{"url":"http://public2.vulnerablecode.io/api/packages/937416?format=json","purl":"pkg:deb/debian/radare2@2.1.0%2Bdfsg-1?distro=sid","type":"deb","namespace":"debian","name":"radare2","version":"2.1.0+dfsg-1","qualifiers":{"distro":"sid"},"subpath":"","is_vulnerable":false,"next_non_vulnerable_version":"2.6.0+dfsg-1","latest_non_vulnerable_version":"6.0.7+ds-1","affected_by_vulnerabilities":[],"fixing_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/168335?format=json","vulnerability_id":"VCID-41wv-efp7-23cn","summary":"In radare 2.0.1, a memory corruption vulnerability exists in store_versioninfo_gnu_verdef() and store_versioninfo_gnu_verneed() in libr/bin/format/elf/elf.c, as demonstrated by an invalid free. This error is due to improper sh_size validation when allocating memory.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-16357","reference_id":"","reference_type":"","scores":[{"value":"0.00215","scoring_system":"epss","scoring_elements":"0.43703","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00215","scoring_system":"epss","scoring_elements":"0.43823","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00215","scoring_system":"epss","scoring_elements":"0.43943","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00215","scoring_system":"epss","scoring_elements":"0.43991","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00215","scoring_system":"epss","scoring_elements":"0.44014","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00215","scoring_system":"epss","scoring_elements":"0.43944","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00215","scoring_system":"epss","scoring_elements":"0.43995","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00215","scoring_system":"epss","scoring_elements":"0.43998","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00215","scoring_system":"epss","scoring_elements":"0.44013","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00215","scoring_system":"epss","scoring_elements":"0.4398","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00215","scoring_system":"epss","scoring_elements":"0.43965","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00215","scoring_system":"epss","scoring_elements":"0.44026","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00215","scoring_system":"epss","scoring_elements":"0.44017","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00215","scoring_system":"epss","scoring_elements":"0.43953","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00215","scoring_system":"epss","scoring_elements":"0.43904","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00215","scoring_system":"epss","scoring_elements":"0.43908","published_at":"2026-04-26T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-16357"},{"reference_url":"https://github.com/radare/radare2/commit/0b973e28166636e0ff1fad80baa0385c9c09c53a","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/radare/radare2/commit/0b973e28166636e0ff1fad80baa0385c9c09c53a"},{"reference_url":"https://github.com/radare/radare2/issues/8742","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/radare/radare2/issues/8742"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=880620","reference_id":"880620","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=880620"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:radare:radare2:2.0.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:radare:radare2:2.0.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:radare:radare2:2.0.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2017-16357","reference_id":"CVE-2017-16357","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:P/I:P/A:P"},{"value":"7.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2017-16357"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/937416?format=json","purl":"pkg:deb/debian/radare2@2.1.0%2Bdfsg-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/radare2@2.1.0%252Bdfsg-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/937413?format=json","purl":"pkg:deb/debian/radare2@6.0.7%2Bds-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/radare2@6.0.7%252Bds-1%3Fdistro=sid"}],"aliases":["CVE-2017-16357"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-41wv-efp7-23cn"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/168337?format=json","vulnerability_id":"VCID-7p7w-jwbj-guea","summary":"In radare 2.0.1, a pointer wraparound vulnerability exists in store_versioninfo_gnu_verdef() in libr/bin/format/elf/elf.c.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-16359","reference_id":"","reference_type":"","scores":[{"value":"0.00193","scoring_system":"epss","scoring_elements":"0.40834","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00193","scoring_system":"epss","scoring_elements":"0.40973","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00193","scoring_system":"epss","scoring_elements":"0.41149","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00193","scoring_system":"epss","scoring_elements":"0.41241","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00193","scoring_system":"epss","scoring_elements":"0.4127","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00193","scoring_system":"epss","scoring_elements":"0.41196","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00193","scoring_system":"epss","scoring_elements":"0.41244","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00193","scoring_system":"epss","scoring_elements":"0.41252","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00193","scoring_system":"epss","scoring_elements":"0.41274","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00193","scoring_system":"epss","scoring_elements":"0.41242","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00193","scoring_system":"epss","scoring_elements":"0.41228","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00193","scoring_system":"epss","scoring_elements":"0.41272","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00193","scoring_system":"epss","scoring_elements":"0.41243","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