Django REST framework

Lookup for vulnerable packages by Package URL.

Purl pkg:rpm/redhat/atomic-openshift@3.11.232-1.git.0.a5bc32f?arch=el7

Type rpm

Namespace redhat

Name atomic-openshift

Version 3.11.232-1.git.0.a5bc32f

Qualifiers

arch	el7

Subpath

Is_vulnerable true

Next_non_vulnerable_version null

Latest_non_vulnerable_version null

Affected_by_vulnerabilities

url

VCID-1pdh-7vrk-23e3

vulnerability_id

VCID-1pdh-7vrk-23e3

summary

Improper Input Validation in libseccomp-golang
libseccomp-golang 0.9.0 and earlier incorrectly generates BPFs that OR multiple arguments rather than ANDing them. A process running under a restrictive seccomp filter that specified multiple syscall arguments could bypass intended access restrictions by specifying a single matching argument.

references

reference_url

https://access.redhat.com/errata/RHSA-2019:4087

reference_id

reference_type

scores

value	4.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://access.redhat.com/errata/RHSA-2019:4087

reference_url

https://access.redhat.com/errata/RHSA-2019:4090

reference_id

reference_type

scores

value	4.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://access.redhat.com/errata/RHSA-2019:4090

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-18367.json

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-18367.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2017-18367

reference_id

reference_type

scores

value	0.00438
scoring_system	epss
scoring_elements	0.63146
published_at	2026-04-09T12:55:00Z

value	0.00438
scoring_system	epss
scoring_elements	0.63168
published_at	2026-04-18T12:55:00Z

value	0.00438
scoring_system	epss
scoring_elements	0.63163
published_at	2026-04-11T12:55:00Z

value	0.00438
scoring_system	epss
scoring_elements	0.63024
published_at	2026-04-01T12:55:00Z

value	0.00438
scoring_system	epss
scoring_elements	0.63083
published_at	2026-04-02T12:55:00Z

value	0.00438
scoring_system	epss
scoring_elements	0.63112
published_at	2026-04-04T12:55:00Z

value	0.00438
scoring_system	epss
scoring_elements	0.63077
published_at	2026-04-07T12:55:00Z

value	0.00438
scoring_system	epss
scoring_elements	0.63129
published_at	2026-04-08T12:55:00Z

value	0.00438
scoring_system	epss
scoring_elements	0.63161
published_at	2026-04-16T12:55:00Z

value	0.00438
scoring_system	epss
scoring_elements	0.63126
published_at	2026-04-13T12:55:00Z

value	0.00438
scoring_system	epss
scoring_elements	0.63149
published_at	2026-04-21T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2017-18367

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-18367
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-18367

reference_url

https://github.com/seccomp/libseccomp-golang/commit/06e7a29f36a34b8cf419aeb87b979ee508e58f9e

reference_id

reference_type

scores

value	4.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/seccomp/libseccomp-golang/commit/06e7a29f36a34b8cf419aeb87b979ee508e58f9e

reference_url

https://github.com/seccomp/libseccomp-golang/issues/22

reference_id

reference_type

scores

value	4.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/seccomp/libseccomp-golang/issues/22

reference_url

https://lists.debian.org/debian-lts-announce/2020/08/msg00016.html

reference_id

reference_type

scores

value	4.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.debian.org/debian-lts-announce/2020/08/msg00016.html

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2017-18367

reference_id

reference_type

scores

value	4.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2017-18367

reference_url

https://usn.ubuntu.com/4574-1

reference_id

reference_type

scores

value	4.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://usn.ubuntu.com/4574-1

reference_url

http://www.openwall.com/lists/oss-security/2019/04/25/6

reference_id

reference_type

scores

value	4.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

http://www.openwall.com/lists/oss-security/2019/04/25/6

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1706826
reference_id	1706826
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1706826

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=927981
reference_id	927981
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=927981

reference_url	https://access.redhat.com/errata/RHSA-2020:2479
reference_id	RHSA-2020:2479
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:2479

reference_url	https://usn.ubuntu.com/4574-1/
reference_id	USN-4574-1
reference_type
scores
url	https://usn.ubuntu.com/4574-1/

fixed_packages

aliases

CVE-2017-18367, GHSA-58v3-j75h-xr49

risk_score

4.0

exploitability

0.5

weighted_severity

8.0

resource_url

http://public2.vulnerablecode.io/vulnerabilities/VCID-1pdh-7vrk-23e3

url

VCID-fbzn-vujj-pud5

vulnerability_id

VCID-fbzn-vujj-pud5

summary

Excessive Platform Resource Consumption within a Loop in Kubernetes
The Kubernetes API Server component in versions 1.1-1.14, and versions prior to 1.15.10, 1.16.7 and 1.17.3 allows an authorized user who sends malicious YAML payloads to cause the kube-apiserver to consume excessive CPU cycles while parsing YAML.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-11254.json

