

url pkg:deb/debian/libcdio@2.2.0-4?distro=trixie

purl pkg:deb/debian/libcdio@2.2.0-4?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-faaa-jsq9-jucm

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libcdio@2.2.0-4%3Fdistro=trixie

url	pkg:deb/debian/libcdio@2.2.0-4.1?distro=trixie
purl	pkg:deb/debian/libcdio@2.2.0-4.1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libcdio@2.2.0-4.1%3Fdistro=trixie

aliases CVE-2004-1476

risk_score null

exploitability 0.5

weighted_severity 0.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-cgzb-rvv6-77ga

url VCID-dg5y-yvm7-e7da

vulnerability_id VCID-dg5y-yvm7-e7da

summary libcdio: NULL pointer dereference in realloc_symlink in rock.c

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-18199.json

reference_id

reference_type

scores

value	2.8
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-18199.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2017-18199

reference_id

reference_type

scores

value	0.02406
scoring_system	epss
scoring_elements	0.85005
published_at	2026-04-01T12:55:00Z

value	0.02406
scoring_system	epss
scoring_elements	0.85169
published_at	2026-05-07T12:55:00Z

value	0.02406
scoring_system	epss
scoring_elements	0.8513
published_at	2026-04-29T12:55:00Z

value	0.02406
scoring_system	epss
scoring_elements	0.85144
published_at	2026-05-05T12:55:00Z

value	0.02406
scoring_system	epss
scoring_elements	0.85018
published_at	2026-04-02T12:55:00Z

value	0.02406
scoring_system	epss
scoring_elements	0.85035
published_at	2026-04-04T12:55:00Z

value	0.02406
scoring_system	epss
scoring_elements	0.85039
published_at	2026-04-07T12:55:00Z

value	0.02406
scoring_system	epss
scoring_elements	0.85062
published_at	2026-04-08T12:55:00Z

value	0.02406
scoring_system	epss
scoring_elements	0.85069
published_at	2026-04-09T12:55:00Z

value	0.02406
scoring_system	epss
scoring_elements	0.85085
published_at	2026-04-11T12:55:00Z

value	0.02406
scoring_system	epss
scoring_elements	0.85083
published_at	2026-04-12T12:55:00Z

value	0.02406
scoring_system	epss
scoring_elements	0.85079
published_at	2026-04-13T12:55:00Z

value	0.02406
scoring_system	epss
scoring_elements	0.85101
published_at	2026-04-16T12:55:00Z

value	0.02406
scoring_system	epss
scoring_elements	0.85103
published_at	2026-04-18T12:55:00Z

value	0.02406
scoring_system	epss
scoring_elements	0.851
published_at	2026-04-21T12:55:00Z

value	0.02406
scoring_system	epss
scoring_elements	0.85124
published_at	2026-04-24T12:55:00Z

value	0.02406
scoring_system	epss
scoring_elements	0.85133
published_at	2026-04-26T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2017-18199

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-18199
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-18199

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	3.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1549701
reference_id	1549701
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1549701

reference_url

https://security.archlinux.org/AVG-638

reference_id

AVG-638

reference_type

scores

value	Medium
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-638

reference_url	https://access.redhat.com/errata/RHSA-2018:3246
reference_id	RHSA-2018:3246
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2018:3246

reference_url	https://usn.ubuntu.com/5558-1/
reference_id	USN-5558-1
reference_type
scores
url	https://usn.ubuntu.com/5558-1/

fixed_packages

url	pkg:deb/debian/libcdio@1.0.0-1?distro=trixie
purl	pkg:deb/debian/libcdio@1.0.0-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libcdio@1.0.0-1%3Fdistro=trixie

url	pkg:deb/debian/libcdio@2.1.0-2?distro=trixie
purl	pkg:deb/debian/libcdio@2.1.0-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libcdio@2.1.0-2%3Fdistro=trixie

url	pkg:deb/debian/libcdio@2.1.0-4?distro=trixie
purl	pkg:deb/debian/libcdio@2.1.0-4?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libcdio@2.1.0-4%3Fdistro=trixie

url pkg:deb/debian/libcdio@2.2.0-4?distro=trixie

purl pkg:deb/debian/libcdio@2.2.0-4?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-faaa-jsq9-jucm