00193","scoring_system":"epss","scoring_elements":"0.41171","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00193","scoring_system":"epss","scoring_elements":"0.41059","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00193","scoring_system":"epss","scoring_elements":"0.41054","published_at":"2026-04-26T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-16359"},{"reference_url":"https://github.com/radare/radare2/commit/62e39f34b2705131a2d08aff0c2e542c6a52cf0e","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/radare/radare2/commit/62e39f34b2705131a2d08aff0c2e542c6a52cf0e"},{"reference_url":"https://github.com/radare/radare2/commit/d21e91f075a7a7a8ed23baa5c1bb1fac48313882","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/radare/radare2/commit/d21e91f075a7a7a8ed23baa5c1bb1fac48313882"},{"reference_url":"https://github.com/radare/radare2/commit/fbaf24bce7ea4211e4608b3ab6c1b45702cb243d","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/radare/radare2/commit/fbaf24bce7ea4211e4608b3ab6c1b45702cb243d"},{"reference_url":"https://github.com/radare/radare2/issues/8764","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/radare/radare2/issues/8764"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=880616","reference_id":"880616","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=880616"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:radare:radare2:2.0.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:radare:radare2:2.0.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:radare:radare2:2.0.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2017-16359","reference_id":"CVE-2017-16359","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:N/I:N/A:P"},{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2017-16359"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/937416?format=json","purl":"pkg:deb/debian/radare2@2.1.0%2Bdfsg-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/radare2@2.1.0%252Bdfsg-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/937413?format=json","purl":"pkg:deb/debian/radare2@6.0.7%2Bds-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/radare2@6.0.7%252Bds-1%3Fdistro=sid"}],"aliases":["CVE-2017-16359"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-7p7w-jwbj-guea"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/167934?format=json","vulnerability_id":"VCID-8bzm-ye49-w7fc","summary":"The store_versioninfo_gnu_verdef function in libr/bin/format/elf/elf.c in radare2 2.0.0 allows remote attackers to cause a denial of service (r_read_le16 invalid write and application crash) or possibly have unspecified other impact via a crafted ELF file.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-15385","reference_id":"","reference_type":"","scores":[{"value":"0.00283","scoring_system":"epss","scoring_elements":"0.5159","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00283","scoring_system":"epss","scoring_elements":"0.51644","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00283","scoring_system":"epss","scoring_elements":"0.51601","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00283","scoring_system":"epss","scoring_elements":"0.51652","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00283","scoring_system":"epss","scoring_elements":"0.51677","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00283","scoring_system":"epss","scoring_elements":"0.51637","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00283","scoring_system":"epss","scoring_elements":"0.51692","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00283","scoring_system":"epss","scoring_elements":"0.51688","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00283","scoring_system":"epss","scoring_elements":"0.51737","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00283","scoring_system":"epss","scoring_elements":"0.51715","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00283","scoring_system":"epss","scoring_elements":"0.51698","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00283","scoring_system":"epss","scoring_elements":"0.51739","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00283","scoring_system":"epss","scoring_elements":"0.51746","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00283","scoring_system":"epss","scoring_elements":"0.51726","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00283","scoring_system":"epss","scoring_elements":"0.51684","published_at":"2026-04-26T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-15385"},{"reference_url":"https://github.com/radare/radare2/commit/21a6f570ba33fa9f52f1bba87f07acc4e8c178f4","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/radare/radare2/commit/21a6f570ba33fa9f52f1bba87f07acc4e8c178f4"},{"reference_url":"https://github.com/radare/radare2/issues/8685","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/radare/radare2/issues/8685"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=879119","reference_id":"879119","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=879119"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:radare:radare2:2.0.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:radare:radare2:2.0.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:radare:radare2:2.0.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2017-15385","reference_id":"CVE-2017-15385","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:P/I:P/A:P"},{"value":"7.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2017-15385"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/937416?format=json","purl":"pkg:deb/debian/radare2@2.1.0%2Bdfsg-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/radare2@2.1.0%252Bdfsg-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/937413?format=json","purl":"pkg:deb/debian/radare2@6.0.7%2Bds-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/radare2@6.0.7%252Bds-1%3Fdistro=sid"}],"aliases":["CVE-2017-15385"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-8bzm-ye49-w7fc"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/168569?format=json","vulnerability_id":"VCID-hvrq-x6mt-nuad","summary":"In radare2 2.0.1, libr/bin/dwarf.c allows remote attackers to cause a denial of service (invalid read and application crash) via a crafted ELF file, related to r_bin_dwarf_parse_comp_unit in dwarf.c and sdb_set_internal in shlr/sdb/src/sdb.c.