Django REST framework

Lookup for vulnerable packages by Package URL.

Purl pkg:deb/debian/qemu@1:2.8%2Bdfsg-3?distro=trixie

Type deb

Namespace debian

Name qemu

Version 1:2.8+dfsg-3

Qualifiers

distro	trixie

Subpath

Is_vulnerable false

Next_non_vulnerable_version 1:2.8+dfsg-4

Latest_non_vulnerable_version 1:11.0.0+ds-1

Affected_by_vulnerabilities

Fixing_vulnerabilities

url VCID-265c-bbfk-skf3

vulnerability_id VCID-265c-bbfk-skf3

summary

Multiple vulnerabilities have been found in QEMU, the worst of
    which could lead to the execution of arbitrary code on the host system.

references

reference_url	http://git.qemu-project.org/?p=qemu.git%3Ba=commit%3Bh=c7dfbf322595ded4e70b626bf83158a9f3807c6a
reference_id
reference_type
scores
url	http://git.qemu-project.org/?p=qemu.git%3Ba=commit%3Bh=c7dfbf322595ded4e70b626bf83158a9f3807c6a

reference_url	http://lists.opensuse.org/opensuse-security-announce/2017-02/msg00045.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2017-02/msg00045.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2017-02/msg00048.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2017-02/msg00048.html

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5898.json

reference_id

reference_type

scores

value	4.0
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:A/AC:H/PR:H/UI:N/S:C/C:N/I:L/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5898.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2017-5898

reference_id

reference_type

scores

value	0.00094
scoring_system	epss
scoring_elements	0.263
published_at	2026-04-01T12:55:00Z

value	0.00094
scoring_system	epss
scoring_elements	0.26
published_at	2026-04-29T12:55:00Z

value	0.00094
scoring_system	epss
scoring_elements	0.26113
published_at	2026-04-21T12:55:00Z

value	0.00094
scoring_system	epss
scoring_elements	0.26053
published_at	2026-04-24T12:55:00Z

value	0.00094
scoring_system	epss
scoring_elements	0.26049
published_at	2026-04-26T12:55:00Z

value	0.00094
scoring_system	epss
scoring_elements	0.26341
published_at	2026-04-02T12:55:00Z

value	0.00094
scoring_system	epss
scoring_elements	0.26381
published_at	2026-04-04T12:55:00Z

value	0.00094
scoring_system	epss
scoring_elements	0.26154
published_at	2026-04-07T12:55:00Z

value	0.00094
scoring_system	epss
scoring_elements	0.26222
published_at	2026-04-08T12:55:00Z

value	0.00094
scoring_system	epss
scoring_elements	0.2627
published_at	2026-04-09T12:55:00Z

value	0.00094
scoring_system	epss
scoring_elements	0.26276
published_at	2026-04-11T12:55:00Z

value	0.00094
scoring_system	epss
scoring_elements	0.26231
published_at	2026-04-12T12:55:00Z

value	0.00094
scoring_system	epss
scoring_elements	0.26172
published_at	2026-04-13T12:55:00Z

value	0.00094
scoring_system	epss
scoring_elements	0.26176
published_at	2026-04-16T12:55:00Z

value	0.00094
scoring_system	epss
scoring_elements	0.26151
published_at	2026-04-18T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2017-5898

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5898
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5898

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	3.8
scoring_system	cvssv2
scoring_elements	AV:A/AC:M/Au:S/C:N/I:P/A:P

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	http://www.openwall.com/lists/oss-security/2017/02/07/3
reference_id
reference_type
scores
url	http://www.openwall.com/lists/oss-security/2017/02/07/3

reference_url	http://www.securityfocus.com/bid/96112
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/96112

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1419699
reference_id	1419699
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1419699

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=854729
reference_id	854729
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=854729

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:qemu:qemu::::::::
reference_id	cpe:2.3:a:qemu:qemu::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:qemu:qemu::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise_desktop:12:sp1::::::
reference_id	cpe:2.3:o:suse:linux_enterprise_desktop:12:sp1::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise_desktop:12:sp1::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise_server:12:ltss::::::
reference_id	cpe:2.3:o:suse:linux_enterprise_server:12:ltss::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise_server:12:ltss::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise_server:12:sp1::::::
reference_id	cpe:2.3:o:suse:linux_enterprise_server:12:sp1::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise_server:12:sp1::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise_server_for_sap:12:::::::*
reference_id	cpe:2.3:o:suse:linux_enterprise_server_for_sap:12:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise_server_for_sap:12:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise_software_development_kit:12:sp1::::::
reference_id	cpe:2.3:o:suse:linux_enterprise_software_development_kit:12:sp1::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise_software_development_kit:12:sp1::::::

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2017-5898

reference_id

CVE-2017-5898

reference_type

scores

value	2.1
scoring_system	cvssv2
scoring_elements	AV:L/AC:L/Au:N/C:N/I:N/A:P

value	5.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

url

https://nvd.nist.gov/vuln/detail/CVE-2017-5898

reference_url	https://security.gentoo.org/glsa/201702-28
reference_id	GLSA-201702-28
reference_type
scores
url	https://security.gentoo.org/glsa/201702-28

reference_url	https://access.redhat.com/errata/RHSA-2017:1856
reference_id	RHSA-2017:1856
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2017:1856

reference_url	https://access.redhat.com/errata/RHSA-2017:2392
reference_id	RHSA-2017:2392
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2017:2392

reference_url	https://usn.ubuntu.com/3261-1/
reference_id	USN-3261-1
reference_type
scores
url	https://usn.ubuntu.com/3261-1/

fixed_packages

url	pkg:deb/debian/qemu@1:2.8%2Bdfsg-3?distro=trixie
purl	pkg:deb/debian/qemu@1:2.8%2Bdfsg-3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:2.8%252Bdfsg-3%3Fdistro=trixie

url pkg:deb/debian/qemu@1:5.2%2Bdfsg-11%2Bdeb11u3?distro=trixie

purl pkg:deb/debian/qemu@1:5.2%2Bdfsg-11%2Bdeb11u3?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-3kyg-9mf3-kfft

vulnerability	VCID-46gg-8h8g-2kf5

vulnerability	VCID-4mt9-kf9m-2fbz

vulnerability	VCID-6qnt-yaa3-p3bb

vulnerability	VCID-cenj-mz55-jbg6

vulnerability	VCID-d2ve-dnmj-4bbz

vulnerability	VCID-ej5p-r4az-6ud2

vulnerability	VCID-ewb7-nrtu-g7ex

vulnerability	VCID-gc6n-kgsc-f3b6

vulnerability	VCID-m47q-17n6-t7gg

vulnerability	VCID-mtj9-1cns-yybw

vulnerability	VCID-n71j-fz74-kyhf

vulnerability	VCID-p2dz-mtns-5bb4

vulnerability	VCID-ptty-88p4-ybe9

vulnerability	VCID-pxjg-chmx-nkdc

vulnerability	VCID-qh2s-apkz-sbaz

vulnerability	VCID-t58m-9jqp-43c9

vulnerability	VCID-t5gq-4bhn-gkej

vulnerability	VCID-uzxc-npak-yyc4

vulnerability	VCID-w7gc-1eh2-3ufu

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:5.2%252Bdfsg-11%252Bdeb11u3%3Fdistro=trixie

url pkg:deb/debian/qemu@1:7.2%2Bdfsg-7%2Bdeb12u18?distro=trixie

purl pkg:deb/debian/qemu@1:7.2%2Bdfsg-7%2Bdeb12u18?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-46gg-8h8g-2kf5

vulnerability	VCID-4mt9-kf9m-2fbz

vulnerability	VCID-hkf8-96k7-kuc9

vulnerability	VCID-m47q-17n6-t7gg

vulnerability	VCID-n71j-fz74-kyhf

vulnerability	VCID-t58m-9jqp-43c9

vulnerability	VCID-uzxc-npak-yyc4

vulnerability	VCID-vcun-y6d5-6uby

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:7.2%252Bdfsg-7%252Bdeb12u18%3Fdistro=trixie

url pkg:deb/debian/qemu@1:10.0.8%2Bds-0%2Bdeb13u1?distro=trixie

purl pkg:deb/debian/qemu@1:10.0.8%2Bds-0%2Bdeb13u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1j9f-u62h-rug2

vulnerability	VCID-46gg-8h8g-2kf5

vulnerability	VCID-4mt9-kf9m-2fbz

vulnerability	VCID-9szt-c829-zfdh

vulnerability	VCID-detn-3zsq-3qh7

vulnerability	VCID-m47q-17n6-t7gg

vulnerability	VCID-n71j-fz74-kyhf

vulnerability	VCID-n9n4-prkb-f3c6

vulnerability	VCID-vcun-y6d5-6uby

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:10.0.8%252Bds-0%252Bdeb13u1%3Fdistro=trixie

url pkg:deb/debian/qemu@1:10.2.1%2Bds-1?distro=trixie

purl pkg:deb/debian/qemu@1:10.2.1%2Bds-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-9szt-c829-zfdh

vulnerability	VCID-detn-3zsq-3qh7

vulnerability	VCID-m47q-17n6-t7gg

vulnerability	VCID-vcun-y6d5-6uby

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:10.2.1%252Bds-1%3Fdistro=trixie

url pkg:deb/debian/qemu@1:10.2.2%2Bds-1?distro=trixie

purl pkg:deb/debian/qemu@1:10.2.2%2Bds-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1j9f-u62h-rug2

vulnerability	VCID-46gg-8h8g-2kf5

vulnerability	VCID-4mt9-kf9m-2fbz

vulnerability	VCID-n9n4-prkb-f3c6

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:10.2.2%252Bds-1%3Fdistro=trixie

url	pkg:deb/debian/qemu@1:11.0.0%2Bds-1?distro=trixie
purl	pkg:deb/debian/qemu@1:11.0.0%2Bds-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:11.0.0%252Bds-1%3Fdistro=trixie

aliases CVE-2017-5898

risk_score 2.5

exploitability 0.5

weighted_severity 5.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-265c-bbfk-skf3

url VCID-5t1j-7uf3-gyde

vulnerability_id VCID-5t1j-7uf3-gyde

summary

Multiple vulnerabilities have been found in QEMU, the worst of
    which could the worst of which could lead to arbitrary code execution, or
    cause a Denial of Service condition.

references

reference_url	http://git.qemu-project.org/?p=qemu.git%3Ba=commit%3Bh=df8bf7a7fe75eb5d5caffa55f5cd4292b757aea6
reference_id
reference_type
scores
url	http://git.qemu-project.org/?p=qemu.git%3Ba=commit%3Bh=df8bf7a7fe75eb5d5caffa55f5cd4292b757aea6

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-6058.json

reference_id

reference_type

scores

value	5.4
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-6058.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2017-6058

reference_id

reference_type

scores

value	0.03408
scoring_system	epss
scoring_elements	0.87379
published_at	2026-04-01T12:55:00Z

value	0.03408
scoring_system	epss
scoring_elements	0.87469
published_at	2026-04-29T12:55:00Z

value	0.03408
scoring_system	epss
scoring_elements	0.87446
published_at	2026-04-21T12:55:00Z

value	0.03408
scoring_system	epss
scoring_elements	0.87462
published_at	2026-04-24T12:55:00Z

value	0.03408
scoring_system	epss
scoring_elements	0.87389
published_at	2026-04-02T12:55:00Z

value	0.03408
scoring_system	epss
scoring_elements	0.87404
published_at	2026-04-04T12:55:00Z

value	0.03408
scoring_system	epss
scoring_elements	0.87403
published_at	2026-04-07T12:55:00Z

value	0.03408
scoring_system	epss
scoring_elements	0.87422
published_at	2026-04-08T12:55:00Z

value	0.03408
scoring_system	epss
scoring_elements	0.87429
published_at	2026-04-09T12:55:00Z

value	0.03408
scoring_system	epss
scoring_elements	0.87441
published_at	2026-04-11T12:55:00Z

value	0.03408
scoring_system	epss
scoring_elements	0.87436
published_at	2026-04-12T12:55:00Z

value	0.03408
scoring_system	epss
scoring_elements	0.87432
published_at	2026-04-13T12:55:00Z

value	0.03408
scoring_system	epss
scoring_elements	0.87447
published_at	2026-04-16T12:55:00Z

value	0.03408
scoring_system	epss
scoring_elements	0.87449
published_at	2026-04-18T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2017-6058

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6058
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6058

reference_url	https://lists.nongnu.org/archive/html/qemu-devel/2017-02/msg03527.html
reference_id
reference_type
scores
url	https://lists.nongnu.org/archive/html/qemu-devel/2017-02/msg03527.html

reference_url	http://www.openwall.com/lists/oss-security/2017/02/17/2
reference_id
reference_type
scores
url	http://www.openwall.com/lists/oss-security/2017/02/17/2

reference_url	http://www.securityfocus.com/bid/96277
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/96277

reference_url	http://www.securitytracker.com/id/1037856
reference_id
reference_type
scores
url	http://www.securitytracker.com/id/1037856

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1423358
reference_id	1423358
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1423358

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=855616
reference_id	855616
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=855616

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:qemu:qemu::::::::
reference_id	cpe:2.3:a:qemu:qemu::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:qemu:qemu::::::::

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2017-6058

reference_id

CVE-2017-6058

reference_type

scores

value	5.0
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:N/I:N/A:P

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://nvd.nist.gov/vuln/detail/CVE-2017-6058

reference_url	https://security.gentoo.org/glsa/201704-01
reference_id	GLSA-201704-01
reference_type
scores
url	https://security.gentoo.org/glsa/201704-01

fixed_packages

url	pkg:deb/debian/qemu@1:2.8%2Bdfsg-3?distro=trixie
purl	pkg:deb/debian/qemu@1:2.8%2Bdfsg-3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:2.8%252Bdfsg-3%3Fdistro=trixie

url pkg:deb/debian/qemu@1:5.2%2Bdfsg-11%2Bdeb11u3?distro=trixie

purl pkg:deb/debian/qemu@1:5.2%2Bdfsg-11%2Bdeb11u3?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-3kyg-9mf3-kfft

vulnerability	VCID-46gg-8h8g-2kf5

vulnerability	VCID-4mt9-kf9m-2fbz

vulnerability	VCID-6qnt-yaa3-p3bb

vulnerability	VCID-cenj-mz55-jbg6

vulnerability	VCID-d2ve-dnmj-4bbz

vulnerability	VCID-ej5p-r4az-6ud2

vulnerability	VCID-ewb7-nrtu-g7ex

vulnerability	VCID-gc6n-kgsc-f3b6

vulnerability	VCID-m47q-17n6-t7gg

vulnerability	VCID-mtj9-1cns-yybw

vulnerability	VCID-n71j-fz74-kyhf

vulnerability	VCID-p2dz-mtns-5bb4

vulnerability	VCID-ptty-88p4-ybe9

vulnerability	VCID-pxjg-chmx-nkdc

vulnerability	VCID-qh2s-apkz-sbaz

vulnerability	VCID-t58m-9jqp-43c9

vulnerability	VCID-t5gq-4bhn-gkej

vulnerability	VCID-uzxc-npak-yyc4

vulnerability	VCID-w7gc-1eh2-3ufu

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:5.2%252Bdfsg-11%252Bdeb11u3%3Fdistro=trixie

url pkg:deb/debian/qemu@1:7.2%2Bdfsg-7%2Bdeb12u18?distro=trixie

purl pkg:deb/debian/qemu@1:7.2%2Bdfsg-7%2Bdeb12u18?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-46gg-8h8g-2kf5

