Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:rpm/redhat/podman@1.6.4-26?arch=el7_9
Typerpm
Namespaceredhat
Namepodman
Version1.6.4-26
Qualifiers
arch el7_9
Subpath
Is_vulnerabletrue
Next_non_vulnerable_versionnull
Latest_non_vulnerable_versionnull
Affected_by_vulnerabilities
0
url VCID-ckg3-5czq-t7ek
vulnerability_id VCID-ckg3-5czq-t7ek
summary 
Information disclosure in podman
An information disclosure vulnerability was found in containers/podman in versions before 2.0.5. When using the deprecated Varlink API or the Docker-compatible REST API, if multiple containers are created in a short duration, the environment variables from the first container will get leaked into subsequent containers. An attacker who has control over the subsequent containers could use this flaw to gain access to sensitive information stored in such variables.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-14370.json
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-14370.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-14370
reference_id
reference_type
scores
0
value 0.00177
scoring_system epss
scoring_elements 0.39251
published_at 2026-04-21T12:55:00Z
1
value 0.00177
scoring_system epss
scoring_elements 0.39164
published_at 2026-04-01T12:55:00Z
2
value 0.00177
scoring_system epss
scoring_elements 0.39351
published_at 2026-04-02T12:55:00Z
3
value 0.00177
scoring_system epss
scoring_elements 0.39374
published_at 2026-04-04T12:55:00Z
4
value 0.00177
scoring_system epss
scoring_elements 0.39288
published_at 2026-04-07T12:55:00Z
5
value 0.00177
scoring_system epss
scoring_elements 0.39343
published_at 2026-04-08T12:55:00Z
6
value 0.00177
scoring_system epss
scoring_elements 0.3936
published_at 2026-04-09T12:55:00Z
7
value 0.00177
scoring_system epss
scoring_elements 0.39371
published_at 2026-04-11T12:55:00Z
8
value 0.00177
scoring_system epss
scoring_elements 0.39332
published_at 2026-04-12T12:55:00Z
9
value 0.00177
scoring_system epss
scoring_elements 0.39314
published_at 2026-04-13T12:55:00Z
10
value 0.00177
scoring_system epss
scoring_elements 0.39366
published_at 2026-04-16T12:55:00Z
11
value 0.00177
scoring_system epss
scoring_elements 0.39338
published_at 2026-04-18T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-14370
2
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1874268
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://bugzilla.redhat.com/show_bug.cgi?id=1874268
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14370
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14370
4
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
5
reference_url https://github.com/containers/podman
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/containers/podman
6
reference_url https://github.com/containers/podman/commit/a7e864e6e7de894d4edde4fff00e53dc6a0b5074
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/containers/podman/commit/a7e864e6e7de894d4edde4fff00e53dc6a0b5074
7
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/G6BPCZX4ASKNONL3MSCK564IVXNYSKLP
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/G6BPCZX4ASKNONL3MSCK564IVXNYSKLP
8
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Y74V7HGQBNLT6XECCSNZNFZIB7G7XSAR
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Y74V7HGQBNLT6XECCSNZNFZIB7G7XSAR
9
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Z4Y2FSGQWP4AFT5AZ6UBN6RKHVXUBRFV
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Z4Y2FSGQWP4AFT5AZ6UBN6RKHVXUBRFV
10
reference_url https://nvd.nist.gov/vuln/detail/CVE-2020-14370
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2020-14370
11
reference_url https://security.archlinux.org/ASA-202009-11
reference_id ASA-202009-11
reference_type
scores
url https://security.archlinux.org/ASA-202009-11
12
reference_url https://security.archlinux.org/AVG-1233
reference_id AVG-1233
reference_type
scores
0
value High
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-1233
13
reference_url https://access.redhat.com/errata/RHSA-2020:4297
reference_id RHSA-2020:4297
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:4297
14
reference_url https://access.redhat.com/errata/RHSA-2020:5056
reference_id RHSA-2020:5056
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:5056
15
reference_url https://access.redhat.com/errata/RHSA-2021:0531
reference_id RHSA-2021:0531
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:0531
fixed_packages
aliases CVE-2020-14370, GHSA-c3wv-qmjj-45r6
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ckg3-5czq-t7ek
1
url VCID-n82z-sfd6-x3af
vulnerability_id VCID-n82z-sfd6-x3af
summary 
golang.org/x/text Infinite loop
Go version v0.3.3 of the x/text package fixes a vulnerability in encoding/unicode that could lead to the UTF-16 decoder entering an infinite loop, causing the program to crash or run out of memory. An attacker could provide a single byte to a UTF16 decoder instantiated with UseBOM or ExpectBOM to trigger an infinite loop if the String function on the Decoder is called, or the Decoder is passed to golang.org/x/text/transform.String.

