{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/6428?format=json","vulnerability_id":"VCID-mjqq-2svg-gkav","summary":"arbitrary code execution","aliases":[{"alias":"CVE-2017-14687"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/3206?format=json","purl":"pkg:alpm/archlinux/libmupdf@1.11-5","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/libmupdf@1.11-5"},{"url":"http://public2.vulnerablecode.io/api/packages/3199?format=json","purl":"pkg:alpm/archlinux/zathura-pdf-mupdf@0.3.1-4","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/zathura-pdf-mupdf@0.3.1-4"},{"url":"http://public2.vulnerablecode.io/api/packages/4817?format=json","purl":"pkg:deb/debian/mupdf@1.9a%2Bds1-4%2Bdeb9u4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-27r3-qhsg-j7b1"},{"vulnerability":"VCID-2jdf-swhe-xkf2"},{"vulnerability":"VCID-2smv-bq3w-vfa2"},{"vulnerability":"VCID-6va3-9nen-9qbw"},{"vulnerability":"VCID-8c9e-jm6p-5fgy"},{"vulnerability":"VCID-9jut-tgq2-6bdf"},{"vulnerability":"VCID-dved-27bk-n3eu"},{"vulnerability":"VCID-mjqq-2svg-gkav"},{"vulnerability":"VCID-s83n-8epd-xfd9"},{"vulnerability":"VCID-x8qv-br1c-zkfx"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mupdf@1.9a%252Bds1-4%252Bdeb9u4"},{"url":"http://public2.vulnerablecode.io/api/packages/117065?format=json","purl":"pkg:deb/debian/mupdf@1.11%2Bds1-1.1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mupdf@1.11%252Bds1-1.1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/5635?format=json","purl":"pkg:deb/debian/mupdf@1.14.0%2Bds1-4%2Bdeb10u3","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mupdf@1.14.0%252Bds1-4%252Bdeb10u3"},{"url":"http://public2.vulnerablecode.io/api/packages/117050?format=json","purl":"pkg:deb/debian/mupdf@1.17.0%2Bds1-2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qfb-3yg4-wqe7"},{"vulnerability":"VCID-d27u-mj5y-3bej"},{"vulnerability":"VCID-gr3v-fmss-b7b3"},{"vulnerability":"VCID-nvs2-uvec-5bfn"},{"vulnerability":"VCID-vyk8-39su-nybw"},{"vulnerability":"VCID-vztz-cmzt-dfg4"},{"vulnerability":"VCID-w4m2-5r7t-3ba8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mupdf@1.17.0%252Bds1-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/117048?format=json","purl":"pkg:deb/debian/mupdf@1.21.1%2Bds2-1%2Bdeb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qfb-3yg4-wqe7"},{"vulnerability":"VCID-d27u-mj5y-3bej"},{"vulnerability":"VCID-vyk8-39su-nybw"},{"vulnerability":"VCID-vztz-cmzt-dfg4"},{"vulnerability":"VCID-w4m2-5r7t-3ba8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mupdf@1.21.1%252Bds2-1%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/117052?format=json","purl":"pkg:deb/debian/mupdf@1.25.1%2Bds1-6%2Bdeb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qfb-3yg4-wqe7"},{"vulnerability":"VCID-6aqr-f9ab-zffp"},{"vulnerability":"VCID-vyk8-39su-nybw"},{"vulnerability":"VCID-vztz-cmzt-dfg4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mupdf@1.25.1%252Bds1-6%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/117051?format=json","purl":"pkg:deb/debian/mupdf@1.27.0%2Bds1-6?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mupdf@1.27.0%252Bds1-6%3Fdistro=trixie"}],"affected_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/3205?format=json","purl":"pkg:alpm/archlinux/libmupdf@1.11-4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2jdf-swhe-xkf2"},{"vulnerability":"VCID-2smv-bq3w-vfa2"},{"vulnerability":"VCID-dved-27bk-n3eu"},{"vulnerability":"VCID-mjqq-2svg-gkav"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/libmupdf@1.11-4"},{"url":"http://public2.vulnerablecode.io/api/packages/3198?format=json","purl":"pkg:alpm/archlinux/zathura-pdf-mupdf@0.3.1-3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2jdf-swhe-xkf2"},{"vulnerability":"VCID-2smv-bq3w-vfa2"},{"vulnerability":"VCID-dved-27bk-n3eu"},{"vulnerability":"VCID-mjqq-2svg-gkav"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/zathura-pdf-mupdf@0.3.1-3"},{"url":"http://public2.vulnerablecode.io/api/packages/4560?format=json","purl":"pkg:deb/debian/mupdf@0.9-2%2Bdeb7u2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-27r3-qhsg-j7b1"},{"vulnerability":"VCID-2jdf-swhe-xkf2"},{"vulnerability":"VCID-2smv-bq3w-vfa2"},{"vulnerability":"VCID-6va3-9nen-9qbw"},{"vulnerability":"VCID-8c9e-jm6p-5fgy"},{"vulnerability