vulnerability	VCID-4mt9-kf9m-2fbz

vulnerability	VCID-hkf8-96k7-kuc9

vulnerability	VCID-m47q-17n6-t7gg

vulnerability	VCID-n71j-fz74-kyhf

vulnerability	VCID-t58m-9jqp-43c9

vulnerability	VCID-uzxc-npak-yyc4

vulnerability	VCID-vcun-y6d5-6uby

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:7.2%252Bdfsg-7%252Bdeb12u18%3Fdistro=trixie

url pkg:deb/debian/qemu@1:10.0.8%2Bds-0%2Bdeb13u1?distro=trixie

purl pkg:deb/debian/qemu@1:10.0.8%2Bds-0%2Bdeb13u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1j9f-u62h-rug2

vulnerability	VCID-46gg-8h8g-2kf5

vulnerability	VCID-4mt9-kf9m-2fbz

vulnerability	VCID-9szt-c829-zfdh

vulnerability	VCID-detn-3zsq-3qh7

vulnerability	VCID-m47q-17n6-t7gg

vulnerability	VCID-n71j-fz74-kyhf

vulnerability	VCID-n9n4-prkb-f3c6

vulnerability	VCID-vcun-y6d5-6uby

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:10.0.8%252Bds-0%252Bdeb13u1%3Fdistro=trixie

url pkg:deb/debian/qemu@1:10.2.1%2Bds-1?distro=trixie

purl pkg:deb/debian/qemu@1:10.2.1%2Bds-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-9szt-c829-zfdh

vulnerability	VCID-detn-3zsq-3qh7

vulnerability	VCID-m47q-17n6-t7gg

vulnerability	VCID-vcun-y6d5-6uby

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:10.2.1%252Bds-1%3Fdistro=trixie

url pkg:deb/debian/qemu@1:10.2.2%2Bds-1?distro=trixie

purl pkg:deb/debian/qemu@1:10.2.2%2Bds-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1j9f-u62h-rug2

vulnerability	VCID-46gg-8h8g-2kf5

vulnerability	VCID-4mt9-kf9m-2fbz

vulnerability	VCID-n9n4-prkb-f3c6

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:10.2.2%252Bds-1%3Fdistro=trixie

url	pkg:deb/debian/qemu@1:11.0.0%2Bds-1?distro=trixie
purl	pkg:deb/debian/qemu@1:11.0.0%2Bds-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:11.0.0%252Bds-1%3Fdistro=trixie

aliases CVE-2017-6058

risk_score 3.4

exploitability 0.5

weighted_severity 6.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-5t1j-7uf3-gyde

url VCID-7q7c-4788-j3a5

vulnerability_id VCID-7q7c-4788-j3a5

summary

Multiple vulnerabilities have been found in QEMU, the worst of
    which could lead to the execution of arbitrary code on the host system.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5579.json

reference_id

reference_type

scores

value	4.1
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:A/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5579.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2017-5579

reference_id

reference_type

scores

value	0.0007
scoring_system	epss
scoring_elements	0.2122
published_at	2026-04-29T12:55:00Z

value	0.0007
scoring_system	epss
scoring_elements	0.21243
published_at	2026-04-24T12:55:00Z

value	0.0007
scoring_system	epss
scoring_elements	0.21241
published_at	2026-04-26T12:55:00Z

value	0.00137
scoring_system	epss
scoring_elements	0.3354
published_at	2026-04-02T12:55:00Z

value	0.00137
scoring_system	epss
scoring_elements	0.33413
published_at	2026-04-07T12:55:00Z

value	0.00137
scoring_system	epss
scoring_elements	0.33456
published_at	2026-04-08T12:55:00Z

value	0.00137
scoring_system	epss
scoring_elements	0.3349
published_at	2026-04-09T12:55:00Z

value	0.00137
scoring_system	epss
scoring_elements	0.33494
published_at	2026-04-11T12:55:00Z

value	0.00137
scoring_system	epss
scoring_elements	0.33453
published_at	2026-04-12T12:55:00Z

value	0.00137
scoring_system	epss
scoring_elements	0.33429
published_at	2026-04-13T12:55:00Z

value	0.00137
scoring_system	epss
scoring_elements	0.33465
published_at	2026-04-16T12:55:00Z

value	0.00137
scoring_system	epss
scoring_elements	0.3344
published_at	2026-04-18T12:55:00Z

value	0.00137
scoring_system	epss
scoring_elements	0.33409
published_at	2026-04-21T12:55:00Z

value	0.00137
scoring_system	epss
scoring_elements	0.33401
published_at	2026-04-01T12:55:00Z

value	0.00137
scoring_system	epss
scoring_elements	0.33573
published_at	2026-04-04T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2017-5579

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5579
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5579

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	2.3
scoring_system	cvssv2
scoring_elements	AV:A/AC:M/Au:S/C:N/I:N/A:P

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1416157
reference_id	1416157
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1416157

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=853002
reference_id	853002
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=853002

reference_url	https://security.gentoo.org/glsa/201702-28
reference_id	GLSA-201702-28
reference_type
scores
url	https://security.gentoo.org/glsa/201702-28

reference_url	https://access.redhat.com/errata/RHSA-2017:2392
reference_id	RHSA-2017:2392
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2017:2392

reference_url	https://access.redhat.com/errata/RHSA-2017:2408
reference_id	RHSA-2017:2408
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2017:2408

reference_url	https://usn.ubuntu.com/3261-1/
reference_id	USN-3261-1
reference_type
scores
url	https://usn.ubuntu.com/3261-1/

fixed_packages

url	pkg:deb/debian/qemu@1:2.8%2Bdfsg-3?distro=trixie
purl	pkg:deb/debian/qemu@1:2.8%2Bdfsg-3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:2.8%252Bdfsg-3%3Fdistro=trixie

url pkg:deb/debian/qemu@1:5.2%2Bdfsg-11%2Bdeb11u3?distro=trixie

purl pkg:deb/debian/qemu@1:5.2%2Bdfsg-11%2Bdeb11u3?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-3kyg-9mf3-kfft

vulnerability	VCID-46gg-8h8g-2kf5

vulnerability	VCID-4mt9-kf9m-2fbz

vulnerability	VCID-6qnt-yaa3-p3bb

vulnerability	VCID-cenj-mz55-jbg6

vulnerability	VCID-d2ve-dnmj-4bbz

vulnerability	VCID-ej5p-r4az-6ud2

vulnerability	VCID-ewb7-nrtu-g7ex

vulnerability	VCID-gc6n-kgsc-f3b6

vulnerability	VCID-m47q-17n6-t7gg

vulnerability	VCID-mtj9-1cns-yybw

vulnerability	VCID-n71j-fz74-kyhf

vulnerability	VCID-p2dz-mtns-5bb4

vulnerability	VCID-ptty-88p4-ybe9

vulnerability	VCID-pxjg-chmx-nkdc

vulnerability	VCID-qh2s-apkz-sbaz

vulnerability	VCID-t58m-9jqp-43c9

vulnerability	VCID-t5gq-4bhn-gkej

vulnerability	VCID-uzxc-npak-yyc4

vulnerability	VCID-w7gc-1eh2-3ufu

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:5.2%252Bdfsg-11%252Bdeb11u3%3Fdistro=trixie

url pkg:deb/debian/qemu@1:7.2%2Bdfsg-7%2Bdeb12u18?distro=trixie

purl pkg:deb/debian/qemu@1:7.2%2Bdfsg-7%2Bdeb12u18?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-46gg-8h8g-2kf5

vulnerability	VCID-4mt9-kf9m-2fbz

vulnerability	VCID-hkf8-96k7-kuc9

vulnerability	VCID-m47q-17n6-t7gg

vulnerability	VCID-n71j-fz74-kyhf

vulnerability	VCID-t58m-9jqp-43c9

vulnerability	VCID-uzxc-npak-yyc4

vulnerability	VCID-vcun-y6d5-6uby

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:7.2%252Bdfsg-7%252Bdeb12u18%3Fdistro=trixie

url pkg:deb/debian/qemu@1:10.0.8%2Bds-0%2Bdeb13u1?distro=trixie

purl pkg:deb/debian/qemu@1:10.0.8%2Bds-0%2Bdeb13u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1j9f-u62h-rug2

vulnerability	VCID-46gg-8h8g-2kf5

vulnerability	VCID-4mt9-kf9m-2fbz

vulnerability	VCID-9szt-c829-zfdh

vulnerability	VCID-detn-3zsq-3qh7

vulnerability	VCID-m47q-17n6-t7gg

vulnerability	VCID-n71j-fz74-kyhf

vulnerability	VCID-n9n4-prkb-f3c6

vulnerability	VCID-vcun-y6d5-6uby

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:10.0.8%252Bds-0%252Bdeb13u1%3Fdistro=trixie

url pkg:deb/debian/qemu@1:10.2.1%2Bds-1?distro=trixie

purl pkg:deb/debian/qemu@1:10.2.1%2Bds-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-9szt-c829-zfdh

vulnerability	VCID-detn-3zsq-3qh7

vulnerability	VCID-m47q-17n6-t7gg

vulnerability	VCID-vcun-y6d5-6uby

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:10.2.1%252Bds-1%3Fdistro=trixie

url pkg:deb/debian/qemu@1:10.2.2%2Bds-1?distro=trixie

purl pkg:deb/debian/qemu@1:10.2.2%2Bds-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1j9f-u62h-rug2

vulnerability	VCID-46gg-8h8g-2kf5

vulnerability	VCID-4mt9-kf9m-2fbz

vulnerability	VCID-n9n4-prkb-f3c6

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:10.2.2%252Bds-1%3Fdistro=trixie

url	pkg:deb/debian/qemu@1:11.0.0%2Bds-1?distro=trixie
purl	pkg:deb/debian/qemu@1:11.0.0%2Bds-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:11.0.0%252Bds-1%3Fdistro=trixie

aliases CVE-2017-5579

risk_score 1.9

exploitability 0.5

weighted_severity 3.7

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-7q7c-4788-j3a5

url VCID-88ef-174t-tbdr

vulnerability_id VCID-88ef-174t-tbdr

summary

Multiple vulnerabilities have been found in QEMU, the worst of
    which could lead to the execution of arbitrary code on the host system.

references

reference_url	http://git.qemu-project.org/?p=qemu.git%3Ba=commitdiff%3Bh=42922105beb14c2fc58185ea022b9f72fb5465e9
reference_id
reference_type
scores
url	http://git.qemu-project.org/?p=qemu.git%3Ba=commitdiff%3Bh=42922105beb14c2fc58185ea022b9f72fb5465e9

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5667.json

reference_id

reference_type

scores

value	5.4
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:A/AC:L/PR:L/UI:N/S:C/C:N/I:L/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5667.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2017-5667

reference_id

reference_type

scores

value	0.00223
scoring_system	epss
scoring_elements	0.44846
published_at	2026-04-01T12:55:00Z

value	0.00223
scoring_system	epss
scoring_elements	0.44792
published_at	2026-04-29T12:55:00Z

value	0.00223
scoring_system	epss
scoring_elements	0.44932
published_at	2026-04-21T12:55:00Z

value	0.00223
scoring_system	epss
scoring_elements	0.44841
published_at	2026-04-24T12:55:00Z

value	0.00223
scoring_system	epss
scoring_elements	0.44849
published_at	2026-04-26T12:55:00Z

value	0.00223
scoring_system	epss
scoring_elements	0.44929
published_at	2026-04-02T12:55:00Z

value	0.00223
scoring_system	epss
scoring_elements	0.44949
published_at	2026-04-04T12:55:00Z

value	0.00223
scoring_system	epss
scoring_elements	0.44892
published_at	2026-04-07T12:55:00Z

value	0.00223
scoring_system	epss
scoring_elements	0.44943
published_at	2026-04-08T12:55:00Z

value	0.00223
scoring_system	epss
scoring_elements	0.44945
published_at	2026-04-09T12:55:00Z

value	0.00223
scoring_system	epss
scoring_elements	0.44966
published_at	2026-04-11T12:55:00Z

value	0.00223
scoring_system	epss
scoring_elements	0.44934
published_at	2026-04-12T12:55:00Z

value	0.00223
scoring_system	epss
scoring_elements	0.44937
published_at	2026-04-13T12:55:00Z

value	0.00223
scoring_system	epss
scoring_elements	0.44988
published_at	2026-04-16T12:55:00Z

value	0.00223
scoring_system	epss
scoring_elements	0.44982
published_at	2026-04-18T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2017-5667

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5667
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5667

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	4.9
scoring_system	cvssv2
scoring_elements	AV:A/AC:M/Au:S/C:P/I:P/A:P

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://lists.debian.org/debian-lts-announce/2018/09/msg00007.html
reference_id
reference_type
scores
url	https://lists.debian.org/debian-lts-announce/2018/09/msg00007.html

reference_url	http://www.openwall.com/lists/oss-security/2017/01/30/2
reference_id
reference_type
scores
url	http://www.openwall.com/lists/oss-security/2017/01/30/2

reference_url	http://www.openwall.com/lists/oss-security/2017/01/31/10
reference_id
reference_type
scores
url	http://www.openwall.com/lists/oss-security/2017/01/31/10

reference_url	http://www.openwall.com/lists/oss-security/2017/02/12/1
reference_id
reference_type
scores
url	http://www.openwall.com/lists/oss-security/2017/02/12/1

reference_url	http://www.securityfocus.com/bid/95885
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/95885

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1417559
reference_id	1417559
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1417559

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=853996
reference_id	853996
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=853996

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:qemu:qemu::::::::
reference_id	cpe:2.3:a:qemu:qemu::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:qemu:qemu::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2017-5667

reference_id

CVE-2017-5667

reference_type

scores

value	2.1
scoring_system	cvssv2
scoring_elements	AV:L/AC:L/Au:N/C:N/I:N/A:P

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H

url

https://nvd.nist.gov/vuln/detail/CVE-2017-5667

reference_url	https://security.gentoo.org/glsa/201702-28
reference_id	GLSA-201702-28
reference_type
scores
url	https://security.gentoo.org/glsa/201702-28

reference_url	https://usn.ubuntu.com/3261-1/
reference_id	USN-3261-1
reference_type
scores
url	https://usn.ubuntu.com/3261-1/

fixed_packages

url	pkg:deb/debian/qemu@1:2.8%2Bdfsg-3?distro=trixie
purl	pkg:deb/debian/qemu@1:2.8%2Bdfsg-3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:2.8%252Bdfsg-3%3Fdistro=trixie

url pkg:deb/debian/qemu@1:5.2%2Bdfsg-11%2Bdeb11u3?distro=trixie

purl pkg:deb/debian/qemu@1:5.2%2Bdfsg-11%2Bdeb11u3?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-3kyg-9mf3-kfft

vulnerability	VCID-46gg-8h8g-2kf5

vulnerability	VCID-4mt9-kf9m-2fbz

vulnerability	VCID-6qnt-yaa3-p3bb

vulnerability	VCID-cenj-mz55-jbg6

vulnerability	VCID-d2ve-dnmj-4bbz

vulnerability	VCID-ej5p-r4az-6ud2

vulnerability	VCID-ewb7-nrtu-g7ex

vulnerability	VCID-gc6n-kgsc-f3b6

vulnerability	VCID-m47q-17n6-t7gg

vulnerability	VCID-mtj9-1cns-yybw

vulnerability	VCID-n71j-fz74-kyhf

vulnerability	VCID-p2dz-mtns-5bb4

vulnerability	VCID-ptty-88p4-ybe9

vulnerability	VCID-pxjg-chmx-nkdc

vulnerability	VCID-qh2s-apkz-sbaz

vulnerability	VCID-t58m-9jqp-43c9

vulnerability	VCID-t5gq-4bhn-gkej

vulnerability	VCID-uzxc-npak-yyc4

vulnerability	VCID-w7gc-1eh2-3ufu

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:5.2%252Bdfsg-11%252Bdeb11u3%3Fdistro=trixie