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-16805","reference_id":"","reference_type":"","scores":[{"value":"0.00202","scoring_system":"epss","scoring_elements":"0.41956","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00202","scoring_system":"epss","scoring_elements":"0.42098","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00202","scoring_system":"epss","scoring_elements":"0.42241","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00202","scoring_system":"epss","scoring_elements":"0.42316","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00202","scoring_system":"epss","scoring_elements":"0.42345","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00202","scoring_system":"epss","scoring_elements":"0.42286","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00202","scoring_system":"epss","scoring_elements":"0.42334","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00202","scoring_system":"epss","scoring_elements":"0.42342","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00202","scoring_system":"epss","scoring_elements":"0.42365","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00202","scoring_system":"epss","scoring_elements":"0.42328","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00202","scoring_system":"epss","scoring_elements":"0.423","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00202","scoring_system":"epss","scoring_elements":"0.4235","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00202","scoring_system":"epss","scoring_elements":"0.42326","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00202","scoring_system":"epss","scoring_elements":"0.42253","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00202","scoring_system":"epss","scoring_elements":"0.42185","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00202","scoring_system":"epss","scoring_elements":"0.4218","published_at":"2026-04-26T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-16805"},{"reference_url":"https://github.com/radare/radare2/commit/2ca9ab45891b6ae8e32b6c28c81eebca059cbe5d","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/radare/radare2/commit/2ca9ab45891b6ae8e32b6c28c81eebca059cbe5d"},{"reference_url":"https://github.com/radare/radare2/issues/8813","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/radare/radare2/issues/8813"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=882134","reference_id":"882134","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=882134"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:radare:radare2:2.0.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:radare:radare2:2.0.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:radare:radare2:2.0.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2017-16805","reference_id":"CVE-2017-16805","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:N/I:N/A:P"},{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2017-16805"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/937416?format=json","purl":"pkg:deb/debian/radare2@2.1.0%2Bdfsg-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/radare2@2.1.0%252Bdfsg-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/937413?format=json","purl":"pkg:deb/debian/radare2@6.0.7%2Bds-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/radare2@6.0.7%252Bds-1%3Fdistro=sid"}],"aliases":["CVE-2017-16805"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-hvrq-x6mt-nuad"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/168336?format=json","vulnerability_id":"VCID-pqrq-1jus-tkep","summary":"In radare 2.0.1, an out-of-bounds read vulnerability exists in string_scan_range() in libr/bin/bin.c when doing a string search.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-16358","reference_id":"","reference_type":"","scores":[{"value":"0.00184","scoring_system":"epss","scoring_elements":"0.39698","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00184","scoring_system":"epss","scoring_elements":"0.39827","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00184","scoring_system":"epss","scoring_elements":"0.4004","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00184","scoring_system":"epss","scoring_elements":"0.40189","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00184","scoring_system":"epss","scoring_elements":"0.40214","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00184","scoring_system":"epss","scoring_elements":"0.40137","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00184","scoring_system":"epss","scoring_elements":"0.4019","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00184","scoring_system":"epss","scoring_elements":"0.40201","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00184","scoring_system":"epss","scoring_elements":"0.40213","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00184","scoring_system":"epss","scoring_elements":"0.40176","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00184","scoring_system":"epss","scoring_elements":"0.40157","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00184","scoring_system":"epss","scoring_elements":"0.40207","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00184","scoring_system":"epss","scoring_elements":"0.40177","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00184","scoring_system":"epss","scoring_elements":"0.40099","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00184","scoring_system":"epss","scoring_elements":"0.39924","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00184","scoring_system":"epss","scoring_elements":"0.39908","published_at":"2026-04-26T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-16358"},{"reference_url":"https://github.com/radare/radare2/commit/d31c4d3cbdbe01ea3ded16a584de94149ecd31d9","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/radare/radare2/commit/d31c4d3cbdbe01ea3ded16a584de94149ecd31d9"},{"reference_url":"https://github.com/radare/radare2/issues/8748","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/radare/radare2/issues/8748"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=880619","reference_id":"880619","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=880619"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:radare:radare2:2.0.