### Specific Go Packages Affected
golang.org/x/text/encoding/unicode
golang.org/x/text/transform
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-14040.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-14040.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-14040
reference_id
reference_type
scores
0
value 8e-05
scoring_system epss
scoring_elements 0.00685
published_at 2026-04-21T12:55:00Z
1
value 8e-05
scoring_system epss
scoring_elements 0.00653
published_at 2026-04-11T12:55:00Z
2
value 8e-05
scoring_system epss
scoring_elements 0.00644
published_at 2026-04-18T12:55:00Z
3
value 8e-05
scoring_system epss
scoring_elements 0.00639
published_at 2026-04-16T12:55:00Z
4
value 8e-05
scoring_system epss
scoring_elements 0.00648
published_at 2026-04-13T12:55:00Z
5
value 8e-05
scoring_system epss
scoring_elements 0.00646
published_at 2026-04-12T12:55:00Z
6
value 8e-05
scoring_system epss
scoring_elements 0.00663
published_at 2026-04-01T12:55:00Z
7
value 8e-05
scoring_system epss
scoring_elements 0.00667
published_at 2026-04-02T12:55:00Z
8
value 8e-05
scoring_system epss
scoring_elements 0.00659
published_at 2026-04-04T12:55:00Z
9
value 8e-05
scoring_system epss
scoring_elements 0.00662
published_at 2026-04-07T12:55:00Z
10
value 8e-05
scoring_system epss
scoring_elements 0.00661
published_at 2026-04-08T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-14040
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14040
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14040
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://github.com/golang/go/issues/39491
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/golang/go/issues/39491
5
reference_url https://github.com/golang/text/commit/23ae387dee1f90d29a23c0e87ee0b46038fbed0e
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/golang/text/commit/23ae387dee1f90d29a23c0e87ee0b46038fbed0e
6
reference_url https://go.dev/cl/238238
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://go.dev/cl/238238
7
reference_url https://go.dev/issue/39491
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://go.dev/issue/39491
8
reference_url https://go.googlesource.com/text/+/23ae387dee1f90d29a23c0e87ee0b46038fbed0e
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://go.googlesource.com/text/+/23ae387dee1f90d29a23c0e87ee0b46038fbed0e
9
reference_url https://go-review.googlesource.com/c/text/+/238238
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://go-review.googlesource.com/c/text/+/238238
10
reference_url https://groups.google.com/forum/#!topic/golang-announce/bXVeAmGOqz0
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://groups.google.com/forum/#!topic/golang-announce/bXVeAmGOqz0
11
reference_url https://groups.google.com/g/golang-announce/c/bXVeAmGOqz0
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://groups.google.com/g/golang-announce/c/bXVeAmGOqz0
12
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TACQFZDPA7AUR6TRZBCX2RGRFSDYLI7O
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TACQFZDPA7AUR6TRZBCX2RGRFSDYLI7O
13
reference_url https://nvd.nist.gov/vuln/detail/CVE-2020-14040
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2020-14040
14
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1853652
reference_id 1853652
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1853652
15
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=964272
reference_id 964272
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=964272
16
reference_url https://access.redhat.com/errata/RHSA-2020:3087
reference_id RHSA-2020:3087
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:3087
17
reference_url https://access.redhat.com/errata/RHSA-2020:3369
reference_id RHSA-2020:3369
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:3369
18
reference_url https://access.redhat.com/errata/RHSA-2020:3372
reference_id RHSA-2020:3372
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:3372
19