url pkg:deb/debian/qemu@1:7.2%2Bdfsg-7%2Bdeb12u18?distro=trixie

purl pkg:deb/debian/qemu@1:7.2%2Bdfsg-7%2Bdeb12u18?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-46gg-8h8g-2kf5

vulnerability	VCID-4mt9-kf9m-2fbz

vulnerability	VCID-hkf8-96k7-kuc9

vulnerability	VCID-m47q-17n6-t7gg

vulnerability	VCID-n71j-fz74-kyhf

vulnerability	VCID-t58m-9jqp-43c9

vulnerability	VCID-uzxc-npak-yyc4

vulnerability	VCID-vcun-y6d5-6uby

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:7.2%252Bdfsg-7%252Bdeb12u18%3Fdistro=trixie

url pkg:deb/debian/qemu@1:10.0.8%2Bds-0%2Bdeb13u1?distro=trixie

purl pkg:deb/debian/qemu@1:10.0.8%2Bds-0%2Bdeb13u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1j9f-u62h-rug2

vulnerability	VCID-46gg-8h8g-2kf5

vulnerability	VCID-4mt9-kf9m-2fbz

vulnerability	VCID-9szt-c829-zfdh

vulnerability	VCID-detn-3zsq-3qh7

vulnerability	VCID-m47q-17n6-t7gg

vulnerability	VCID-n71j-fz74-kyhf

vulnerability	VCID-n9n4-prkb-f3c6

vulnerability	VCID-vcun-y6d5-6uby

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:10.0.8%252Bds-0%252Bdeb13u1%3Fdistro=trixie

url pkg:deb/debian/qemu@1:10.2.1%2Bds-1?distro=trixie

purl pkg:deb/debian/qemu@1:10.2.1%2Bds-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-9szt-c829-zfdh

vulnerability	VCID-detn-3zsq-3qh7

vulnerability	VCID-m47q-17n6-t7gg

vulnerability	VCID-vcun-y6d5-6uby

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:10.2.1%252Bds-1%3Fdistro=trixie

url pkg:deb/debian/qemu@1:10.2.2%2Bds-1?distro=trixie

purl pkg:deb/debian/qemu@1:10.2.2%2Bds-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1j9f-u62h-rug2

vulnerability	VCID-46gg-8h8g-2kf5

vulnerability	VCID-4mt9-kf9m-2fbz

vulnerability	VCID-n9n4-prkb-f3c6

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:10.2.2%252Bds-1%3Fdistro=trixie

url	pkg:deb/debian/qemu@1:11.0.0%2Bds-1?distro=trixie
purl	pkg:deb/debian/qemu@1:11.0.0%2Bds-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:11.0.0%252Bds-1%3Fdistro=trixie

aliases CVE-2017-5667

risk_score 3.0

exploitability 0.5

weighted_severity 5.9

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-88ef-174t-tbdr

url VCID-aeh3-vzax-jqfh

vulnerability_id VCID-aeh3-vzax-jqfh

summary cirrus_bitblt_cputovideo does not check if memory region is safe

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-2620.json

reference_id

reference_type

scores

value	5.5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:A/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-2620.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2017-2620

reference_id

reference_type

scores

value	0.0241
scoring_system	epss
scoring_elements	0.85019
published_at	2026-04-01T12:55:00Z

value	0.0241
scoring_system	epss
scoring_elements	0.85031
published_at	2026-04-02T12:55:00Z

value	0.0241
scoring_system	epss
scoring_elements	0.85048
published_at	2026-04-04T12:55:00Z

value	0.0241
scoring_system	epss
scoring_elements	0.85053
published_at	2026-04-07T12:55:00Z

value	0.0241
scoring_system	epss
scoring_elements	0.85075
published_at	2026-04-08T12:55:00Z

value	0.0241
scoring_system	epss
scoring_elements	0.85082
published_at	2026-04-09T12:55:00Z

value	0.0241
scoring_system	epss
scoring_elements	0.85099
published_at	2026-04-11T12:55:00Z

value	0.0241
scoring_system	epss
scoring_elements	0.85097
published_at	2026-04-12T12:55:00Z

value	0.0241
scoring_system	epss
scoring_elements	0.85093
published_at	2026-04-13T12:55:00Z

value	0.0241
scoring_system	epss
scoring_elements	0.85115
published_at	2026-04-21T12:55:00Z

value	0.0241
scoring_system	epss
scoring_elements	0.85117
published_at	2026-04-18T12:55:00Z

value	0.0241
scoring_system	epss
scoring_elements	0.85138
published_at	2026-04-24T12:55:00Z

value	0.0241
scoring_system	epss
scoring_elements	0.85147
published_at	2026-04-26T12:55:00Z

value	0.0241
scoring_system	epss
scoring_elements	0.85144
published_at	2026-04-29T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2017-2620

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-2620
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-2620

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	4.9
scoring_system	cvssv2
scoring_elements	AV:A/AC:M/Au:S/C:P/I:P/A:P

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1420484
reference_id	1420484
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1420484

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=855791
reference_id	855791
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=855791

reference_url	https://security.gentoo.org/glsa/201703-07
reference_id	GLSA-201703-07
reference_type
scores
url	https://security.gentoo.org/glsa/201703-07

reference_url	https://security.gentoo.org/glsa/201704-01
reference_id	GLSA-201704-01
reference_type
scores
url	https://security.gentoo.org/glsa/201704-01

reference_url	https://access.redhat.com/errata/RHSA-2017:0328
reference_id	RHSA-2017:0328
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2017:0328

reference_url	https://access.redhat.com/errata/RHSA-2017:0329
reference_id	RHSA-2017:0329
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2017:0329

reference_url	https://access.redhat.com/errata/RHSA-2017:0330
reference_id	RHSA-2017:0330
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2017:0330

reference_url	https://access.redhat.com/errata/RHSA-2017:0331
reference_id	RHSA-2017:0331
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2017:0331

reference_url	https://access.redhat.com/errata/RHSA-2017:0332
reference_id	RHSA-2017:0332
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2017:0332

reference_url	https://access.redhat.com/errata/RHSA-2017:0333
reference_id	RHSA-2017:0333
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2017:0333

reference_url	https://access.redhat.com/errata/RHSA-2017:0334
reference_id	RHSA-2017:0334
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2017:0334

reference_url	https://access.redhat.com/errata/RHSA-2017:0350
reference_id	RHSA-2017:0350
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2017:0350

reference_url	https://access.redhat.com/errata/RHSA-2017:0351
reference_id	RHSA-2017:0351
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2017:0351

reference_url	https://access.redhat.com/errata/RHSA-2017:0352
reference_id	RHSA-2017:0352
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2017:0352

reference_url	https://access.redhat.com/errata/RHSA-2017:0396
reference_id	RHSA-2017:0396
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2017:0396

reference_url	https://access.redhat.com/errata/RHSA-2017:0454
reference_id	RHSA-2017:0454
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2017:0454

reference_url	https://usn.ubuntu.com/3261-1/
reference_id	USN-3261-1
reference_type
scores
url	https://usn.ubuntu.com/3261-1/

reference_url	https://xenbits.xen.org/xsa/advisory-209.html
reference_id	XSA-209
reference_type
scores
url	https://xenbits.xen.org/xsa/advisory-209.html

fixed_packages

url	pkg:deb/debian/qemu@1:2.8%2Bdfsg-3?distro=trixie
purl	pkg:deb/debian/qemu@1:2.8%2Bdfsg-3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:2.8%252Bdfsg-3%3Fdistro=trixie

url pkg:deb/debian/qemu@1:5.2%2Bdfsg-11%2Bdeb11u3?distro=trixie

purl pkg:deb/debian/qemu@1:5.2%2Bdfsg-11%2Bdeb11u3?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-3kyg-9mf3-kfft

vulnerability	VCID-46gg-8h8g-2kf5

vulnerability	VCID-4mt9-kf9m-2fbz

vulnerability	VCID-6qnt-yaa3-p3bb

vulnerability	VCID-cenj-mz55-jbg6

vulnerability	VCID-d2ve-dnmj-4bbz

vulnerability	VCID-ej5p-r4az-6ud2

vulnerability	VCID-ewb7-nrtu-g7ex

vulnerability	VCID-gc6n-kgsc-f3b6

vulnerability	VCID-m47q-17n6-t7gg

vulnerability	VCID-mtj9-1cns-yybw

vulnerability	VCID-n71j-fz74-kyhf

vulnerability	VCID-p2dz-mtns-5bb4

vulnerability	VCID-ptty-88p4-ybe9

vulnerability	VCID-pxjg-chmx-nkdc

vulnerability	VCID-qh2s-apkz-sbaz

vulnerability	VCID-t58m-9jqp-43c9

vulnerability	VCID-t5gq-4bhn-gkej

vulnerability	VCID-uzxc-npak-yyc4

vulnerability	VCID-w7gc-1eh2-3ufu

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:5.2%252Bdfsg-11%252Bdeb11u3%3Fdistro=trixie

url pkg:deb/debian/qemu@1:7.2%2Bdfsg-7%2Bdeb12u18?distro=trixie

purl pkg:deb/debian/qemu@1:7.2%2Bdfsg-7%2Bdeb12u18?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-46gg-8h8g-2kf5

vulnerability	VCID-4mt9-kf9m-2fbz

vulnerability	VCID-hkf8-96k7-kuc9

vulnerability	VCID-m47q-17n6-t7gg

vulnerability	VCID-n71j-fz74-kyhf

vulnerability	VCID-t58m-9jqp-43c9

vulnerability	VCID-uzxc-npak-yyc4

vulnerability	VCID-vcun-y6d5-6uby

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:7.2%252Bdfsg-7%252Bdeb12u18%3Fdistro=trixie

url pkg:deb/debian/qemu@1:10.0.8%2Bds-0%2Bdeb13u1?distro=trixie

purl pkg:deb/debian/qemu@1:10.0.8%2Bds-0%2Bdeb13u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1j9f-u62h-rug2

vulnerability	VCID-46gg-8h8g-2kf5

vulnerability	VCID-4mt9-kf9m-2fbz

vulnerability	VCID-9szt-c829-zfdh

vulnerability	VCID-detn-3zsq-3qh7

vulnerability	VCID-m47q-17n6-t7gg

vulnerability	VCID-n71j-fz74-kyhf

vulnerability	VCID-n9n4-prkb-f3c6

vulnerability	VCID-vcun-y6d5-6uby

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:10.0.8%252Bds-0%252Bdeb13u1%3Fdistro=trixie

url pkg:deb/debian/qemu@1:10.2.1%2Bds-1?distro=trixie

purl pkg:deb/debian/qemu@1:10.2.1%2Bds-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-9szt-c829-zfdh

vulnerability	VCID-detn-3zsq-3qh7

vulnerability	VCID-m47q-17n6-t7gg

vulnerability	VCID-vcun-y6d5-6uby

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:10.2.1%252Bds-1%3Fdistro=trixie

url pkg:deb/debian/qemu@1:10.2.2%2Bds-1?distro=trixie

purl pkg:deb/debian/qemu@1:10.2.2%2Bds-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1j9f-u62h-rug2

vulnerability	VCID-46gg-8h8g-2kf5

vulnerability	VCID-4mt9-kf9m-2fbz

vulnerability	VCID-n9n4-prkb-f3c6

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:10.2.2%252Bds-1%3Fdistro=trixie

url	pkg:deb/debian/qemu@1:11.0.0%2Bds-1?distro=trixie
purl	pkg:deb/debian/qemu@1:11.0.0%2Bds-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:11.0.0%252Bds-1%3Fdistro=trixie

aliases CVE-2017-2620, XSA-209

risk_score 2.5

exploitability 0.5

weighted_severity 5.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-aeh3-vzax-jqfh

url VCID-e1j4-fhej-23hp

vulnerability_id VCID-e1j4-fhej-23hp

summary

Multiple vulnerabilities have been found in QEMU, the worst of
    which could the worst of which could lead to arbitrary code execution, or
    cause a Denial of Service condition.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-2630.json

reference_id

reference_type

scores

value	5.5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-2630.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2017-2630

reference_id

reference_type

scores

value	0.01134
scoring_system	epss
scoring_elements	0.78294
published_at	2026-04-01T12:55:00Z

value	0.01134
scoring_system	epss
scoring_elements	0.78301
published_at	2026-04-02T12:55:00Z

value	0.01134
scoring_system	epss
scoring_elements	0.78332
published_at	2026-04-04T12:55:00Z

value	0.01134
scoring_system	epss
scoring_elements	0.78314
published_at	2026-04-07T12:55:00Z

value	0.01134
scoring_system	epss
scoring_elements	0.7834
published_at	2026-04-08T12:55:00Z

value	0.01134
scoring_system	epss
scoring_elements	0.78346
published_at	2026-04-09T12:55:00Z

value	0.01134
scoring_system	epss
scoring_elements	0.78373
published_at	2026-04-21T12:55:00Z

value	0.01134
scoring_system	epss
scoring_elements	0.78355
published_at	2026-04-12T12:55:00Z

value	0.01134
scoring_system	epss
scoring_elements	0.78348
published_at	2026-04-13T12:55:00Z

value	0.01134
scoring_system	epss
scoring_elements	0.78377
published_at	2026-04-16T12:55:00Z

value	0.01134
scoring_system	epss
scoring_elements	0.78376
published_at	2026-04-18T12:55:00Z

value	0.01134
scoring_system	epss
scoring_elements	0.78407
published_at	2026-04-24T12:55:00Z

value	0.01134
scoring_system	epss
scoring_elements	0.78415
published_at	2026-04-26T12:55:00Z

value	0.01134
scoring_system	epss
scoring_elements	0.78431
published_at	2026-04-29T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2017-2630

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-2630
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-2630

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	4.6
scoring_system	cvssv2
scoring_elements	AV:N/AC:H/Au:S/C:P/I:P/A:P

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1422415
reference_id	1422415
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1422415