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:radare:radare2:2.0.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:radare:radare2:2.0.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2017-16358","reference_id":"CVE-2017-16358","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:P/I:P/A:P"},{"value":"7.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2017-16358"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/937416?format=json","purl":"pkg:deb/debian/radare2@2.1.0%2Bdfsg-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/radare2@2.1.0%252Bdfsg-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/937413?format=json","purl":"pkg:deb/debian/radare2@6.0.7%2Bds-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/radare2@6.0.7%252Bds-1%3Fdistro=sid"}],"aliases":["CVE-2017-16358"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-pqrq-1jus-tkep"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/167923?format=json","vulnerability_id":"VCID-qtjk-bakx-nyar","summary":"The wasm_dis function in libr/asm/arch/wasm/wasm.c in radare2 2.0.0 allows remote attackers to cause a denial of service (stack-based buffer over-read and application crash) or possibly have unspecified other impact via a crafted WASM file that triggers an incorrect r_hex_bin2str call.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-15368","reference_id":"","reference_type":"","scores":[{"value":"0.00237","scoring_system":"epss","scoring_elements":"0.46609","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00237","scoring_system":"epss","scoring_elements":"0.46744","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00237","scoring_system":"epss","scoring_elements":"0.46699","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00237","scoring_system":"epss","scoring_elements":"0.46738","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00237","scoring_system":"epss","scoring_elements":"0.46758","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00237","scoring_system":"epss","scoring_elements":"0.46706","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00237","scoring_system":"epss","scoring_elements":"0.46761","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00237","scoring_system":"epss","scoring_elements":"0.4676","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00237","scoring_system":"epss","scoring_elements":"0.46783","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00237","scoring_system":"epss","scoring_elements":"0.46755","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00237","scoring_system":"epss","scoring_elements":"0.46762","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00237","scoring_system":"epss","scoring_elements":"0.46818","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00237","scoring_system":"epss","scoring_elements":"0.46815","published_at":"2026-04-18T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-15368"},{"reference_url":"https://github.com/radare/radare2/commit/52b1526443c1f433087928291d1c3d37a5600515","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/radare/radare2/commit/52b1526443c1f433087928291d1c3d37a5600515"},{"reference_url":"https://github.com/radare/radare2/issues/8673","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/radare/radare2/issues/8673"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=878767","reference_id":"878767","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=878767"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:radare:radare2:2.0.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:radare:radare2:2.0.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:radare:radare2:2.0.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2017-15368","reference_id":"CVE-2017-15368","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:P/I:P/A:P"},{"value":"7.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2017-15368"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/937416?format=json","purl":"pkg:deb/debian/radare2@2.1.0%2Bdfsg-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/radare2@2.1.0%252Bdfsg-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/937413?format=json","purl":"pkg:deb/debian/radare2@6.0.7%2Bds-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/radare2@6.0.7%252Bds-1%3Fdistro=sid"}],"aliases":["CVE-2017-15368"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-qtjk-bakx-nyar"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/168169?format=json","vulnerability_id":"VCID-wqu2-yhcs-tqgh","summary":"In radare2 2.0.1, an integer exception (negative number leading to an invalid memory access) exists in store_versioninfo_gnu_verdef() in libr/bin/format/elf/elf.c via crafted ELF files when parsing the ELF version on 32bit systems.