reference_url https://access.redhat.com/errata/RHSA-2020:3578
reference_id RHSA-2020:3578
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:3578
20
reference_url https://access.redhat.com/errata/RHSA-2020:3665
reference_id RHSA-2020:3665
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:3665
21
reference_url https://access.redhat.com/errata/RHSA-2020:3727
reference_id RHSA-2020:3727
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:3727
22
reference_url https://access.redhat.com/errata/RHSA-2020:3780
reference_id RHSA-2020:3780
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:3780
23
reference_url https://access.redhat.com/errata/RHSA-2020:3783
reference_id RHSA-2020:3783
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:3783
24
reference_url https://access.redhat.com/errata/RHSA-2020:4214
reference_id RHSA-2020:4214
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:4214
25
reference_url https://access.redhat.com/errata/RHSA-2020:4297
reference_id RHSA-2020:4297
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:4297
26
reference_url https://access.redhat.com/errata/RHSA-2020:4298
reference_id RHSA-2020:4298
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:4298
27
reference_url https://access.redhat.com/errata/RHSA-2020:4694
reference_id RHSA-2020:4694
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:4694
28
reference_url https://access.redhat.com/errata/RHSA-2020:5054
reference_id RHSA-2020:5054
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:5054
29
reference_url https://access.redhat.com/errata/RHSA-2020:5055
reference_id RHSA-2020:5055
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:5055
30
reference_url https://access.redhat.com/errata/RHSA-2020:5056
reference_id RHSA-2020:5056
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:5056
31
reference_url https://access.redhat.com/errata/RHSA-2020:5149
reference_id RHSA-2020:5149
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:5149
32
reference_url https://access.redhat.com/errata/RHSA-2020:5198
reference_id RHSA-2020:5198
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:5198
33
reference_url https://access.redhat.com/errata/RHSA-2020:5605
reference_id RHSA-2020:5605
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:5605
34
reference_url https://access.redhat.com/errata/RHSA-2020:5606
reference_id RHSA-2020:5606
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:5606
35
reference_url https://access.redhat.com/errata/RHSA-2020:5633
reference_id RHSA-2020:5633
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:5633
36
reference_url https://access.redhat.com/errata/RHSA-2020:5635
reference_id RHSA-2020:5635
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:5635
37
reference_url https://access.redhat.com/errata/RHSA-2021:0420
reference_id RHSA-2021:0420
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:0420
38
reference_url https://access.redhat.com/errata/RHSA-2021:0980
reference_id RHSA-2021:0980
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:0980
39
reference_url https://access.redhat.com/errata/RHSA-2021:1129
reference_id RHSA-2021:1129
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:1129
40
reference_url https://access.redhat.com/errata/RHSA-2021:1369
reference_id RHSA-2021:1369
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:1369
41
reference_url https://access.redhat.com/errata/RHSA-2021:2039
reference_id RHSA-2021:2039
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:2039
42
reference_url https://usn.ubuntu.com/5873-1/
reference_id USN-5873-1
reference_type
scores
url https://usn.ubuntu.com/5873-1/
fixed_packages
aliases CVE-2020-14040, GHSA-5rcv-m4m3-hfh7
risk_score 3.4
exploitability 0.5
weighted_severity 6.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-n82z-sfd6-x3af
Fixing_vulnerabilities
Risk_score4.0
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:rpm/redhat/podman@1.6.4-26%3Farch=el7_9