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=855227
reference_id	855227
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=855227

reference_url	https://security.gentoo.org/glsa/201704-01
reference_id	GLSA-201704-01
reference_type
scores
url	https://security.gentoo.org/glsa/201704-01

reference_url	https://access.redhat.com/errata/RHSA-2017:2392
reference_id	RHSA-2017:2392
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2017:2392

fixed_packages

url	pkg:deb/debian/qemu@1:2.8%2Bdfsg-3?distro=trixie
purl	pkg:deb/debian/qemu@1:2.8%2Bdfsg-3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:2.8%252Bdfsg-3%3Fdistro=trixie

url pkg:deb/debian/qemu@1:5.2%2Bdfsg-11%2Bdeb11u3?distro=trixie

purl pkg:deb/debian/qemu@1:5.2%2Bdfsg-11%2Bdeb11u3?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-3kyg-9mf3-kfft

vulnerability	VCID-46gg-8h8g-2kf5

vulnerability	VCID-4mt9-kf9m-2fbz

vulnerability	VCID-6qnt-yaa3-p3bb

vulnerability	VCID-cenj-mz55-jbg6

vulnerability	VCID-d2ve-dnmj-4bbz

vulnerability	VCID-ej5p-r4az-6ud2

vulnerability	VCID-ewb7-nrtu-g7ex

vulnerability	VCID-gc6n-kgsc-f3b6

vulnerability	VCID-m47q-17n6-t7gg

vulnerability	VCID-mtj9-1cns-yybw

vulnerability	VCID-n71j-fz74-kyhf

vulnerability	VCID-p2dz-mtns-5bb4

vulnerability	VCID-ptty-88p4-ybe9

vulnerability	VCID-pxjg-chmx-nkdc

vulnerability	VCID-qh2s-apkz-sbaz

vulnerability	VCID-t58m-9jqp-43c9

vulnerability	VCID-t5gq-4bhn-gkej

vulnerability	VCID-uzxc-npak-yyc4

vulnerability	VCID-w7gc-1eh2-3ufu

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:5.2%252Bdfsg-11%252Bdeb11u3%3Fdistro=trixie

url pkg:deb/debian/qemu@1:7.2%2Bdfsg-7%2Bdeb12u18?distro=trixie

purl pkg:deb/debian/qemu@1:7.2%2Bdfsg-7%2Bdeb12u18?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-46gg-8h8g-2kf5

vulnerability	VCID-4mt9-kf9m-2fbz

vulnerability	VCID-hkf8-96k7-kuc9

vulnerability	VCID-m47q-17n6-t7gg

vulnerability	VCID-n71j-fz74-kyhf

vulnerability	VCID-t58m-9jqp-43c9

vulnerability	VCID-uzxc-npak-yyc4

vulnerability	VCID-vcun-y6d5-6uby

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:7.2%252Bdfsg-7%252Bdeb12u18%3Fdistro=trixie

url pkg:deb/debian/qemu@1:10.0.8%2Bds-0%2Bdeb13u1?distro=trixie

purl pkg:deb/debian/qemu@1:10.0.8%2Bds-0%2Bdeb13u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1j9f-u62h-rug2

vulnerability	VCID-46gg-8h8g-2kf5

vulnerability	VCID-4mt9-kf9m-2fbz

vulnerability	VCID-9szt-c829-zfdh

vulnerability	VCID-detn-3zsq-3qh7

vulnerability	VCID-m47q-17n6-t7gg

vulnerability	VCID-n71j-fz74-kyhf

vulnerability	VCID-n9n4-prkb-f3c6

vulnerability	VCID-vcun-y6d5-6uby

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:10.0.8%252Bds-0%252Bdeb13u1%3Fdistro=trixie

url pkg:deb/debian/qemu@1:10.2.1%2Bds-1?distro=trixie

purl pkg:deb/debian/qemu@1:10.2.1%2Bds-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-9szt-c829-zfdh

vulnerability	VCID-detn-3zsq-3qh7

vulnerability	VCID-m47q-17n6-t7gg

vulnerability	VCID-vcun-y6d5-6uby

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:10.2.1%252Bds-1%3Fdistro=trixie

url pkg:deb/debian/qemu@1:10.2.2%2Bds-1?distro=trixie

purl pkg:deb/debian/qemu@1:10.2.2%2Bds-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1j9f-u62h-rug2

vulnerability	VCID-46gg-8h8g-2kf5

vulnerability	VCID-4mt9-kf9m-2fbz

vulnerability	VCID-n9n4-prkb-f3c6

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:10.2.2%252Bds-1%3Fdistro=trixie

url	pkg:deb/debian/qemu@1:11.0.0%2Bds-1?distro=trixie
purl	pkg:deb/debian/qemu@1:11.0.0%2Bds-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:11.0.0%252Bds-1%3Fdistro=trixie

aliases CVE-2017-2630

risk_score 2.5

exploitability 0.5

weighted_severity 5.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-e1j4-fhej-23hp

url VCID-ecu9-p9zb-dugs

vulnerability_id VCID-ecu9-p9zb-dugs

summary

Multiple vulnerabilities have been found in QEMU, the worst of
    which could the worst of which could lead to arbitrary code execution, or
    cause a Denial of Service condition.

references

reference_url	http://git.qemu-project.org/?p=qemu.git%3Ba=commit%3Bh=6e86d90352adf6cb08295255220295cf23c4286e
reference_id
reference_type
scores
url	http://git.qemu-project.org/?p=qemu.git%3Ba=commit%3Bh=6e86d90352adf6cb08295255220295cf23c4286e

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5987.json

reference_id

reference_type

scores

value	3.0
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:A/AC:H/PR:L/UI:N/S:C/C:N/I:N/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5987.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2017-5987

reference_id

reference_type

scores

value	0.00066
scoring_system	epss
scoring_elements	0.20329
published_at	2026-04-01T12:55:00Z

value	0.00066
scoring_system	epss
scoring_elements	0.2015
published_at	2026-04-29T12:55:00Z

value	0.00066
scoring_system	epss
scoring_elements	0.20311
published_at	2026-04-21T12:55:00Z

value	0.00066
scoring_system	epss
scoring_elements	0.2019
published_at	2026-04-24T12:55:00Z

value	0.00066
scoring_system	epss
scoring_elements	0.20184
published_at	2026-04-26T12:55:00Z

value	0.00066
scoring_system	epss
scoring_elements	0.20471
published_at	2026-04-02T12:55:00Z

value	0.00066
scoring_system	epss
scoring_elements	0.20531
published_at	2026-04-04T12:55:00Z

value	0.00066
scoring_system	epss
scoring_elements	0.20255
published_at	2026-04-07T12:55:00Z

value	0.00066
scoring_system	epss
scoring_elements	0.20336
published_at	2026-04-08T12:55:00Z

value	0.00066
scoring_system	epss
scoring_elements	0.20394
published_at	2026-04-09T12:55:00Z

value	0.00066
scoring_system	epss
scoring_elements	0.20424
published_at	2026-04-11T12:55:00Z

value	0.00066
scoring_system	epss
scoring_elements	0.20379
published_at	2026-04-12T12:55:00Z

value	0.00066
scoring_system	epss
scoring_elements	0.20323
published_at	2026-04-13T12:55:00Z

value	0.00066
scoring_system	epss
scoring_elements	0.20312
published_at	2026-04-16T12:55:00Z

value	0.00066
scoring_system	epss
scoring_elements	0.20314
published_at	2026-04-18T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2017-5987

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5987
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5987

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	1.5
scoring_system	cvssv2
scoring_elements	AV:L/AC:M/Au:S/C:N/I:N/A:P

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://lists.debian.org/debian-lts-announce/2018/09/msg00007.html
reference_id
reference_type
scores
url	https://lists.debian.org/debian-lts-announce/2018/09/msg00007.html

reference_url	https://lists.gnu.org/archive/html/qemu-devel/2017-02/msg02776.html
reference_id
reference_type
scores
url	https://lists.gnu.org/archive/html/qemu-devel/2017-02/msg02776.html

reference_url	http://www.openwall.com/lists/oss-security/2017/02/14/8
reference_id
reference_type
scores
url	http://www.openwall.com/lists/oss-security/2017/02/14/8

reference_url	http://www.securityfocus.com/bid/96263
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/96263

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1421995
reference_id	1421995
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1421995

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=855159
reference_id	855159
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=855159

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:qemu:qemu::::::::
reference_id	cpe:2.3:a:qemu:qemu::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:qemu:qemu::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:qemu:qemu:2.9.0:rc0::::::
reference_id	cpe:2.3:a:qemu:qemu:2.9.0:rc0::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:qemu:qemu:2.9.0:rc0::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:qemu:qemu:2.9.0:rc1::::::
reference_id	cpe:2.3:a:qemu:qemu:2.9.0:rc1::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:qemu:qemu:2.9.0:rc1::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:qemu:qemu:2.9.0:rc2::::::
reference_id	cpe:2.3:a:qemu:qemu:2.9.0:rc2::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:qemu:qemu:2.9.0:rc2::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:qemu:qemu:2.9.0:rc3::::::
reference_id	cpe:2.3:a:qemu:qemu:2.9.0:rc3::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:qemu:qemu:2.9.0:rc3::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:qemu:qemu:2.9.0:rc4::::::
reference_id	cpe:2.3:a:qemu:qemu:2.9.0:rc4::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:qemu:qemu:2.9.0:rc4::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2017-5987

reference_id

CVE-2017-5987

reference_type

scores

value	2.1
scoring_system	cvssv2
scoring_elements	AV:L/AC:L/Au:N/C:N/I:N/A:P

value	5.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

url

https://nvd.nist.gov/vuln/detail/CVE-2017-5987

reference_url	https://security.gentoo.org/glsa/201704-01
reference_id	GLSA-201704-01
reference_type
scores
url	https://security.gentoo.org/glsa/201704-01

reference_url	https://usn.ubuntu.com/3261-1/
reference_id	USN-3261-1
reference_type
scores
url	https://usn.ubuntu.com/3261-1/

reference_url	https://usn.ubuntu.com/3268-1/
reference_id	USN-3268-1
reference_type
scores
url	https://usn.ubuntu.com/3268-1/

fixed_packages

url	pkg:deb/debian/qemu@1:2.8%2Bdfsg-3?distro=trixie
purl	pkg:deb/debian/qemu@1:2.8%2Bdfsg-3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:2.8%252Bdfsg-3%3Fdistro=trixie

url pkg:deb/debian/qemu@1:5.2%2Bdfsg-11%2Bdeb11u3?distro=trixie

purl pkg:deb/debian/qemu@1:5.2%2Bdfsg-11%2Bdeb11u3?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-3kyg-9mf3-kfft

vulnerability	VCID-46gg-8h8g-2kf5

vulnerability	VCID-4mt9-kf9m-2fbz

vulnerability	VCID-6qnt-yaa3-p3bb

vulnerability	VCID-cenj-mz55-jbg6

vulnerability	VCID-d2ve-dnmj-4bbz

vulnerability	VCID-ej5p-r4az-6ud2

vulnerability	VCID-ewb7-nrtu-g7ex

vulnerability	VCID-gc6n-kgsc-f3b6

vulnerability	VCID-m47q-17n6-t7gg

vulnerability	VCID-mtj9-1cns-yybw

vulnerability	VCID-n71j-fz74-kyhf

vulnerability	VCID-p2dz-mtns-5bb4

vulnerability	VCID-ptty-88p4-ybe9

vulnerability	VCID-pxjg-chmx-nkdc

vulnerability	VCID-qh2s-apkz-sbaz

vulnerability	VCID-t58m-9jqp-43c9

vulnerability	VCID-t5gq-4bhn-gkej

vulnerability	VCID-uzxc-npak-yyc4

vulnerability	VCID-w7gc-1eh2-3ufu

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:5.2%252Bdfsg-11%252Bdeb11u3%3Fdistro=trixie

url pkg:deb/debian/qemu@1:7.2%2Bdfsg-7%2Bdeb12u18?distro=trixie

purl pkg:deb/debian/qemu@1:7.2%2Bdfsg-7%2Bdeb12u18?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-46gg-8h8g-2kf5

vulnerability	VCID-4mt9-kf9m-2fbz

vulnerability	VCID-hkf8-96k7-kuc9

vulnerability	VCID-m47q-17n6-t7gg

vulnerability	VCID-n71j-fz74-kyhf

vulnerability	VCID-t58m-9jqp-43c9

vulnerability	VCID-uzxc-npak-yyc4

vulnerability	VCID-vcun-y6d5-6uby

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:7.2%252Bdfsg-7%252Bdeb12u18%3Fdistro=trixie

url pkg:deb/debian/qemu@1:10.0.8%2Bds-0%2Bdeb13u1?distro=trixie

purl pkg:deb/debian/qemu@1:10.0.8%2Bds-0%2Bdeb13u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1j9f-u62h-rug2

vulnerability	VCID-46gg-8h8g-2kf5

vulnerability	VCID-4mt9-kf9m-2fbz

vulnerability	VCID-9szt-c829-zfdh

vulnerability	VCID-detn-3zsq-3qh7

vulnerability	VCID-m47q-17n6-t7gg

vulnerability	VCID-n71j-fz74-kyhf

vulnerability	VCID-n9n4-prkb-f3c6

vulnerability	VCID-vcun-y6d5-6uby

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:10.0.8%252Bds-0%252Bdeb13u1%3Fdistro=trixie

url pkg:deb/debian/qemu@1:10.2.1%2Bds-1?distro=trixie

purl pkg:deb/debian/qemu@1:10.2.1%2Bds-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-9szt-c829-zfdh

vulnerability	VCID-detn-3zsq-3qh7

vulnerability	VCID-m47q-17n6-t7gg

vulnerability	VCID-vcun-y6d5-6uby

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:10.2.1%252Bds-1%3Fdistro=trixie

url pkg:deb/debian/qemu@1:10.2.2%2Bds-1?distro=trixie

purl pkg:deb/debian/qemu@1:10.2.2%2Bds-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1j9f-u62h-rug2

vulnerability	VCID-46gg-8h8g-2kf5

vulnerability	VCID-4mt9-kf9m-2fbz

vulnerability	VCID-n9n4-prkb-f3c6

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:10.2.2%252Bds-1%3Fdistro=trixie

url	pkg:deb/debian/qemu@1:11.0.0%2Bds-1?distro=trixie
purl	pkg:deb/debian/qemu@1:11.0.0%2Bds-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:11.0.0%252Bds-1%3Fdistro=trixie

aliases CVE-2017-5987

risk_score 2.5

exploitability 0.5

weighted_severity 5.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ecu9-p9zb-dugs

url VCID-eu39-te5g-dyf9

vulnerability_id VCID-eu39-te5g-dyf9

summary

Multiple vulnerabilities have been found in QEMU, the worst of
    which could the worst of which could lead to arbitrary code execution, or
    cause a Denial of Service condition.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9602.json

reference_id

reference_type

scores

value	7.6
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:A/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9602.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2016-9602

reference_id

reference_type

scores

value	0.01302
scoring_system	epss
scoring_elements	0.79692
published_at	2026-04-01T12:55:00Z

value	0.01302
scoring_system	epss
scoring_elements	0.79824
published_at	2026-04-29T12:55:00Z

value	0.01302
scoring_system	epss
scoring_elements	0.79769
published_at	2026-04-18T12:55:00Z

value	0.01302
scoring_system	epss
scoring_elements	0.79773
published_at	2026-04-21T12:55:00Z

value	0.01302
scoring_system	epss
scoring_elements	0.79802
published_at	2026-04-24T12:55:00Z

value	0.01302
scoring_system	epss
scoring_elements	0.79809
published_at	2026-04-26T12:55:00Z

value	0.01302
scoring_system	epss
scoring_elements	0.79699
published_at	2026-04-02T12:55:00Z

value	0.01302
scoring_system	epss
scoring_elements	0.7972
published_at	2026-04-04T12:55:00Z

value	0.01302
scoring_system	epss
scoring_elements	0.79705
published_at	2026-04-07T12:55:00Z

value	0.01302
scoring_system	epss
scoring_elements	0.79734
published_at	2026-04-08T12:55:00Z

value	0.01302
scoring_system	epss
scoring_elements	0.79741
published_at	2026-04-09T12:55:00Z

value	0.01302
scoring_system	epss
scoring_elements	0.79762
published_at	2026-04-11T12:55:00Z

value	0.01302
scoring_system	epss
scoring_elements	0.79747
published_at	2026-04-12T12:55:00Z

value	0.01302
scoring_system	epss
scoring_elements	0.7974
published_at	2026-04-13T12:55:00Z

value	0.01302
scoring_system	epss
scoring_elements	0.79768
published_at	2026-04-16T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2016-9602

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-9602
reference_id
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-9602

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9602
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9602

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	3.7
scoring_system	cvssv2
scoring_elements	AV:L/AC:H/Au:N/C:P/I:P/A:P

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://lists.debian.org/debian-lts-announce/2018/09/msg00007.html
reference_id
reference_type
scores
url	https://lists.debian.org/debian-lts-announce/2018/09/msg00007.html

reference_url	https://lists.gnu.org/archive/html/qemu-devel/2017-01/msg06225.html
reference_id
reference_type
scores
url	https://lists.gnu.org/archive/html/qemu-devel/2017-01/msg06225.html

reference_url	https://lists.gnu.org/archive/html/qemu-devel/2017-02/msg04347.html
reference_id
reference_type
scores
url	https://lists.gnu.org/archive/html/qemu-devel/2017-02/msg04347.html

reference_url	http://www.openwall.com/lists/oss-security/2017/01/17/12
reference_id
reference_type
scores
url	http://www.openwall.com/lists/oss-security/2017/01/17/12

reference_url	http://www.securityfocus.com/bid/95461
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/95461

reference_url	http://www.securitytracker.com/id/1037604
reference_id
reference_type
scores
url	http://www.securitytracker.com/id/1037604