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libcdio@2.2.0-4%3Fdistro=trixie

url	pkg:deb/debian/libcdio@2.2.0-4.1?distro=trixie
purl	pkg:deb/debian/libcdio@2.2.0-4.1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libcdio@2.2.0-4.1%3Fdistro=trixie

aliases CVE-2017-18199

risk_score 3.1

exploitability 0.5

weighted_severity 6.2

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-dg5y-yvm7-e7da

url VCID-faaa-jsq9-jucm

vulnerability_id VCID-faaa-jsq9-jucm

summary libcdio: crafted iso image file leads to arbitrary code execution

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-36600.json

reference_id

reference_type

scores

value	7.3
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-36600.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2024-36600

reference_id

reference_type

scores

value	0.00082
scoring_system	epss
scoring_elements	0.2388
published_at	2026-05-07T12:55:00Z

value	0.00082
scoring_system	epss
scoring_elements	0.24259
published_at	2026-04-02T12:55:00Z

value	0.00082
scoring_system	epss
scoring_elements	0.24293
published_at	2026-04-04T12:55:00Z

value	0.00082
scoring_system	epss
scoring_elements	0.24079
published_at	2026-04-07T12:55:00Z

value	0.00082
scoring_system	epss
scoring_elements	0.24145
published_at	2026-04-08T12:55:00Z

value	0.00082
scoring_system	epss
scoring_elements	0.2419
published_at	2026-04-09T12:55:00Z

value	0.00082
scoring_system	epss
scoring_elements	0.24209
published_at	2026-04-11T12:55:00Z

value	0.00082
scoring_system	epss
scoring_elements	0.24166
published_at	2026-04-12T12:55:00Z

value	0.00082
scoring_system	epss
scoring_elements	0.24109
published_at	2026-04-13T12:55:00Z

value	0.00082
scoring_system	epss
scoring_elements	0.24124
published_at	2026-04-16T12:55:00Z

value	0.00082
scoring_system	epss
scoring_elements	0.24112
published_at	2026-04-18T12:55:00Z

value	0.00082
scoring_system	epss
scoring_elements	0.23798
published_at	2026-05-05T12:55:00Z

value	0.00085
scoring_system	epss
scoring_elements	0.24427
published_at	2026-04-29T12:55:00Z

value	0.00085
scoring_system	epss
scoring_elements	0.24537
published_at	2026-04-21T12:55:00Z

value	0.00085
scoring_system	epss
scoring_elements	0.24482
published_at	2026-04-24T12:55:00Z

value	0.00085
scoring_system	epss
scoring_elements	0.24468
published_at	2026-04-26T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2024-36600

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	7.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1129256
reference_id	1129256
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1129256

reference_url

https://bugzilla.redhat.com/show_bug.cgi?id=2292833

reference_id

2292833

reference_type

scores

value	8.4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	Track*
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-06-14T19:58:14Z/

url

https://bugzilla.redhat.com/show_bug.cgi?id=2292833

reference_url

https://github.com/libcdio/libcdio/pull/32

reference_id

reference_type

scores

value	8.4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	Track*
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-06-14T19:58:14Z/

url

https://github.com/libcdio/libcdio/pull/32

reference_url

https://github.com/libcdio/libcdio/pull/46

reference_id

reference_type

scores

value	8.4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	Track*
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-06-14T19:58:14Z/

url

https://github.com/libcdio/libcdio/pull/46

reference_url

https://github.com/gashasbi/My-Reports/tree/main/CVE-2024-36600

reference_id

CVE-2024-36600

reference_type

scores

value	8.4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	Track*
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-06-14T19:58:14Z/

url

https://github.com/gashasbi/My-Reports/tree/main/CVE-2024-36600

reference_url	https://usn.ubuntu.com/6855-1/
reference_id	USN-6855-1
reference_type
scores
url	https://usn.ubuntu.com/6855-1/

fixed_packages

url	pkg:deb/debian/libcdio@0?distro=trixie
purl	pkg:deb/debian/libcdio@0?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libcdio@0%3Fdistro=trixie

url	pkg:deb/debian/libcdio@2.1.0-2?distro=trixie
purl	pkg:deb/debian/libcdio@2.1.0-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libcdio@2.1.0-2%3Fdistro=trixie

