Django REST framework

Lookup for vulnerable packages by Package URL.

Purl pkg:apk/alpine/nomad@1.5.3-r0?arch=x86_64&distroversion=v3.18&reponame=community

Type apk

Namespace alpine

Name nomad

Version 1.5.3-r0

Qualifiers

arch	x86_64
distroversion	v3.18
reponame	community

Subpath

Is_vulnerable false

Next_non_vulnerable_version null

Latest_non_vulnerable_version null

Affected_by_vulnerabilities

Fixing_vulnerabilities

url VCID-2c5h-xmk3-fkfa

vulnerability_id VCID-2c5h-xmk3-fkfa

summary

HashiCorp Nomad vulnerable to unauthenticated client agent HTTP request privilege escalation
HashiCorp Nomad and Nomad Enterprise versions 1.5.0 up to 1.5.2 allow unauthenticated users to bypass intended ACL authorizations for clusters where mTLS is not enabled. This issue is fixed in version 1.5.3.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2023-1782

reference_id

reference_type

scores

value	0.00295
scoring_system	epss
scoring_elements	0.52755
published_at	2026-04-09T12:55:00Z

value	0.00295
scoring_system	epss
scoring_elements	0.52709
published_at	2026-04-07T12:55:00Z

value	0.00295
scoring_system	epss
scoring_elements	0.52789
published_at	2026-04-12T12:55:00Z

value	0.00295
scoring_system	epss
scoring_elements	0.52806
published_at	2026-04-11T12:55:00Z

value	0.00295
scoring_system	epss
scoring_elements	0.5276
published_at	2026-04-08T12:55:00Z

value	0.00295
scoring_system	epss
scoring_elements	0.52773
published_at	2026-04-13T12:55:00Z

value	0.00343
scoring_system	epss
scoring_elements	0.5695
published_at	2026-04-18T12:55:00Z

value	0.00343
scoring_system	epss
scoring_elements	0.56953
published_at	2026-04-16T12:55:00Z

value	0.00343
scoring_system	epss
scoring_elements	0.56927
published_at	2026-04-21T12:55:00Z

value	0.00403
scoring_system	epss
scoring_elements	0.60827
published_at	2026-04-04T12:55:00Z

value	0.00403
scoring_system	epss
scoring_elements	0.60797
published_at	2026-04-02T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2023-1782

reference_url

https://discuss.hashicorp.com/t/hcsec-2023-12-nomad-unauthenticated-client-agent-http-request-privilege-escalation/52375

reference_id

reference_type

scores

value	10
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-10T16:26:59Z/

url

https://discuss.hashicorp.com/t/hcsec-2023-12-nomad-unauthenticated-client-agent-http-request-privilege-escalation/52375

reference_url

https://github.com/hashicorp/nomad

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/hashicorp/nomad

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2023-1782

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2023-1782

fixed_packages

url	pkg:apk/alpine/nomad@1.5.3-r0?arch=x86_64&distroversion=v3.18&reponame=community
purl	pkg:apk/alpine/nomad@1.5.3-r0?arch=x86_64&distroversion=v3.18&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/nomad@1.5.3-r0%3Farch=x86_64&distroversion=v3.18&reponame=community

aliases CVE-2023-1782, GHSA-f8r8-h93m-mj77

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-2c5h-xmk3-fkfa

url VCID-4ufj-v5z1-huec

vulnerability_id VCID-4ufj-v5z1-huec

summary Multiple vulnerabilities have been discovered in Go, the worst of which could lead to remote code execution.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-24534.json

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-24534.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2023-24534

reference_id

reference_type

scores

value	0.00119
scoring_system	epss
scoring_elements	0.30833
published_at	2026-04-13T12:55:00Z

value	0.00119
scoring_system	epss
scoring_elements	0.30809
published_at	2026-04-21T12:55:00Z

value	0.00119
scoring_system	epss
scoring_elements	0.30844
published_at	2026-04-18T12:55:00Z

value	0.00119
scoring_system	epss
scoring_elements	0.30864
published_at	2026-04-16T12:55:00Z

value	0.00119
scoring_system	epss
scoring_elements	0.3083
published_at	2026-04-07T12:55:00Z

value	0.00119
scoring_system	epss
scoring_elements	0.30888
published_at	2026-04-08T12:55:00Z

value	0.00119
scoring_system	epss
scoring_elements	0.30918
published_at	2026-04-09T12:55:00Z

value	0.00119
scoring_system	epss
scoring_elements	0.30921
published_at	2026-04-11T12:55:00Z

value	0.00119
scoring_system	epss
scoring_elements	0.30878
published_at	2026-04-12T12:55:00Z

value	0.00137
scoring_system	epss
scoring_elements	0.33636
published_at	2026-04-02T12:55:00Z

value	0.00137
scoring_system	epss
scoring_elements	0.33669
published_at	2026-04-04T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2023-24534

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-24534
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-24534