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1413929
reference_id	1413929
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1413929

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=853006
reference_id	853006
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=853006

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:qemu:qemu::::::::
reference_id	cpe:2.3:a:qemu:qemu::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:qemu:qemu::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2016-9602

reference_id

CVE-2016-9602

reference_type

scores

value	9.0
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:S/C:C/I:C/A:C

value	7.6
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:A/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H

value	8.8
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

url

https://nvd.nist.gov/vuln/detail/CVE-2016-9602

reference_url	https://security.gentoo.org/glsa/201704-01
reference_id	GLSA-201704-01
reference_type
scores
url	https://security.gentoo.org/glsa/201704-01

reference_url	https://usn.ubuntu.com/3261-1/
reference_id	USN-3261-1
reference_type
scores
url	https://usn.ubuntu.com/3261-1/

reference_url	https://usn.ubuntu.com/3268-1/
reference_id	USN-3268-1
reference_type
scores
url	https://usn.ubuntu.com/3268-1/

fixed_packages

url	pkg:deb/debian/qemu@1:2.8%2Bdfsg-3?distro=trixie
purl	pkg:deb/debian/qemu@1:2.8%2Bdfsg-3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:2.8%252Bdfsg-3%3Fdistro=trixie

url pkg:deb/debian/qemu@1:5.2%2Bdfsg-11%2Bdeb11u3?distro=trixie

purl pkg:deb/debian/qemu@1:5.2%2Bdfsg-11%2Bdeb11u3?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-3kyg-9mf3-kfft

vulnerability	VCID-46gg-8h8g-2kf5

vulnerability	VCID-4mt9-kf9m-2fbz

vulnerability	VCID-6qnt-yaa3-p3bb

vulnerability	VCID-cenj-mz55-jbg6

vulnerability	VCID-d2ve-dnmj-4bbz

vulnerability	VCID-ej5p-r4az-6ud2

vulnerability	VCID-ewb7-nrtu-g7ex

vulnerability	VCID-gc6n-kgsc-f3b6

vulnerability	VCID-m47q-17n6-t7gg

vulnerability	VCID-mtj9-1cns-yybw

vulnerability	VCID-n71j-fz74-kyhf

vulnerability	VCID-p2dz-mtns-5bb4

vulnerability	VCID-ptty-88p4-ybe9

vulnerability	VCID-pxjg-chmx-nkdc

vulnerability	VCID-qh2s-apkz-sbaz

vulnerability	VCID-t58m-9jqp-43c9

vulnerability	VCID-t5gq-4bhn-gkej

vulnerability	VCID-uzxc-npak-yyc4

vulnerability	VCID-w7gc-1eh2-3ufu

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:5.2%252Bdfsg-11%252Bdeb11u3%3Fdistro=trixie

url pkg:deb/debian/qemu@1:7.2%2Bdfsg-7%2Bdeb12u18?distro=trixie

purl pkg:deb/debian/qemu@1:7.2%2Bdfsg-7%2Bdeb12u18?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-46gg-8h8g-2kf5

vulnerability	VCID-4mt9-kf9m-2fbz

vulnerability	VCID-hkf8-96k7-kuc9

vulnerability	VCID-m47q-17n6-t7gg

vulnerability	VCID-n71j-fz74-kyhf

vulnerability	VCID-t58m-9jqp-43c9

vulnerability	VCID-uzxc-npak-yyc4

vulnerability	VCID-vcun-y6d5-6uby

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:7.2%252Bdfsg-7%252Bdeb12u18%3Fdistro=trixie

url pkg:deb/debian/qemu@1:10.0.8%2Bds-0%2Bdeb13u1?distro=trixie

purl pkg:deb/debian/qemu@1:10.0.8%2Bds-0%2Bdeb13u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1j9f-u62h-rug2

vulnerability	VCID-46gg-8h8g-2kf5

vulnerability	VCID-4mt9-kf9m-2fbz

vulnerability	VCID-9szt-c829-zfdh

vulnerability	VCID-detn-3zsq-3qh7

vulnerability	VCID-m47q-17n6-t7gg

vulnerability	VCID-n71j-fz74-kyhf

vulnerability	VCID-n9n4-prkb-f3c6

vulnerability	VCID-vcun-y6d5-6uby

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:10.0.8%252Bds-0%252Bdeb13u1%3Fdistro=trixie

url pkg:deb/debian/qemu@1:10.2.1%2Bds-1?distro=trixie

purl pkg:deb/debian/qemu@1:10.2.1%2Bds-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-9szt-c829-zfdh

vulnerability	VCID-detn-3zsq-3qh7

vulnerability	VCID-m47q-17n6-t7gg

vulnerability	VCID-vcun-y6d5-6uby

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:10.2.1%252Bds-1%3Fdistro=trixie

url pkg:deb/debian/qemu@1:10.2.2%2Bds-1?distro=trixie

purl pkg:deb/debian/qemu@1:10.2.2%2Bds-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1j9f-u62h-rug2

vulnerability	VCID-46gg-8h8g-2kf5

vulnerability	VCID-4mt9-kf9m-2fbz

vulnerability	VCID-n9n4-prkb-f3c6

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:10.2.2%252Bds-1%3Fdistro=trixie

url	pkg:deb/debian/qemu@1:11.0.0%2Bds-1?distro=trixie
purl	pkg:deb/debian/qemu@1:11.0.0%2Bds-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:11.0.0%252Bds-1%3Fdistro=trixie

aliases CVE-2016-9602

risk_score 4.0

exploitability 0.5

weighted_severity 8.1

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-eu39-te5g-dyf9

url VCID-g3p8-5y7v-1ubk

vulnerability_id VCID-g3p8-5y7v-1ubk

summary

Multiple vulnerabilities have been found in QEMU, the worst of
    which could cause a Denial of Service condition.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-7907.json

reference_id

reference_type

scores

value	3.0
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:A/AC:H/PR:L/UI:N/S:C/C:N/I:N/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-7907.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2016-7907

reference_id

reference_type

scores

value	0.00112
scoring_system	epss
scoring_elements	0.29737
published_at	2026-04-01T12:55:00Z

value	0.00112
scoring_system	epss
scoring_elements	0.29783
published_at	2026-04-02T12:55:00Z

value	0.00112
scoring_system	epss
scoring_elements	0.2983
published_at	2026-04-04T12:55:00Z

value	0.00112
scoring_system	epss
scoring_elements	0.29645
published_at	2026-04-07T12:55:00Z

value	0.00112
scoring_system	epss
scoring_elements	0.29708
published_at	2026-04-08T12:55:00Z

value	0.00112
scoring_system	epss
scoring_elements	0.29744
published_at	2026-04-09T12:55:00Z

value	0.00112
scoring_system	epss
scoring_elements	0.29747
published_at	2026-04-11T12:55:00Z

value	0.00112
scoring_system	epss
scoring_elements	0.29702
published_at	2026-04-12T12:55:00Z

value	0.00112
scoring_system	epss
scoring_elements	0.29651
published_at	2026-04-13T12:55:00Z

value	0.00112
scoring_system	epss
scoring_elements	0.29668
published_at	2026-04-16T12:55:00Z

value	0.00112
scoring_system	epss
scoring_elements	0.29646
published_at	2026-04-18T12:55:00Z

value	0.00112
scoring_system	epss
scoring_elements	0.29601
published_at	2026-04-21T12:55:00Z

value	0.00112
scoring_system	epss
scoring_elements	0.29521
published_at	2026-04-24T12:55:00Z

value	0.00112
scoring_system	epss
scoring_elements	0.29407
published_at	2026-04-26T12:55:00Z

value	0.00112
scoring_system	epss
scoring_elements	0.29343
published_at	2026-04-29T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2016-7907

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7907
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7907

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1327206
reference_id	1327206
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1327206

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=839986
reference_id	839986
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=839986

reference_url	https://security.gentoo.org/glsa/201611-11
reference_id	GLSA-201611-11
reference_type
scores
url	https://security.gentoo.org/glsa/201611-11

reference_url	https://usn.ubuntu.com/3261-1/
reference_id	USN-3261-1
reference_type
scores
url	https://usn.ubuntu.com/3261-1/

fixed_packages

url	pkg:deb/debian/qemu@1:2.8%2Bdfsg-3?distro=trixie
purl	pkg:deb/debian/qemu@1:2.8%2Bdfsg-3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:2.8%252Bdfsg-3%3Fdistro=trixie

url pkg:deb/debian/qemu@1:5.2%2Bdfsg-11%2Bdeb11u3?distro=trixie

purl pkg:deb/debian/qemu@1:5.2%2Bdfsg-11%2Bdeb11u3?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-3kyg-9mf3-kfft

vulnerability	VCID-46gg-8h8g-2kf5

vulnerability	VCID-4mt9-kf9m-2fbz

vulnerability	VCID-6qnt-yaa3-p3bb

vulnerability	VCID-cenj-mz55-jbg6

vulnerability	VCID-d2ve-dnmj-4bbz

vulnerability	VCID-ej5p-r4az-6ud2

vulnerability	VCID-ewb7-nrtu-g7ex

vulnerability	VCID-gc6n-kgsc-f3b6

vulnerability	VCID-m47q-17n6-t7gg

vulnerability	VCID-mtj9-1cns-yybw

vulnerability	VCID-n71j-fz74-kyhf

vulnerability	VCID-p2dz-mtns-5bb4

vulnerability	VCID-ptty-88p4-ybe9

vulnerability	VCID-pxjg-chmx-nkdc

vulnerability	VCID-qh2s-apkz-sbaz

vulnerability	VCID-t58m-9jqp-43c9

vulnerability	VCID-t5gq-4bhn-gkej

vulnerability	VCID-uzxc-npak-yyc4

vulnerability	VCID-w7gc-1eh2-3ufu

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:5.2%252Bdfsg-11%252Bdeb11u3%3Fdistro=trixie

url pkg:deb/debian/qemu@1:7.2%2Bdfsg-7%2Bdeb12u18?distro=trixie

purl pkg:deb/debian/qemu@1:7.2%2Bdfsg-7%2Bdeb12u18?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-46gg-8h8g-2kf5

vulnerability	VCID-4mt9-kf9m-2fbz

vulnerability	VCID-hkf8-96k7-kuc9

vulnerability	VCID-m47q-17n6-t7gg

vulnerability	VCID-n71j-fz74-kyhf

vulnerability	VCID-t58m-9jqp-43c9

vulnerability	VCID-uzxc-npak-yyc4

vulnerability	VCID-vcun-y6d5-6uby

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:7.2%252Bdfsg-7%252Bdeb12u18%3Fdistro=trixie

url pkg:deb/debian/qemu@1:10.0.8%2Bds-0%2Bdeb13u1?distro=trixie

purl pkg:deb/debian/qemu@1:10.0.8%2Bds-0%2Bdeb13u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1j9f-u62h-rug2

vulnerability	VCID-46gg-8h8g-2kf5

vulnerability	VCID-4mt9-kf9m-2fbz

vulnerability	VCID-9szt-c829-zfdh

vulnerability	VCID-detn-3zsq-3qh7

vulnerability	VCID-m47q-17n6-t7gg

vulnerability	VCID-n71j-fz74-kyhf

vulnerability	VCID-n9n4-prkb-f3c6

vulnerability	VCID-vcun-y6d5-6uby

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:10.0.8%252Bds-0%252Bdeb13u1%3Fdistro=trixie

url pkg:deb/debian/qemu@1:10.2.1%2Bds-1?distro=trixie

purl pkg:deb/debian/qemu@1:10.2.1%2Bds-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-9szt-c829-zfdh

vulnerability	VCID-detn-3zsq-3qh7

vulnerability	VCID-m47q-17n6-t7gg

vulnerability	VCID-vcun-y6d5-6uby

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:10.2.1%252Bds-1%3Fdistro=trixie

url pkg:deb/debian/qemu@1:10.2.2%2Bds-1?distro=trixie

purl pkg:deb/debian/qemu@1:10.2.2%2Bds-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1j9f-u62h-rug2

vulnerability	VCID-46gg-8h8g-2kf5

vulnerability	VCID-4mt9-kf9m-2fbz

vulnerability	VCID-n9n4-prkb-f3c6

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:10.2.2%252Bds-1%3Fdistro=trixie

url	pkg:deb/debian/qemu@1:11.0.0%2Bds-1?distro=trixie
purl	pkg:deb/debian/qemu@1:11.0.0%2Bds-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:11.0.0%252Bds-1%3Fdistro=trixie

aliases CVE-2016-7907

risk_score 1.4

exploitability 0.5

weighted_severity 2.7

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-g3p8-5y7v-1ubk

url VCID-gagc-4hh8-hkhb

vulnerability_id VCID-gagc-4hh8-hkhb

summary

Multiple vulnerabilities have been found in QEMU, the worst of
    which could the worst of which could lead to arbitrary code execution, or
    cause a Denial of Service condition.

references

reference_url	http://git.qemu-project.org/?p=qemu.git%3Ba=commit%3Bh=f89b60f6e5fee3923bedf80e82b4e5efc1bb156b
reference_id
reference_type
scores
url	http://git.qemu-project.org/?p=qemu.git%3Ba=commit%3Bh=f89b60f6e5fee3923bedf80e82b4e5efc1bb156b

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5973.json

reference_id

reference_type

scores

value	3.0
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:A/AC:H/PR:L/UI:N/S:C/C:N/I:N/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5973.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2017-5973

reference_id

reference_type

scores

value	0.00095
scoring_system	epss
scoring_elements	0.26386
published_at	2026-04-01T12:55:00Z

value	0.00095
scoring_system	epss
scoring_elements	0.26095
published_at	2026-04-29T12:55:00Z

value	0.00095
scoring_system	epss
scoring_elements	0.26224
published_at	2026-04-21T12:55:00Z

value	0.00095
scoring_system	epss
scoring_elements	0.26149
published_at	2026-04-24T12:55:00Z

value	0.00095
scoring_system	epss
scoring_elements	0.26146
published_at	2026-04-26T12:55:00Z

value	0.00095
scoring_system	epss
scoring_elements	0.26437
published_at	2026-04-02T12:55:00Z

value	0.00095
scoring_system	epss
scoring_elements	0.26481
published_at	2026-04-04T12:55:00Z

value	0.00095
scoring_system	epss
scoring_elements	0.26256
published_at	2026-04-07T12:55:00Z

value	0.00095
scoring_system	epss
scoring_elements	0.26323
published_at	2026-04-08T12:55:00Z

value	0.00095
scoring_system	epss
scoring_elements	0.26375
published_at	2026-04-09T12:55:00Z

value	0.00095
scoring_system	epss
scoring_elements	0.26384
published_at	2026-04-11T12:55:00Z

value	0.00095
scoring_system	epss
scoring_elements	0.26338
published_at	2026-04-12T12:55:00Z

value	0.00095
scoring_system	epss
scoring_elements	0.26279
published_at	2026-04-13T12:55:00Z

value	0.00095
scoring_system	epss
scoring_elements	0.26285
published_at	2026-04-16T12:55:00Z

value	0.00095
scoring_system	epss
scoring_elements	0.2626
published_at	2026-04-18T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2017-5973

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5973
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5973

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	2.3
scoring_system	cvssv2
scoring_elements	AV:A/AC:M/Au:S/C:N/I:N/A:P