url	pkg:deb/debian/libcdio@2.1.0-4?distro=trixie
purl	pkg:deb/debian/libcdio@2.1.0-4?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libcdio@2.1.0-4%3Fdistro=trixie

url	pkg:deb/debian/libcdio@2.2.0-4.1?distro=trixie
purl	pkg:deb/debian/libcdio@2.2.0-4.1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libcdio@2.2.0-4.1%3Fdistro=trixie

aliases CVE-2024-36600

risk_score 3.8

exploitability 0.5

weighted_severity 7.6

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-faaa-jsq9-jucm

url VCID-nrrj-b1g3-s3fx

vulnerability_id VCID-nrrj-b1g3-s3fx

summary libcdio: Double free in get_cdtext_generic() in lib/driver/_cdio_generic.c

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-18201.json

reference_id

reference_type

scores

value	2.8
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-18201.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2017-18201

reference_id

reference_type

scores

value	0.0045
scoring_system	epss
scoring_elements	0.63572
published_at	2026-04-01T12:55:00Z

value	0.0045
scoring_system	epss
scoring_elements	0.63724
published_at	2026-05-07T12:55:00Z

value	0.0045
scoring_system	epss
scoring_elements	0.63712
published_at	2026-04-26T12:55:00Z

value	0.0045
scoring_system	epss
scoring_elements	0.63708
published_at	2026-04-29T12:55:00Z

value	0.0045
scoring_system	epss
scoring_elements	0.63632
published_at	2026-04-02T12:55:00Z

value	0.0045
scoring_system	epss
scoring_elements	0.63658
published_at	2026-04-04T12:55:00Z

value	0.0045
scoring_system	epss
scoring_elements	0.63618
published_at	2026-04-07T12:55:00Z

value	0.0045
scoring_system	epss
scoring_elements	0.63669
published_at	2026-04-08T12:55:00Z

value	0.0045
scoring_system	epss
scoring_elements	0.63686
published_at	2026-04-12T12:55:00Z

value	0.0045
scoring_system	epss
scoring_elements	0.63701
published_at	2026-04-11T12:55:00Z

value	0.0045
scoring_system	epss
scoring_elements	0.63652
published_at	2026-04-13T12:55:00Z

value	0.0045
scoring_system	epss
scoring_elements	0.63688
published_at	2026-04-16T12:55:00Z

value	0.0045
scoring_system	epss
scoring_elements	0.63698
published_at	2026-04-18T12:55:00Z

value	0.0045
scoring_system	epss
scoring_elements	0.63681
published_at	2026-05-05T12:55:00Z

value	0.0045
scoring_system	epss
scoring_elements	0.637
published_at	2026-04-24T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2017-18201

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-18201
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-18201

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1549707
reference_id	1549707
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1549707

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=891638
reference_id	891638
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=891638

reference_url

https://security.archlinux.org/AVG-641

reference_id

AVG-641

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-641

reference_url	https://access.redhat.com/errata/RHSA-2018:3246
reference_id	RHSA-2018:3246
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2018:3246

fixed_packages

url	pkg:deb/debian/libcdio@2.0.0-2?distro=trixie
purl	pkg:deb/debian/libcdio@2.0.0-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libcdio@2.0.0-2%3Fdistro=trixie

url	pkg:deb/debian/libcdio@2.1.0-2?distro=trixie
purl	pkg:deb/debian/libcdio@2.1.0-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libcdio@2.1.0-2%3Fdistro=trixie

url	pkg:deb/debian/libcdio@2.1.0-4?distro=trixie
purl	pkg:deb/debian/libcdio@2.1.0-4?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libcdio@2.1.0-4%3Fdistro=trixie

url pkg:deb/debian/libcdio@2.2.0-4?distro=trixie

purl pkg:deb/debian/libcdio@2.2.0-4?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-faaa-jsq9-jucm

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libcdio@2.2.0-4%3Fdistro=trixie

url	pkg:deb/debian/libcdio@2.2.0-4.1?distro=trixie
purl	pkg:deb/debian/libcdio@2.2.0-4.1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libcdio@2.2.0-4.1%3Fdistro=trixie

aliases CVE-2017-18201

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-nrrj-b1g3-s3fx

url VCID-qhhk-9n8e-h3fv

vulnerability_id VCID-qhhk-9n8e-h3fv

summary libcdio: Heap-based buffer over-read in print_iso9660_recurse function in iso-info.c