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2184483
reference_id	2184483
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2184483

reference_url

https://go.dev/cl/481994

reference_id

481994

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-12T17:14:51Z/

url

https://go.dev/cl/481994

reference_url

https://go.dev/issue/58975

reference_id

58975

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-12T17:14:51Z/

url

https://go.dev/issue/58975

reference_url

https://pkg.go.dev/vuln/GO-2023-1704

reference_id

GO-2023-1704

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-12T17:14:51Z/

url

https://pkg.go.dev/vuln/GO-2023-1704

reference_url

https://security.netapp.com/advisory/ntap-20230526-0007/

reference_id

ntap-20230526-0007

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-12T17:14:51Z/

url

https://security.netapp.com/advisory/ntap-20230526-0007/

reference_url	https://access.redhat.com/errata/RHSA-2023:3167
reference_id	RHSA-2023:3167
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:3167

reference_url	https://access.redhat.com/errata/RHSA-2023:3318
reference_id	RHSA-2023:3318
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:3318

reference_url	https://access.redhat.com/errata/RHSA-2023:3319
reference_id	RHSA-2023:3319
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:3319

reference_url	https://access.redhat.com/errata/RHSA-2023:3366
reference_id	RHSA-2023:3366
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:3366

reference_url	https://access.redhat.com/errata/RHSA-2023:3367
reference_id	RHSA-2023:3367
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:3367

reference_url	https://access.redhat.com/errata/RHSA-2023:3445
reference_id	RHSA-2023:3445
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:3445

reference_url	https://access.redhat.com/errata/RHSA-2023:3450
reference_id	RHSA-2023:3450
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:3450

reference_url	https://access.redhat.com/errata/RHSA-2023:3455
reference_id	RHSA-2023:3455
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:3455

reference_url	https://access.redhat.com/errata/RHSA-2023:3536
reference_id	RHSA-2023:3536
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:3536

reference_url	https://access.redhat.com/errata/RHSA-2023:3540
reference_id	RHSA-2023:3540
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:3540

reference_url	https://access.redhat.com/errata/RHSA-2023:3612
reference_id	RHSA-2023:3612
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:3612

reference_url	https://access.redhat.com/errata/RHSA-2023:3624
reference_id	RHSA-2023:3624
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:3624

reference_url	https://access.redhat.com/errata/RHSA-2023:3918
reference_id	RHSA-2023:3918
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:3918

reference_url	https://access.redhat.com/errata/RHSA-2023:3943
reference_id	RHSA-2023:3943
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:3943

reference_url	https://access.redhat.com/errata/RHSA-2023:4003
reference_id	RHSA-2023:4003
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4003

reference_url	https://access.redhat.com/errata/RHSA-2023:4335
reference_id	RHSA-2023:4335
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4335

reference_url	https://access.redhat.com/errata/RHSA-2023:4459
reference_id	RHSA-2023:4459
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4459

reference_url	https://access.redhat.com/errata/RHSA-2023:4470
reference_id	RHSA-2023:4470
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4470

reference_url	https://access.redhat.com/errata/RHSA-2023:4627
reference_id	RHSA-2023:4627
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4627

reference_url	https://access.redhat.com/errata/RHSA-2023:4657
reference_id	RHSA-2023:4657
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4657

reference_url	https://access.redhat.com/errata/RHSA-2023:4664
reference_id	RHSA-2023:4664
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4664

reference_url	https://access.redhat.com/errata/RHSA-2023:5964
reference_id	RHSA-2023:5964
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:5964

reference_url	https://access.redhat.com/errata/RHSA-2023:5976
reference_id	RHSA-2023:5976
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:5976

reference_url	https://access.redhat.com/errata/RHSA-2023:6346
reference_id	RHSA-2023:6346
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:6346

reference_url	https://access.redhat.com/errata/RHSA-2023:6363
reference_id	RHSA-2023:6363
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:6363

reference_url	https://access.redhat.com/errata/RHSA-2023:6402
reference_id	RHSA-2023:6402
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:6402

reference_url	https://access.redhat.com/errata/RHSA-2023:6420
reference_id	RHSA-2023:6420
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:6420

reference_url	https://access.redhat.com/errata/RHSA-2023:6473
reference_id	RHSA-2023:6473
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:6473

reference_url	https://access.redhat.com/errata/RHSA-2023:6474
reference_id	RHSA-2023:6474
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:6474

reference_url	https://access.redhat.com/errata/RHSA-2023:6832
reference_id	RHSA-2023:6832
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:6832

reference_url	https://access.redhat.com/errata/RHSA-2023:6938
reference_id	RHSA-2023:6938
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:6938

reference_url	https://access.redhat.com/errata/RHSA-2023:6939
reference_id	RHSA-2023:6939
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:6939

reference_url	https://access.redhat.com/errata/RHSA-2024:2944
reference_id	RHSA-2024:2944
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:2944

reference_url	https://usn.ubuntu.com/6038-1/
reference_id	USN-6038-1
reference_type
scores
url	https://usn.ubuntu.com/6038-1/

reference_url	https://usn.ubuntu.com/6038-2/
reference_id	USN-6038-2
reference_type
scores
url	https://usn.ubuntu.com/6038-2/

reference_url	https://usn.ubuntu.com/6140-1/
reference_id	USN-6140-1
reference_type
scores
url	https://usn.ubuntu.com/6140-1/

reference_url

https://groups.google.com/g/golang-announce/c/Xdv6JL9ENs8

reference_id

Xdv6JL9ENs8

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-12T17:14:51Z/

url

https://groups.google.com/g/golang-announce/c/Xdv6JL9ENs8

fixed_packages

url	pkg:apk/alpine/nomad@1.5.3-r0?arch=x86_64&distroversion=v3.18&reponame=community
purl	pkg:apk/alpine/nomad@1.5.3-r0?arch=x86_64&distroversion=v3.18&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/nomad@1.5.3-r0%3Farch=x86_64&distroversion=v3.18&reponame=community

aliases CVE-2023-24534

risk_score 3.4

exploitability 0.5

weighted_severity 6.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-4ufj-v5z1-huec

Risk_score null

Resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/nomad@1.5.3-r0%3Farch=x86_64&distroversion=v3.18&reponame=community

Package Instance