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://lists.debian.org/debian-lts-announce/2018/09/msg00007.html
reference_id
reference_type
scores
url	https://lists.debian.org/debian-lts-announce/2018/09/msg00007.html

reference_url	https://lists.gnu.org/archive/html/qemu-devel/2017-02/msg01101.html
reference_id
reference_type
scores
url	https://lists.gnu.org/archive/html/qemu-devel/2017-02/msg01101.html

reference_url	http://www.openwall.com/lists/oss-security/2017/02/13/11
reference_id
reference_type
scores
url	http://www.openwall.com/lists/oss-security/2017/02/13/11

reference_url	http://www.securityfocus.com/bid/96220
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/96220

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1421626
reference_id	1421626
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1421626

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=855611
reference_id	855611
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=855611

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:qemu:qemu::::::::
reference_id	cpe:2.3:a:qemu:qemu::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:qemu:qemu::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openstack:10:::::::*
reference_id	cpe:2.3:a:redhat:openstack:10:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openstack:10:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openstack:11:::::::*
reference_id	cpe:2.3:a:redhat:openstack:11:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openstack:11:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openstack:6.0:::::::*
reference_id	cpe:2.3:a:redhat:openstack:6.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openstack:6.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openstack:7.0:::::::*
reference_id	cpe:2.3:a:redhat:openstack:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openstack:7.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openstack:8:::::::*
reference_id	cpe:2.3:a:redhat:openstack:8:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openstack:8:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openstack:9:::::::*
reference_id	cpe:2.3:a:redhat:openstack:9:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openstack:9:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:virtualization:4.0:::::::*
reference_id	cpe:2.3:a:redhat:virtualization:4.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:virtualization:4.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2017-5973

reference_id

CVE-2017-5973

reference_type

scores

value	2.1
scoring_system	cvssv2
scoring_elements	AV:L/AC:L/Au:N/C:N/I:N/A:P

value	5.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

url

https://nvd.nist.gov/vuln/detail/CVE-2017-5973

reference_url	https://security.gentoo.org/glsa/201704-01
reference_id	GLSA-201704-01
reference_type
scores
url	https://security.gentoo.org/glsa/201704-01

reference_url	https://access.redhat.com/errata/RHSA-2017:2392
reference_id	RHSA-2017:2392
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2017:2392

reference_url	https://access.redhat.com/errata/RHSA-2017:2408
reference_id	RHSA-2017:2408
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2017:2408

reference_url	https://usn.ubuntu.com/3261-1/
reference_id	USN-3261-1
reference_type
scores
url	https://usn.ubuntu.com/3261-1/

fixed_packages

url	pkg:deb/debian/qemu@1:2.8%2Bdfsg-3?distro=trixie
purl	pkg:deb/debian/qemu@1:2.8%2Bdfsg-3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:2.8%252Bdfsg-3%3Fdistro=trixie

url pkg:deb/debian/qemu@1:5.2%2Bdfsg-11%2Bdeb11u3?distro=trixie

purl pkg:deb/debian/qemu@1:5.2%2Bdfsg-11%2Bdeb11u3?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-3kyg-9mf3-kfft

vulnerability	VCID-46gg-8h8g-2kf5

vulnerability	VCID-4mt9-kf9m-2fbz

vulnerability	VCID-6qnt-yaa3-p3bb

vulnerability	VCID-cenj-mz55-jbg6

vulnerability	VCID-d2ve-dnmj-4bbz

vulnerability	VCID-ej5p-r4az-6ud2

vulnerability	VCID-ewb7-nrtu-g7ex

vulnerability	VCID-gc6n-kgsc-f3b6

vulnerability	VCID-m47q-17n6-t7gg

vulnerability	VCID-mtj9-1cns-yybw

vulnerability	VCID-n71j-fz74-kyhf

vulnerability	VCID-p2dz-mtns-5bb4

vulnerability	VCID-ptty-88p4-ybe9

vulnerability	VCID-pxjg-chmx-nkdc

vulnerability	VCID-qh2s-apkz-sbaz

vulnerability	VCID-t58m-9jqp-43c9

vulnerability	VCID-t5gq-4bhn-gkej

vulnerability	VCID-uzxc-npak-yyc4

vulnerability	VCID-w7gc-1eh2-3ufu

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:5.2%252Bdfsg-11%252Bdeb11u3%3Fdistro=trixie

url pkg:deb/debian/qemu@1:7.2%2Bdfsg-7%2Bdeb12u18?distro=trixie

purl pkg:deb/debian/qemu@1:7.2%2Bdfsg-7%2Bdeb12u18?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-46gg-8h8g-2kf5

vulnerability	VCID-4mt9-kf9m-2fbz

vulnerability	VCID-hkf8-96k7-kuc9

vulnerability	VCID-m47q-17n6-t7gg

vulnerability	VCID-n71j-fz74-kyhf

vulnerability	VCID-t58m-9jqp-43c9

vulnerability	VCID-uzxc-npak-yyc4

vulnerability	VCID-vcun-y6d5-6uby

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:7.2%252Bdfsg-7%252Bdeb12u18%3Fdistro=trixie

url pkg:deb/debian/qemu@1:10.0.8%2Bds-0%2Bdeb13u1?distro=trixie

purl pkg:deb/debian/qemu@1:10.0.8%2Bds-0%2Bdeb13u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1j9f-u62h-rug2

vulnerability	VCID-46gg-8h8g-2kf5

vulnerability	VCID-4mt9-kf9m-2fbz

vulnerability	VCID-9szt-c829-zfdh

vulnerability	VCID-detn-3zsq-3qh7

vulnerability	VCID-m47q-17n6-t7gg

vulnerability	VCID-n71j-fz74-kyhf

vulnerability	VCID-n9n4-prkb-f3c6

vulnerability	VCID-vcun-y6d5-6uby

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:10.0.8%252Bds-0%252Bdeb13u1%3Fdistro=trixie

url pkg:deb/debian/qemu@1:10.2.1%2Bds-1?distro=trixie

purl pkg:deb/debian/qemu@1:10.2.1%2Bds-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-9szt-c829-zfdh

vulnerability	VCID-detn-3zsq-3qh7

vulnerability	VCID-m47q-17n6-t7gg

vulnerability	VCID-vcun-y6d5-6uby

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:10.2.1%252Bds-1%3Fdistro=trixie

url pkg:deb/debian/qemu@1:10.2.2%2Bds-1?distro=trixie

purl pkg:deb/debian/qemu@1:10.2.2%2Bds-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1j9f-u62h-rug2

vulnerability	VCID-46gg-8h8g-2kf5

vulnerability	VCID-4mt9-kf9m-2fbz

vulnerability	VCID-n9n4-prkb-f3c6

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:10.2.2%252Bds-1%3Fdistro=trixie

url	pkg:deb/debian/qemu@1:11.0.0%2Bds-1?distro=trixie
purl	pkg:deb/debian/qemu@1:11.0.0%2Bds-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:11.0.0%252Bds-1%3Fdistro=trixie

aliases CVE-2017-5973

risk_score 2.5

exploitability 0.5

weighted_severity 5.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-gagc-4hh8-hkhb

url VCID-j84y-1e8t-3ygv

vulnerability_id VCID-j84y-1e8t-3ygv

summary oob access in cirrus bitblt copy

references

reference_url	http://rhn.redhat.com/errata/RHSA-2017-0309.html
reference_id
reference_type
scores
url	http://rhn.redhat.com/errata/RHSA-2017-0309.html

reference_url	http://rhn.redhat.com/errata/RHSA-2017-0328.html
reference_id
reference_type
scores
url	http://rhn.redhat.com/errata/RHSA-2017-0328.html

reference_url	http://rhn.redhat.com/errata/RHSA-2017-0329.html
reference_id
reference_type
scores
url	http://rhn.redhat.com/errata/RHSA-2017-0329.html

reference_url	http://rhn.redhat.com/errata/RHSA-2017-0330.html
reference_id
reference_type
scores
url	http://rhn.redhat.com/errata/RHSA-2017-0330.html

reference_url	http://rhn.redhat.com/errata/RHSA-2017-0331.html
reference_id
reference_type
scores
url	http://rhn.redhat.com/errata/RHSA-2017-0331.html

reference_url	http://rhn.redhat.com/errata/RHSA-2017-0332.html
reference_id
reference_type
scores
url	http://rhn.redhat.com/errata/RHSA-2017-0332.html

reference_url	http://rhn.redhat.com/errata/RHSA-2017-0333.html
reference_id
reference_type
scores
url	http://rhn.redhat.com/errata/RHSA-2017-0333.html

reference_url	http://rhn.redhat.com/errata/RHSA-2017-0334.html
reference_id
reference_type
scores
url	http://rhn.redhat.com/errata/RHSA-2017-0334.html

reference_url	http://rhn.redhat.com/errata/RHSA-2017-0344.html
reference_id
reference_type
scores
url	http://rhn.redhat.com/errata/RHSA-2017-0344.html

reference_url	http://rhn.redhat.com/errata/RHSA-2017-0350.html
reference_id
reference_type
scores
url	http://rhn.redhat.com/errata/RHSA-2017-0350.html

reference_url	http://rhn.redhat.com/errata/RHSA-2017-0396.html
reference_id
reference_type
scores
url	http://rhn.redhat.com/errata/RHSA-2017-0396.html

reference_url	http://rhn.redhat.com/errata/RHSA-2017-0454.html
reference_id
reference_type
scores
url	http://rhn.redhat.com/errata/RHSA-2017-0454.html

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-2615.json

reference_id

reference_type

scores

value	5.5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:A/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-2615.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2017-2615

reference_id

reference_type

scores

value	0.0101
scoring_system	epss
scoring_elements	0.7704
published_at	2026-04-01T12:55:00Z

value	0.0101
scoring_system	epss
scoring_elements	0.77189
published_at	2026-04-29T12:55:00Z

value	0.0101
scoring_system	epss
scoring_elements	0.77143
published_at	2026-04-18T12:55:00Z

value	0.0101
scoring_system	epss
scoring_elements	0.77134
published_at	2026-04-21T12:55:00Z

value	0.0101
scoring_system	epss
scoring_elements	0.77169
published_at	2026-04-24T12:55:00Z

value	0.0101
scoring_system	epss
scoring_elements	0.77175
published_at	2026-04-26T12:55:00Z

value	0.0101
scoring_system	epss
scoring_elements	0.77046
published_at	2026-04-02T12:55:00Z

value	0.0101
scoring_system	epss
scoring_elements	0.77075
published_at	2026-04-04T12:55:00Z

value	0.0101
scoring_system	epss
scoring_elements	0.77056
published_at	2026-04-07T12:55:00Z

value	0.0101
scoring_system	epss
scoring_elements	0.77088
published_at	2026-04-08T12:55:00Z

value	0.0101
scoring_system	epss
scoring_elements	0.77098
published_at	2026-04-09T12:55:00Z

value	0.0101
scoring_system	epss
scoring_elements	0.77126
published_at	2026-04-11T12:55:00Z

value	0.0101
scoring_system	epss
scoring_elements	0.77106
published_at	2026-04-12T12:55:00Z

value	0.0101
scoring_system	epss
scoring_elements	0.77101
published_at	2026-04-13T12:55:00Z

value	0.0101
scoring_system	epss
scoring_elements	0.77141
published_at	2026-04-16T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2017-2615

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-2615
reference_id
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-2615

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-2615
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-2615

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	4.9
scoring_system	cvssv2
scoring_elements	AV:A/AC:M/Au:S/C:P/I:P/A:P

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://lists.debian.org/debian-lts-announce/2018/09/msg00007.html
reference_id
reference_type
scores
url	https://lists.debian.org/debian-lts-announce/2018/09/msg00007.html

reference_url	https://lists.gnu.org/archive/html/qemu-devel/2017-02/msg00015.html
reference_id
reference_type
scores
url	https://lists.gnu.org/archive/html/qemu-devel/2017-02/msg00015.html

reference_url	https://support.citrix.com/article/CTX220771
reference_id
reference_type
scores
url	https://support.citrix.com/article/CTX220771

reference_url	http://www.openwall.com/lists/oss-security/2017/02/01/6
reference_id
reference_type
scores
url	http://www.openwall.com/lists/oss-security/2017/02/01/6

reference_url	http://www.securityfocus.com/bid/95990
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/95990

reference_url	http://www.securitytracker.com/id/1037804
reference_id
reference_type
scores
url	http://www.securitytracker.com/id/1037804

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1418200
reference_id	1418200
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1418200

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=854731
reference_id	854731
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=854731

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:citrix:xenserver:6.0.2:::::::*
reference_id	cpe:2.3:a:citrix:xenserver:6.0.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:citrix:xenserver:6.0.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:citrix:xenserver:6.2.0:sp1::::::
reference_id	cpe:2.3:a:citrix:xenserver:6.2.0:sp1::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:citrix:xenserver:6.2.0:sp1::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:citrix:xenserver:6.5:sp1::::::
reference_id	cpe:2.3:a:citrix:xenserver:6.5:sp1::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:citrix:xenserver:6.5:sp1::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:citrix:xenserver:7.0:::::::*
reference_id	cpe:2.3:a:citrix:xenserver:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:citrix:xenserver:7.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:citrix:xenserver:7.1:::::::*
reference_id	cpe:2.3:a:citrix:xenserver:7.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:citrix:xenserver:7.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:qemu:qemu::::::::
reference_id	cpe:2.3:a:qemu:qemu::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:qemu:qemu::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openstack:10:::::::*
reference_id	cpe:2.3:a:redhat:openstack:10:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openstack:10:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openstack:5.0:::::::*
reference_id	cpe:2.3:a:redhat:openstack:5.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openstack:5.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openstack:6.0:::::::*
reference_id	cpe:2.3:a:redhat:openstack:6.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openstack:6.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openstack:7.0:::::::*
reference_id	cpe:2.3:a:redhat:openstack:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openstack:7.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openstack:8:::::::*
reference_id	cpe:2.3:a:redhat:openstack:8:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openstack:8:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openstack:9:::::::*
reference_id	cpe:2.3:a:redhat:openstack:9:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openstack:9:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server:6.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:xen:xen::::::::
reference_id	cpe:2.3:o:xen:xen::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:xen:xen::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:xen:xen:4.7.1:r1::::::
reference_id	cpe:2.3:o:xen:xen:4.7.1:r1::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:xen:xen:4.7.1:r1::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:xen:xen:4.7.1:r2::::::
reference_id	cpe:2.3:o:xen:xen:4.7.1:r2::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:xen:xen:4.7.1:r2::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:xen:xen:4.7.1:r3::::::
reference_id	cpe:2.3:o:xen:xen:4.7.1:r3::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:xen:xen:4.7.1:r3::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:xen:xen:4.7.1:r4::::::
reference_id	cpe:2.3:o:xen:xen:4.7.1:r4::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:xen:xen:4.7.1:r4::::::

