{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/179023?format=json","vulnerability_id":"VCID-2728-2u4s-z7fy","summary":"Multiple vulnerabilities have been found in Adobe Flash Player, the\n    worst of which allows remote attackers to execute arbitrary code.","aliases":[{"alias":"CVE-2017-3106"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/3907?format=json","purl":"pkg:ebuild/www-plugins/adobe-flash@27.0.0.130-r1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/www-plugins/adobe-flash@27.0.0.130-r1"}],"affected_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/353060?format=json","purl":"pkg:rpm/redhat/flash-plugin@26.0.0.151-1?arch=el6_9","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2728-2u4s-z7fy"},{"vulnerability":"VCID-hhvc-ftnx-ebg2"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/flash-plugin@26.0.0.151-1%3Farch=el6_9"}],"references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-3106.json","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-3106.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-3106","reference_id":"","reference_type":"","scores":[{"value":"0.53254","scoring_system":"epss","scoring_elements":"0.98033","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-3106"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1479887","reference_id":"1479887","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1479887"},{"reference_url":"https://security.gentoo.org/glsa/201709-16","reference_id":"GLSA-201709-16","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201709-16"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:2457","reference_id":"RHSA-2017:2457","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:2457"}],"weaknesses":[{"cwe_id":843,"name":"Access of Resource Using Incompatible Type ('Type Confusion')","description":"The product allocates or initializes a resource such as a pointer, object, or variable using one type, but it later accesses that resource using a type that is incompatible with the original type."}],"exploits":[],"severity_range_score":"8.8 - 8.8","exploitability":null,"weighted_severity":null,"risk_score":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-2728-2u4s-z7fy"}