":"VCID-9jut-tgq2-6bdf"},{"vulnerability":"VCID-dved-27bk-n3eu"},{"vulnerability":"VCID-mjqq-2svg-gkav"},{"vulnerability":"VCID-s83n-8epd-xfd9"},{"vulnerability":"VCID-x8qv-br1c-zkfx"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mupdf@0.9-2%252Bdeb7u2"},{"url":"http://public2.vulnerablecode.io/api/packages/4561?format=json","purl":"pkg:deb/debian/mupdf@1.5-1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-27r3-qhsg-j7b1"},{"vulnerability":"VCID-2jdf-swhe-xkf2"},{"vulnerability":"VCID-2smv-bq3w-vfa2"},{"vulnerability":"VCID-6va3-9nen-9qbw"},{"vulnerability":"VCID-8c9e-jm6p-5fgy"},{"vulnerability":"VCID-9jut-tgq2-6bdf"},{"vulnerability":"VCID-dved-27bk-n3eu"},{"vulnerability":"VCID-mjqq-2svg-gkav"},{"vulnerability":"VCID-s83n-8epd-xfd9"},{"vulnerability":"VCID-x8qv-br1c-zkfx"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mupdf@1.5-1"},{"url":"http://public2.vulnerablecode.io/api/packages/4562?format=json","purl":"pkg:deb/debian/mupdf@1.5-1%2Bdeb8u4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-27r3-qhsg-j7b1"},{"vulnerability":"VCID-2jdf-swhe-xkf2"},{"vulnerability":"VCID-2smv-bq3w-vfa2"},{"vulnerability":"VCID-6va3-9nen-9qbw"},{"vulnerability":"VCID-8c9e-jm6p-5fgy"},{"vulnerability":"VCID-9jut-tgq2-6bdf"},{"vulnerability":"VCID-dved-27bk-n3eu"},{"vulnerability":"VCID-mjqq-2svg-gkav"},{"vulnerability":"VCID-s83n-8epd-xfd9"},{"vulnerability":"VCID-x8qv-br1c-zkfx"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mupdf@1.5-1%252Bdeb8u4"},{"url":"http://public2.vulnerablecode.io/api/packages/4817?format=json","purl":"pkg:deb/debian/mupdf@1.9a%2Bds1-4%2Bdeb9u4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-27r3-qhsg-j7b1"},{"vulnerability":"VCID-2jdf-swhe-xkf2"},{"vulnerability":"VCID-2smv-bq3w-vfa2"},{"vulnerability":"VCID-6va3-9nen-9qbw"},{"vulnerability":"VCID-8c9e-jm6p-5fgy"},{"vulnerability":"VCID-9jut-tgq2-6bdf"},{"vulnerability":"VCID-dved-27bk-n3eu"},{"vulnerability":"VCID-mjqq-2svg-gkav"},{"vulnerability":"VCID-s83n-8epd-xfd9"},{"vulnerability":"VCID-x8qv-br1c-zkfx"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mupdf@1.9a%252Bds1-4%252Bdeb9u4"}],"references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-14687","reference_id":"","reference_type":"","scores":[{"value":"0.00135","scoring_system":"epss","scoring_elements":"0.32974","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-14687"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14685","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14685"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14686","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14686"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14687","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14687"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15587","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15587"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=877379","reference_id":"877379","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=877379"},{"reference_url":"https://security.archlinux.org/ASA-201711-1","reference_id":"ASA-201711-1","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201711-1"},{"reference_url":"https://security.archlinux.org/ASA-201711-2","reference_id":"ASA-201711-2","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201711-2"},{"reference_url":"https://security.archlinux.org/ASA-201711-3","reference_id":"ASA-201711-3","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201711-3"},{"reference_url":"https://security.archlinux.org/ASA-201711-4","reference_id":"ASA-201711-4","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201711-4"},{"reference_url":"https://security.archlinux.org/ASA-201711-5","reference_id":"ASA-201711-5","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201711-5"},{"reference_url":"https://security.archlinux.org/AVG-458","reference_id":"AVG-458","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-458"},{"reference_url":"https://security.archlinux.org/AVG-476","reference_id":"AVG-476","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-476"}],"weaknesses":[],"exploits":[],"severity_range_score":"7.0 - 8.9","exploitability":"0.5","weighted_severity":"8.0","risk_score":4.0,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-mjqq-2svg-gkav"}