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2017-2615

reference_id

CVE-2017-2615

reference_type

scores

value	9.0
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:S/C:C/I:C/A:C

value	5.5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:A/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:L

value	9.1
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H

url

https://nvd.nist.gov/vuln/detail/CVE-2017-2615

reference_url	https://security.gentoo.org/glsa/201702-27
reference_id	GLSA-201702-27
reference_type
scores
url	https://security.gentoo.org/glsa/201702-27

reference_url	https://security.gentoo.org/glsa/201702-28
reference_id	GLSA-201702-28
reference_type
scores
url	https://security.gentoo.org/glsa/201702-28

reference_url	https://access.redhat.com/errata/RHSA-2017:0309
reference_id	RHSA-2017:0309
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2017:0309

reference_url	https://access.redhat.com/errata/RHSA-2017:0328
reference_id	RHSA-2017:0328
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2017:0328

reference_url	https://access.redhat.com/errata/RHSA-2017:0329
reference_id	RHSA-2017:0329
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2017:0329

reference_url	https://access.redhat.com/errata/RHSA-2017:0330
reference_id	RHSA-2017:0330
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2017:0330

reference_url	https://access.redhat.com/errata/RHSA-2017:0331
reference_id	RHSA-2017:0331
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2017:0331

reference_url	https://access.redhat.com/errata/RHSA-2017:0332
reference_id	RHSA-2017:0332
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2017:0332

reference_url	https://access.redhat.com/errata/RHSA-2017:0333
reference_id	RHSA-2017:0333
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2017:0333

reference_url	https://access.redhat.com/errata/RHSA-2017:0334
reference_id	RHSA-2017:0334
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2017:0334

reference_url	https://access.redhat.com/errata/RHSA-2017:0344
reference_id	RHSA-2017:0344
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2017:0344

reference_url	https://access.redhat.com/errata/RHSA-2017:0350
reference_id	RHSA-2017:0350
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2017:0350

reference_url	https://access.redhat.com/errata/RHSA-2017:0396
reference_id	RHSA-2017:0396
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2017:0396

reference_url	https://access.redhat.com/errata/RHSA-2017:0454
reference_id	RHSA-2017:0454
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2017:0454

reference_url	https://usn.ubuntu.com/3261-1/
reference_id	USN-3261-1
reference_type
scores
url	https://usn.ubuntu.com/3261-1/

reference_url	https://xenbits.xen.org/xsa/advisory-208.html
reference_id	XSA-208
reference_type
scores
url	https://xenbits.xen.org/xsa/advisory-208.html

fixed_packages

url	pkg:deb/debian/qemu@1:2.8%2Bdfsg-3?distro=trixie
purl	pkg:deb/debian/qemu@1:2.8%2Bdfsg-3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:2.8%252Bdfsg-3%3Fdistro=trixie

url pkg:deb/debian/qemu@1:5.2%2Bdfsg-11%2Bdeb11u3?distro=trixie

purl pkg:deb/debian/qemu@1:5.2%2Bdfsg-11%2Bdeb11u3?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-3kyg-9mf3-kfft

vulnerability	VCID-46gg-8h8g-2kf5

vulnerability	VCID-4mt9-kf9m-2fbz

vulnerability	VCID-6qnt-yaa3-p3bb

vulnerability	VCID-cenj-mz55-jbg6

vulnerability	VCID-d2ve-dnmj-4bbz

vulnerability	VCID-ej5p-r4az-6ud2

vulnerability	VCID-ewb7-nrtu-g7ex

vulnerability	VCID-gc6n-kgsc-f3b6

vulnerability	VCID-m47q-17n6-t7gg

vulnerability	VCID-mtj9-1cns-yybw

vulnerability	VCID-n71j-fz74-kyhf

vulnerability	VCID-p2dz-mtns-5bb4

vulnerability	VCID-ptty-88p4-ybe9

vulnerability	VCID-pxjg-chmx-nkdc

vulnerability	VCID-qh2s-apkz-sbaz

vulnerability	VCID-t58m-9jqp-43c9

vulnerability	VCID-t5gq-4bhn-gkej

vulnerability	VCID-uzxc-npak-yyc4

vulnerability	VCID-w7gc-1eh2-3ufu

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:5.2%252Bdfsg-11%252Bdeb11u3%3Fdistro=trixie

url pkg:deb/debian/qemu@1:7.2%2Bdfsg-7%2Bdeb12u18?distro=trixie

purl pkg:deb/debian/qemu@1:7.2%2Bdfsg-7%2Bdeb12u18?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-46gg-8h8g-2kf5

vulnerability	VCID-4mt9-kf9m-2fbz

vulnerability	VCID-hkf8-96k7-kuc9

vulnerability	VCID-m47q-17n6-t7gg

vulnerability	VCID-n71j-fz74-kyhf

vulnerability	VCID-t58m-9jqp-43c9

vulnerability	VCID-uzxc-npak-yyc4

vulnerability	VCID-vcun-y6d5-6uby

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:7.2%252Bdfsg-7%252Bdeb12u18%3Fdistro=trixie

url pkg:deb/debian/qemu@1:10.0.8%2Bds-0%2Bdeb13u1?distro=trixie

purl pkg:deb/debian/qemu@1:10.0.8%2Bds-0%2Bdeb13u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1j9f-u62h-rug2

vulnerability	VCID-46gg-8h8g-2kf5

vulnerability	VCID-4mt9-kf9m-2fbz

vulnerability	VCID-9szt-c829-zfdh

vulnerability	VCID-detn-3zsq-3qh7

vulnerability	VCID-m47q-17n6-t7gg

vulnerability	VCID-n71j-fz74-kyhf

vulnerability	VCID-n9n4-prkb-f3c6

vulnerability	VCID-vcun-y6d5-6uby

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:10.0.8%252Bds-0%252Bdeb13u1%3Fdistro=trixie

url pkg:deb/debian/qemu@1:10.2.1%2Bds-1?distro=trixie

purl pkg:deb/debian/qemu@1:10.2.1%2Bds-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-9szt-c829-zfdh

vulnerability	VCID-detn-3zsq-3qh7

vulnerability	VCID-m47q-17n6-t7gg

vulnerability	VCID-vcun-y6d5-6uby

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:10.2.1%252Bds-1%3Fdistro=trixie

url pkg:deb/debian/qemu@1:10.2.2%2Bds-1?distro=trixie

purl pkg:deb/debian/qemu@1:10.2.2%2Bds-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1j9f-u62h-rug2

vulnerability	VCID-46gg-8h8g-2kf5

vulnerability	VCID-4mt9-kf9m-2fbz

vulnerability	VCID-n9n4-prkb-f3c6

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:10.2.2%252Bds-1%3Fdistro=trixie

url	pkg:deb/debian/qemu@1:11.0.0%2Bds-1?distro=trixie
purl	pkg:deb/debian/qemu@1:11.0.0%2Bds-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:11.0.0%252Bds-1%3Fdistro=trixie

aliases CVE-2017-2615, XSA-208

risk_score 4.1

exploitability 0.5

weighted_severity 8.2

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-j84y-1e8t-3ygv

url VCID-qtkd-pv6z-pkdf

vulnerability_id VCID-qtkd-pv6z-pkdf

summary

Multiple vulnerabilities have been found in QEMU, the worst of
    which could lead to the execution of arbitrary code on the host system.

references

reference_url	http://git.qemu-project.org/?p=qemu.git%3Ba=commit%3Bh=a08aaff811fb194950f79711d2afe5a892ae03a4
reference_id
reference_type
scores
url	http://git.qemu-project.org/?p=qemu.git%3Ba=commit%3Bh=a08aaff811fb194950f79711d2afe5a892ae03a4

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5931.json

reference_id

reference_type

scores

value	4.0
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:A/AC:H/PR:H/UI:N/S:C/C:N/I:L/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5931.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2017-5931

reference_id

reference_type

scores

value	0.00221
scoring_system	epss
scoring_elements	0.4468
published_at	2026-04-01T12:55:00Z

value	0.00221
scoring_system	epss
scoring_elements	0.44586
published_at	2026-04-29T12:55:00Z

value	0.00221
scoring_system	epss
scoring_elements	0.44658
published_at	2026-04-24T12:55:00Z

value	0.00221
scoring_system	epss
scoring_elements	0.44665
published_at	2026-04-26T12:55:00Z

value	0.00221
scoring_system	epss
scoring_elements	0.4476
published_at	2026-04-02T12:55:00Z

value	0.00221
scoring_system	epss
scoring_elements	0.44781
published_at	2026-04-04T12:55:00Z

value	0.00221
scoring_system	epss
scoring_elements	0.4472
published_at	2026-04-07T12:55:00Z

value	0.00221
scoring_system	epss
scoring_elements	0.44773
published_at	2026-04-08T12:55:00Z

value	0.00221
scoring_system	epss
scoring_elements	0.44775
published_at	2026-04-09T12:55:00Z

value	0.00221
scoring_system	epss
scoring_elements	0.44792
published_at	2026-04-11T12:55:00Z

value	0.00221
scoring_system	epss
scoring_elements	0.44761
published_at	2026-04-12T12:55:00Z

value	0.00221
scoring_system	epss
scoring_elements	0.44763
published_at	2026-04-13T12:55:00Z

value	0.00221
scoring_system	epss
scoring_elements	0.44816
published_at	2026-04-16T12:55:00Z

value	0.00221
scoring_system	epss
scoring_elements	0.44809
published_at	2026-04-18T12:55:00Z

value	0.00221
scoring_system	epss
scoring_elements	0.44739
published_at	2026-04-21T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2017-5931

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5931
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5931

reference_url	https://lists.nongnu.org/archive/html/qemu-devel/2017-01/msg01368.html
reference_id
reference_type
scores
url	https://lists.nongnu.org/archive/html/qemu-devel/2017-01/msg01368.html

reference_url	http://www.openwall.com/lists/oss-security/2017/02/08/2
reference_id
reference_type
scores
url	http://www.openwall.com/lists/oss-security/2017/02/08/2

reference_url	http://www.securityfocus.com/bid/96141
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/96141

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1420092
reference_id	1420092
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1420092

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=854730
reference_id	854730
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=854730

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:qemu:qemu::::::::
reference_id	cpe:2.3:a:qemu:qemu::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:qemu:qemu::::::::

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2017-5931

reference_id

CVE-2017-5931

reference_type

scores

value	7.2
scoring_system	cvssv2
scoring_elements	AV:L/AC:L/Au:N/C:C/I:C/A:C

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H

url

https://nvd.nist.gov/vuln/detail/CVE-2017-5931

reference_url	https://security.gentoo.org/glsa/201702-28
reference_id	GLSA-201702-28
reference_type
scores
url	https://security.gentoo.org/glsa/201702-28

fixed_packages

url	pkg:deb/debian/qemu@1:2.8%2Bdfsg-3?distro=trixie
purl	pkg:deb/debian/qemu@1:2.8%2Bdfsg-3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:2.8%252Bdfsg-3%3Fdistro=trixie

url pkg:deb/debian/qemu@1:5.2%2Bdfsg-11%2Bdeb11u3?distro=trixie

purl pkg:deb/debian/qemu@1:5.2%2Bdfsg-11%2Bdeb11u3?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-3kyg-9mf3-kfft

vulnerability	VCID-46gg-8h8g-2kf5

vulnerability	VCID-4mt9-kf9m-2fbz

vulnerability	VCID-6qnt-yaa3-p3bb

vulnerability	VCID-cenj-mz55-jbg6

vulnerability	VCID-d2ve-dnmj-4bbz

vulnerability	VCID-ej5p-r4az-6ud2

vulnerability	VCID-ewb7-nrtu-g7ex

vulnerability	VCID-gc6n-kgsc-f3b6

vulnerability	VCID-m47q-17n6-t7gg

vulnerability	VCID-mtj9-1cns-yybw

vulnerability	VCID-n71j-fz74-kyhf

vulnerability	VCID-p2dz-mtns-5bb4

vulnerability	VCID-ptty-88p4-ybe9

vulnerability	VCID-pxjg-chmx-nkdc

vulnerability	VCID-qh2s-apkz-sbaz

vulnerability	VCID-t58m-9jqp-43c9

vulnerability	VCID-t5gq-4bhn-gkej

vulnerability	VCID-uzxc-npak-yyc4

vulnerability	VCID-w7gc-1eh2-3ufu

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:5.2%252Bdfsg-11%252Bdeb11u3%3Fdistro=trixie

url pkg:deb/debian/qemu@1:7.2%2Bdfsg-7%2Bdeb12u18?distro=trixie

purl pkg:deb/debian/qemu@1:7.2%2Bdfsg-7%2Bdeb12u18?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-46gg-8h8g-2kf5

vulnerability	VCID-4mt9-kf9m-2fbz

vulnerability	VCID-hkf8-96k7-kuc9

vulnerability	VCID-m47q-17n6-t7gg

vulnerability	VCID-n71j-fz74-kyhf

vulnerability	VCID-t58m-9jqp-43c9

vulnerability	VCID-uzxc-npak-yyc4

vulnerability	VCID-vcun-y6d5-6uby

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:7.2%252Bdfsg-7%252Bdeb12u18%3Fdistro=trixie

url pkg:deb/debian/qemu@1:10.0.8%2Bds-0%2Bdeb13u1?distro=trixie

purl pkg:deb/debian/qemu@1:10.0.8%2Bds-0%2Bdeb13u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1j9f-u62h-rug2

vulnerability	VCID-46gg-8h8g-2kf5

vulnerability	VCID-4mt9-kf9m-2fbz

vulnerability	VCID-9szt-c829-zfdh

vulnerability	VCID-detn-3zsq-3qh7

vulnerability	VCID-m47q-17n6-t7gg

vulnerability	VCID-n71j-fz74-kyhf

vulnerability	VCID-n9n4-prkb-f3c6

vulnerability	VCID-vcun-y6d5-6uby

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:10.0.8%252Bds-0%252Bdeb13u1%3Fdistro=trixie

url pkg:deb/debian/qemu@1:10.2.1%2Bds-1?distro=trixie

purl pkg:deb/debian/qemu@1:10.2.1%2Bds-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-9szt-c829-zfdh

vulnerability	VCID-detn-3zsq-3qh7

vulnerability	VCID-m47q-17n6-t7gg

vulnerability	VCID-vcun-y6d5-6uby

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:10.2.1%252Bds-1%3Fdistro=trixie

url pkg:deb/debian/qemu@1:10.2.2%2Bds-1?distro=trixie

purl pkg:deb/debian/qemu@1:10.2.2%2Bds-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1j9f-u62h-rug2

vulnerability	VCID-46gg-8h8g-2kf5

vulnerability	VCID-4mt9-kf9m-2fbz

vulnerability	VCID-n9n4-prkb-f3c6

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:10.2.2%252Bds-1%3Fdistro=trixie

url	pkg:deb/debian/qemu@1:11.0.0%2Bds-1?distro=trixie
purl	pkg:deb/debian/qemu@1:11.0.0%2Bds-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:11.0.0%252Bds-1%3Fdistro=trixie

aliases CVE-2017-5931

risk_score 4.0

exploitability 0.5

weighted_severity 7.9

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-qtkd-pv6z-pkdf

url VCID-ssft-w1t3-9kc9

vulnerability_id VCID-ssft-w1t3-9kc9

summary

Multiple vulnerabilities have been found in QEMU, the worst of
    which could lead to the execution of arbitrary code on the host system.

references

reference_url	http://git.qemu-project.org/?p=qemu.git%3Ba=commit%3Bh=765a707000e838c30b18d712fe6cb3dd8e0435f3
reference_id
reference_type
scores
url	http://git.qemu-project.org/?p=qemu.git%3Ba=commit%3Bh=765a707000e838c30b18d712fe6cb3dd8e0435f3