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-18198.json

reference_id

reference_type

scores

value	3.9
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-18198.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2017-18198

reference_id

reference_type

scores

value	0.02146
scoring_system	epss
scoring_elements	0.84157
published_at	2026-04-01T12:55:00Z

value	0.02146
scoring_system	epss
scoring_elements	0.84337
published_at	2026-05-07T12:55:00Z

value	0.02146
scoring_system	epss
scoring_elements	0.84293
published_at	2026-04-29T12:55:00Z

value	0.02146
scoring_system	epss
scoring_elements	0.84312
published_at	2026-05-05T12:55:00Z

value	0.02146
scoring_system	epss
scoring_elements	0.84171
published_at	2026-04-02T12:55:00Z

value	0.02146
scoring_system	epss
scoring_elements	0.84189
published_at	2026-04-04T12:55:00Z

value	0.02146
scoring_system	epss
scoring_elements	0.8419
published_at	2026-04-07T12:55:00Z

value	0.02146
scoring_system	epss
scoring_elements	0.84212
published_at	2026-04-08T12:55:00Z

value	0.02146
scoring_system	epss
scoring_elements	0.84218
published_at	2026-04-09T12:55:00Z

value	0.02146
scoring_system	epss
scoring_elements	0.84236
published_at	2026-04-11T12:55:00Z

value	0.02146
scoring_system	epss
scoring_elements	0.8423
published_at	2026-04-12T12:55:00Z

value	0.02146
scoring_system	epss
scoring_elements	0.84226
published_at	2026-04-13T12:55:00Z

value	0.02146
scoring_system	epss
scoring_elements	0.84248
published_at	2026-04-16T12:55:00Z

value	0.02146
scoring_system	epss
scoring_elements	0.84249
published_at	2026-04-18T12:55:00Z

value	0.02146
scoring_system	epss
scoring_elements	0.84254
published_at	2026-04-21T12:55:00Z

value	0.02146
scoring_system	epss
scoring_elements	0.84279
published_at	2026-04-24T12:55:00Z

value	0.02146
scoring_system	epss
scoring_elements	0.84288
published_at	2026-04-26T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2017-18198

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-18198
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-18198

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	3.9
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1549644
reference_id	1549644
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1549644

reference_url

https://security.archlinux.org/AVG-638

reference_id

AVG-638

reference_type

scores

value	Medium
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-638

reference_url	https://access.redhat.com/errata/RHSA-2018:3246
reference_id	RHSA-2018:3246
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2018:3246

reference_url	https://usn.ubuntu.com/5558-1/
reference_id	USN-5558-1
reference_type
scores
url	https://usn.ubuntu.com/5558-1/

fixed_packages

url	pkg:deb/debian/libcdio@1.0.0-1?distro=trixie
purl	pkg:deb/debian/libcdio@1.0.0-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libcdio@1.0.0-1%3Fdistro=trixie

url	pkg:deb/debian/libcdio@2.1.0-2?distro=trixie
purl	pkg:deb/debian/libcdio@2.1.0-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libcdio@2.1.0-2%3Fdistro=trixie

url	pkg:deb/debian/libcdio@2.1.0-4?distro=trixie
purl	pkg:deb/debian/libcdio@2.1.0-4?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libcdio@2.1.0-4%3Fdistro=trixie

url pkg:deb/debian/libcdio@2.2.0-4?distro=trixie

purl pkg:deb/debian/libcdio@2.2.0-4?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-faaa-jsq9-jucm

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libcdio@2.2.0-4%3Fdistro=trixie

url	pkg:deb/debian/libcdio@2.2.0-4.1?distro=trixie
purl	pkg:deb/debian/libcdio@2.2.0-4.1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libcdio@2.2.0-4.1%3Fdistro=trixie

aliases CVE-2017-18198

risk_score 3.1

exploitability 0.5

weighted_severity 6.2

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-qhhk-9n8e-h3fv

Risk_score null

Resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libcdio@2.1.0-2%3Fdistro=trixie

Package Instance