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-15932","reference_id":"","reference_type":"","scores":[{"value":"0.00206","scoring_system":"epss","scoring_elements":"0.42541","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00206","scoring_system":"epss","scoring_elements":"0.42681","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00206","scoring_system":"epss","scoring_elements":"0.42784","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00206","scoring_system":"epss","scoring_elements":"0.42854","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00206","scoring_system":"epss","scoring_elements":"0.42881","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00206","scoring_system":"epss","scoring_elements":"0.42821","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00206","scoring_system":"epss","scoring_elements":"0.42871","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00206","scoring_system":"epss","scoring_elements":"0.42884","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00206","scoring_system":"epss","scoring_elements":"0.42906","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00206","scoring_system":"epss","scoring_elements":"0.42914","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00206","scoring_system":"epss","scoring_elements":"0.42902","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00206","scoring_system":"epss","scoring_elements":"0.4284","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00206","scoring_system":"epss","scoring_elements":"0.42764","published_at":"2026-04-26T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-15932"},{"reference_url":"https://github.com/radare/radare2/commit/44ded3ff35b8264f54b5a900cab32ec489d9e5b9","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/radare/radare2/commit/44ded3ff35b8264f54b5a900cab32ec489d9e5b9"},{"reference_url":"https://github.com/radare/radare2/issues/8743","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/radare/radare2/issues/8743"},{"reference_url":"http://www.securityfocus.com/bid/101614","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/101614"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=880024","reference_id":"880024","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=880024"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:radare:radare2:2.0.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:radare:radare2:2.0.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:radare:radare2:2.0.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2017-15932","reference_id":"CVE-2017-15932","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:P/I:P/A:P"},{"value":"7.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2017-15932"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/937416?format=json","purl":"pkg:deb/debian/radare2@2.1.0%2Bdfsg-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/radare2@2.1.0%252Bdfsg-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/937413?format=json","purl":"pkg:deb/debian/radare2@6.0.7%2Bds-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/radare2@6.0.7%252Bds-1%3Fdistro=sid"}],"aliases":["CVE-2017-15932"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-wqu2-yhcs-tqgh"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/168168?format=json","vulnerability_id":"VCID-x9x1-xeec-z7ej","summary":"In radare2 2.0.1, an integer exception (negative number leading to an invalid memory access) exists in store_versioninfo_gnu_verneed() in libr/bin/format/elf/elf.c via crafted ELF files on 32bit systems.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-15931","reference_id":"","reference_type":"","scores":[{"value":"0.00206","scoring_system":"epss","scoring_elements":"0.42541","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00206","scoring_system":"epss","scoring_elements":"0.42681","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00206","scoring_system":"epss","scoring_elements":"0.42784","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00206","scoring_system":"epss","scoring_elements":"0.42854","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00206","scoring_system":"epss","scoring_elements":"0.42881","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00206","scoring_system":"epss","scoring_elements":"0.42821","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00206","scoring_system":"epss","scoring_elements":"0.42871","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00206","scoring_system":"epss","scoring_elements":"0.42884","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00206","scoring_system":"epss","scoring_elements":"0.42906","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00206","scoring_system":"epss","scoring_elements":"0.42914","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00206","scoring_system":"epss","scoring_elements":"0.42902","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00206","scoring_system":"epss","scoring_elements":"0.4284","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00206","scoring_system":"epss","scoring_elements":"0.42764","published_at":"2026-04-26T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-15931"},{"reference_url":"https://github.com/radare/radare2/commit/c6d0076c924891ad9948a62d89d0bcdaf965f0cd","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/radare/radare2/commit/c6d0076c924891ad9948a62d89d0bcdaf965f0cd"},{"reference_url":"https://github.com/radare/radare2/issues/8731","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/radare/radare2/issues/8731"},{"reference_url":"http://www.securityfocus.com/bid/101609","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/101609"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=880025","reference_id":"880025","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=880025"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:radare:radare2:2.0.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:radare:radare2:2.0.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:radare:radare2:2.0.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2017-15931","reference_id":"CVE-2017-15931","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:P/I:P/A:P"},{"value":"7.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2017-15931"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/937416?format=json","purl":"pkg:deb/debian/radare2@2.1.0%2Bdfsg-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/radare2@2.1.0%252Bdfsg-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/937413?format=json","purl":"pkg:deb/debian/radare2@6.0.7%2Bds-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/radare2@6.0.7%252Bds-1%3Fdistro=sid"}],"aliases":["CVE-2017-15931"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-x9x1-xeec-z7ej"}],"risk_score":null,"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/radare2@2.1.0%252Bdfsg-1%3Fdistro=sid"}