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5856.json

reference_id

reference_type

scores

value	3.0
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:A/AC:H/PR:L/UI:N/S:C/C:N/I:N/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5856.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2017-5856

reference_id

reference_type

scores

value	0.00143
scoring_system	epss
scoring_elements	0.34282
published_at	2026-04-01T12:55:00Z

value	0.00143
scoring_system	epss
scoring_elements	0.34029
published_at	2026-04-29T12:55:00Z

value	0.00143
scoring_system	epss
scoring_elements	0.34511
published_at	2026-04-21T12:55:00Z

value	0.00143
scoring_system	epss
scoring_elements	0.34135
published_at	2026-04-24T12:55:00Z

value	0.00143
scoring_system	epss
scoring_elements	0.34114
published_at	2026-04-26T12:55:00Z

value	0.00143
scoring_system	epss
scoring_elements	0.34621
published_at	2026-04-02T12:55:00Z

value	0.00143
scoring_system	epss
scoring_elements	0.34647
published_at	2026-04-04T12:55:00Z

value	0.00143
scoring_system	epss
scoring_elements	0.34516
published_at	2026-04-07T12:55:00Z

value	0.00143
scoring_system	epss
scoring_elements	0.34558
published_at	2026-04-08T12:55:00Z

value	0.00143
scoring_system	epss
scoring_elements	0.34587
published_at	2026-04-09T12:55:00Z

value	0.00143
scoring_system	epss
scoring_elements	0.34589
published_at	2026-04-11T12:55:00Z

value	0.00143
scoring_system	epss
scoring_elements	0.3455
published_at	2026-04-12T12:55:00Z

value	0.00143
scoring_system	epss
scoring_elements	0.34525
published_at	2026-04-13T12:55:00Z

value	0.00143
scoring_system	epss
scoring_elements	0.34564
published_at	2026-04-16T12:55:00Z

value	0.00143
scoring_system	epss
scoring_elements	0.34549
published_at	2026-04-18T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2017-5856

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5856
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5856

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	2.3
scoring_system	cvssv2
scoring_elements	AV:A/AC:M/Au:S/C:N/I:N/A:P

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://lists.debian.org/debian-lts-announce/2018/09/msg00007.html
reference_id
reference_type
scores
url	https://lists.debian.org/debian-lts-announce/2018/09/msg00007.html

reference_url	http://www.openwall.com/lists/oss-security/2017/02/01/19
reference_id
reference_type
scores
url	http://www.openwall.com/lists/oss-security/2017/02/01/19

reference_url	http://www.openwall.com/lists/oss-security/2017/02/02/14
reference_id
reference_type
scores
url	http://www.openwall.com/lists/oss-security/2017/02/02/14

reference_url	http://www.securityfocus.com/bid/95999
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/95999

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1418342
reference_id	1418342
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1418342

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=853996
reference_id	853996
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=853996

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:qemu:qemu::::::::
reference_id	cpe:2.3:a:qemu:qemu::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:qemu:qemu::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2017-5856

reference_id

CVE-2017-5856

reference_type

scores

value	4.9
scoring_system	cvssv2
scoring_elements	AV:L/AC:L/Au:N/C:N/I:N/A:C

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H

url

https://nvd.nist.gov/vuln/detail/CVE-2017-5856

reference_url	https://security.gentoo.org/glsa/201702-28
reference_id	GLSA-201702-28
reference_type
scores
url	https://security.gentoo.org/glsa/201702-28

reference_url	https://usn.ubuntu.com/3261-1/
reference_id	USN-3261-1
reference_type
scores
url	https://usn.ubuntu.com/3261-1/

fixed_packages

url	pkg:deb/debian/qemu@1:2.8%2Bdfsg-3?distro=trixie
purl	pkg:deb/debian/qemu@1:2.8%2Bdfsg-3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:2.8%252Bdfsg-3%3Fdistro=trixie

url pkg:deb/debian/qemu@1:5.2%2Bdfsg-11%2Bdeb11u3?distro=trixie

purl pkg:deb/debian/qemu@1:5.2%2Bdfsg-11%2Bdeb11u3?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-3kyg-9mf3-kfft

vulnerability	VCID-46gg-8h8g-2kf5

vulnerability	VCID-4mt9-kf9m-2fbz

vulnerability	VCID-6qnt-yaa3-p3bb

vulnerability	VCID-cenj-mz55-jbg6

vulnerability	VCID-d2ve-dnmj-4bbz

vulnerability	VCID-ej5p-r4az-6ud2

vulnerability	VCID-ewb7-nrtu-g7ex

vulnerability	VCID-gc6n-kgsc-f3b6

vulnerability	VCID-m47q-17n6-t7gg

vulnerability	VCID-mtj9-1cns-yybw

vulnerability	VCID-n71j-fz74-kyhf

vulnerability	VCID-p2dz-mtns-5bb4

vulnerability	VCID-ptty-88p4-ybe9

vulnerability	VCID-pxjg-chmx-nkdc

vulnerability	VCID-qh2s-apkz-sbaz

vulnerability	VCID-t58m-9jqp-43c9

vulnerability	VCID-t5gq-4bhn-gkej

vulnerability	VCID-uzxc-npak-yyc4

vulnerability	VCID-w7gc-1eh2-3ufu

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:5.2%252Bdfsg-11%252Bdeb11u3%3Fdistro=trixie

url pkg:deb/debian/qemu@1:7.2%2Bdfsg-7%2Bdeb12u18?distro=trixie

purl pkg:deb/debian/qemu@1:7.2%2Bdfsg-7%2Bdeb12u18?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-46gg-8h8g-2kf5

vulnerability	VCID-4mt9-kf9m-2fbz

vulnerability	VCID-hkf8-96k7-kuc9

vulnerability	VCID-m47q-17n6-t7gg

vulnerability	VCID-n71j-fz74-kyhf

vulnerability	VCID-t58m-9jqp-43c9

vulnerability	VCID-uzxc-npak-yyc4

vulnerability	VCID-vcun-y6d5-6uby

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:7.2%252Bdfsg-7%252Bdeb12u18%3Fdistro=trixie

url pkg:deb/debian/qemu@1:10.0.8%2Bds-0%2Bdeb13u1?distro=trixie

purl pkg:deb/debian/qemu@1:10.0.8%2Bds-0%2Bdeb13u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1j9f-u62h-rug2

vulnerability	VCID-46gg-8h8g-2kf5

vulnerability	VCID-4mt9-kf9m-2fbz

vulnerability	VCID-9szt-c829-zfdh

vulnerability	VCID-detn-3zsq-3qh7

vulnerability	VCID-m47q-17n6-t7gg

vulnerability	VCID-n71j-fz74-kyhf

vulnerability	VCID-n9n4-prkb-f3c6

vulnerability	VCID-vcun-y6d5-6uby

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:10.0.8%252Bds-0%252Bdeb13u1%3Fdistro=trixie

url pkg:deb/debian/qemu@1:10.2.1%2Bds-1?distro=trixie

purl pkg:deb/debian/qemu@1:10.2.1%2Bds-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-9szt-c829-zfdh

vulnerability	VCID-detn-3zsq-3qh7

vulnerability	VCID-m47q-17n6-t7gg

vulnerability	VCID-vcun-y6d5-6uby

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:10.2.1%252Bds-1%3Fdistro=trixie

url pkg:deb/debian/qemu@1:10.2.2%2Bds-1?distro=trixie

purl pkg:deb/debian/qemu@1:10.2.2%2Bds-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1j9f-u62h-rug2

vulnerability	VCID-46gg-8h8g-2kf5

vulnerability	VCID-4mt9-kf9m-2fbz

vulnerability	VCID-n9n4-prkb-f3c6

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:10.2.2%252Bds-1%3Fdistro=trixie

url	pkg:deb/debian/qemu@1:11.0.0%2Bds-1?distro=trixie
purl	pkg:deb/debian/qemu@1:11.0.0%2Bds-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:11.0.0%252Bds-1%3Fdistro=trixie

aliases CVE-2017-5856

risk_score 3.0

exploitability 0.5

weighted_severity 5.9

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ssft-w1t3-9kc9

url VCID-wqwh-zgp4-ske3

vulnerability_id VCID-wqwh-zgp4-ske3

summary

Multiple vulnerabilities have been found in QEMU, the worst of
    which could lead to the execution of arbitrary code on the host system.

references

reference_url	http://git.qemu-project.org/?p=qemu.git%3Ba=commit%3Bh=5e8e3c4c75c199aa1017db816fca02be2a9f8798
reference_id
reference_type
scores
url	http://git.qemu-project.org/?p=qemu.git%3Ba=commit%3Bh=5e8e3c4c75c199aa1017db816fca02be2a9f8798

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5857.json

reference_id

reference_type

scores

value	3.0
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:A/AC:H/PR:L/UI:N/S:C/C:N/I:N/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5857.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2017-5857

reference_id

reference_type

scores

value	0.00143
scoring_system	epss
scoring_elements	0.34282
published_at	2026-04-01T12:55:00Z

value	0.00143
scoring_system	epss
scoring_elements	0.34029
published_at	2026-04-29T12:55:00Z

value	0.00143
scoring_system	epss
scoring_elements	0.34511
published_at	2026-04-21T12:55:00Z

value	0.00143
scoring_system	epss
scoring_elements	0.34135
published_at	2026-04-24T12:55:00Z

value	0.00143
scoring_system	epss
scoring_elements	0.34114
published_at	2026-04-26T12:55:00Z

value	0.00143
scoring_system	epss
scoring_elements	0.34621
published_at	2026-04-02T12:55:00Z

value	0.00143
scoring_system	epss
scoring_elements	0.34647
published_at	2026-04-04T12:55:00Z

value	0.00143
scoring_system	epss
scoring_elements	0.34516
published_at	2026-04-07T12:55:00Z

value	0.00143
scoring_system	epss
scoring_elements	0.34558
published_at	2026-04-08T12:55:00Z

value	0.00143
scoring_system	epss
scoring_elements	0.34587
published_at	2026-04-09T12:55:00Z

value	0.00143
scoring_system	epss
scoring_elements	0.34589
published_at	2026-04-11T12:55:00Z

value	0.00143
scoring_system	epss
scoring_elements	0.3455
published_at	2026-04-12T12:55:00Z

value	0.00143
scoring_system	epss
scoring_elements	0.34525
published_at	2026-04-13T12:55:00Z

value	0.00143
scoring_system	epss
scoring_elements	0.34564
published_at	2026-04-16T12:55:00Z

value	0.00143
scoring_system	epss
scoring_elements	0.34549
published_at	2026-04-18T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2017-5857

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5857
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5857

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	2.3
scoring_system	cvssv2
scoring_elements	AV:A/AC:M/Au:S/C:N/I:N/A:P

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	http://www.openwall.com/lists/oss-security/2017/02/01/21
reference_id
reference_type
scores
url	http://www.openwall.com/lists/oss-security/2017/02/01/21

reference_url	http://www.openwall.com/lists/oss-security/2017/02/02/16
reference_id
reference_type
scores
url	http://www.openwall.com/lists/oss-security/2017/02/02/16

reference_url	http://www.securityfocus.com/bid/95993
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/95993

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1418382
reference_id	1418382
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1418382

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=853996
reference_id	853996
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=853996

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:qemu:qemu::::::::
reference_id	cpe:2.3:a:qemu:qemu::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:qemu:qemu::::::::

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2017-5857

reference_id

CVE-2017-5857

reference_type

scores

value	4.9
scoring_system	cvssv2
scoring_elements	AV:L/AC:L/Au:N/C:N/I:N/A:C

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H

url

https://nvd.nist.gov/vuln/detail/CVE-2017-5857

reference_url	https://security.gentoo.org/glsa/201702-28
reference_id	GLSA-201702-28
reference_type
scores
url	https://security.gentoo.org/glsa/201702-28

reference_url	https://usn.ubuntu.com/3261-1/
reference_id	USN-3261-1
reference_type
scores
url	https://usn.ubuntu.com/3261-1/

fixed_packages

url	pkg:deb/debian/qemu@1:2.8%2Bdfsg-3?distro=trixie
purl	pkg:deb/debian/qemu@1:2.8%2Bdfsg-3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:2.8%252Bdfsg-3%3Fdistro=trixie

url pkg:deb/debian/qemu@1:5.2%2Bdfsg-11%2Bdeb11u3?distro=trixie

purl pkg:deb/debian/qemu@1:5.2%2Bdfsg-11%2Bdeb11u3?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-3kyg-9mf3-kfft

vulnerability	VCID-46gg-8h8g-2kf5

vulnerability	VCID-4mt9-kf9m-2fbz

vulnerability	VCID-6qnt-yaa3-p3bb

vulnerability	VCID-cenj-mz55-jbg6

vulnerability	VCID-d2ve-dnmj-4bbz

vulnerability	VCID-ej5p-r4az-6ud2

vulnerability	VCID-ewb7-nrtu-g7ex

vulnerability	VCID-gc6n-kgsc-f3b6

vulnerability	VCID-m47q-17n6-t7gg

vulnerability	VCID-mtj9-1cns-yybw

vulnerability	VCID-n71j-fz74-kyhf

vulnerability	VCID-p2dz-mtns-5bb4

vulnerability	VCID-ptty-88p4-ybe9

vulnerability	VCID-pxjg-chmx-nkdc

vulnerability	VCID-qh2s-apkz-sbaz

vulnerability	VCID-t58m-9jqp-43c9

vulnerability	VCID-t5gq-4bhn-gkej

vulnerability	VCID-uzxc-npak-yyc4

vulnerability	VCID-w7gc-1eh2-3ufu

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:5.2%252Bdfsg-11%252Bdeb11u3%3Fdistro=trixie

url pkg:deb/debian/qemu@1:7.2%2Bdfsg-7%2Bdeb12u18?distro=trixie

purl pkg:deb/debian/qemu@1:7.2%2Bdfsg-7%2Bdeb12u18?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-46gg-8h8g-2kf5

vulnerability	VCID-4mt9-kf9m-2fbz

vulnerability	VCID-hkf8-96k7-kuc9

vulnerability	VCID-m47q-17n6-t7gg

vulnerability	VCID-n71j-fz74-kyhf

vulnerability	VCID-t58m-9jqp-43c9

vulnerability	VCID-uzxc-npak-yyc4

vulnerability	VCID-vcun-y6d5-6uby

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:7.2%252Bdfsg-7%252Bdeb12u18%3Fdistro=trixie

url pkg:deb/debian/qemu@1:10.0.8%2Bds-0%2Bdeb13u1?distro=trixie

purl pkg:deb/debian/qemu@1:10.0.8%2Bds-0%2Bdeb13u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1j9f-u62h-rug2

vulnerability	VCID-46gg-8h8g-2kf5

vulnerability	VCID-4mt9-kf9m-2fbz

vulnerability	VCID-9szt-c829-zfdh

vulnerability	VCID-detn-3zsq-3qh7

vulnerability	VCID-m47q-17n6-t7gg

vulnerability	VCID-n71j-fz74-kyhf

vulnerability	VCID-n9n4-prkb-f3c6

vulnerability	VCID-vcun-y6d5-6uby

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:10.0.8%252Bds-0%252Bdeb13u1%3Fdistro=trixie

url pkg:deb/debian/qemu@1:10.2.1%2Bds-1?distro=trixie

purl pkg:deb/debian/qemu@1:10.2.1%2Bds-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-9szt-c829-zfdh

vulnerability	VCID-detn-3zsq-3qh7

vulnerability	VCID-m47q-17n6-t7gg

vulnerability	VCID-vcun-y6d5-6uby

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:10.2.1%252Bds-1%3Fdistro=trixie

url pkg:deb/debian/qemu@1:10.2.2%2Bds-1?distro=trixie

purl pkg:deb/debian/qemu@1:10.2.2%2Bds-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1j9f-u62h-rug2

vulnerability	VCID-46gg-8h8g-2kf5

vulnerability	VCID-4mt9-kf9m-2fbz

vulnerability	VCID-n9n4-prkb-f3c6

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:10.2.2%252Bds-1%3Fdistro=trixie

url	pkg:deb/debian/qemu@1:11.0.0%2Bds-1?distro=trixie
purl	pkg:deb/debian/qemu@1:11.0.0%2Bds-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:11.0.0%252Bds-1%3Fdistro=trixie

aliases CVE-2017-5857

risk_score 3.0

exploitability 0.5

weighted_severity 5.9

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-wqwh-zgp4-ske3

Risk_score null

Resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:2.8%252Bdfsg-3%3Fdistro=trixie

Package Instance