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-11254.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2019-11254

reference_id

reference_type

scores

value	0.00121
scoring_system	epss
scoring_elements	0.31175
published_at	2026-04-21T12:55:00Z

value	0.00121
scoring_system	epss
scoring_elements	0.31276
published_at	2026-04-11T12:55:00Z

value	0.00121
scoring_system	epss
scoring_elements	0.31203
published_at	2026-04-18T12:55:00Z

value	0.00121
scoring_system	epss
scoring_elements	0.31222
published_at	2026-04-16T12:55:00Z

value	0.00121
scoring_system	epss
scoring_elements	0.31189
published_at	2026-04-13T12:55:00Z

value	0.00121
scoring_system	epss
scoring_elements	0.31232
published_at	2026-04-12T12:55:00Z

value	0.00121
scoring_system	epss
scoring_elements	0.312
published_at	2026-04-01T12:55:00Z

value	0.00121
scoring_system	epss
scoring_elements	0.31327
published_at	2026-04-02T12:55:00Z

value	0.00121
scoring_system	epss
scoring_elements	0.31368
published_at	2026-04-04T12:55:00Z

value	0.00121
scoring_system	epss
scoring_elements	0.31188
published_at	2026-04-07T12:55:00Z

value	0.00121
scoring_system	epss
scoring_elements	0.31241
published_at	2026-04-08T12:55:00Z

value	0.00121
scoring_system	epss
scoring_elements	0.31272
published_at	2026-04-09T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2019-11254

reference_url

https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=18496

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=18496

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11254
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11254

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	4.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

https://github.com/go-yaml/yaml/commit/53403b58ad1b561927d19068c655246f2db79d48

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/go-yaml/yaml/commit/53403b58ad1b561927d19068c655246f2db79d48

reference_url

https://github.com/go-yaml/yaml/pull/555

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/go-yaml/yaml/pull/555

reference_url

https://github.com/kubernetes/kubernetes/issues/89535

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/kubernetes/kubernetes/issues/89535

reference_url

https://github.com/kubernetes/kubernetes/pull/87467/commits/b86df2bec4f377afc0ca03482ffad2f0a49a83b8

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/kubernetes/kubernetes/pull/87467/commits/b86df2bec4f377afc0ca03482ffad2f0a49a83b8

reference_url

https://groups.google.com/d/msg/kubernetes-announce/ALL9s73E5ck/4yHe8J-PBAAJ

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://groups.google.com/d/msg/kubernetes-announce/ALL9s73E5ck/4yHe8J-PBAAJ

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2019-11254

reference_id

reference_type

scores

value	4.0
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:S/C:N/I:N/A:P

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2019-11254

reference_url

https://pkg.go.dev/vuln/GO-2020-0036

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://pkg.go.dev/vuln/GO-2020-0036

reference_url

https://security.netapp.com/advisory/ntap-20200413-0003

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://security.netapp.com/advisory/ntap-20200413-0003

reference_url	https://security.netapp.com/advisory/ntap-20200413-0003/
reference_id
reference_type
scores
url	https://security.netapp.com/advisory/ntap-20200413-0003/

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1819486
reference_id	1819486
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1819486

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes::::::::
reference_id	cpe:2.3:a:kubernetes:kubernetes::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes::::::::

reference_url	https://access.redhat.com/errata/RHSA-2020:0933
reference_id	RHSA-2020:0933
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:0933

reference_url	https://access.redhat.com/errata/RHSA-2020:2412
reference_id	RHSA-2020:2412
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:2412

reference_url	https://access.redhat.com/errata/RHSA-2020:2413
reference_id	RHSA-2020:2413
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:2413

reference_url	https://access.redhat.com/errata/RHSA-2020:2479
reference_id	RHSA-2020:2479
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:2479

fixed_packages

aliases

CVE-2019-11254, GHSA-wxc4-f4m6-wwqv

risk_score

3.1

exploitability

0.5

weighted_severity

6.2

resource_url

http://public2.vulnerablecode.io/vulnerabilities/VCID-fbzn-vujj-pud5

url

VCID-ny1b-eq77-fuhw

vulnerability_id

VCID-ny1b-eq77-fuhw

summary

Server Side Request Forgery (SSRF) in Kubernetes
The Kubernetes kube-controller-manager in versions v1.0-1.14, versions prior to v1.15.12, v1.16.9, v1.17.5, and version v1.18.0 are vulnerable to a Server Side Request Forgery (SSRF) that allows certain authorized users to leak up to 500 bytes of arbitrary information from unprotected endpoints within the master's host network (such as link-local or loopback services).

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-8555.json

reference_id

reference_type

scores

value	6.3
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-8555.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2020-8555

reference_id

reference_type

scores

value	0.0861
scoring_system	epss
scoring_elements	0.92443
published_at	2026-04-21T12:55:00Z

value	0.0861
scoring_system	epss
scoring_elements	0.9244
published_at	2026-04-18T12:55:00Z

value	0.0861
scoring_system	epss
scoring_elements	0.92396
published_at	2026-04-02T12:55:00Z

value	0.0861
scoring_system	epss
scoring_elements	0.92432
published_at	2026-04-12T12:55:00Z

value	0.0861
scoring_system	epss
scoring_elements	0.92429
published_at	2026-04-13T12:55:00Z

value	0.0861
scoring_system	epss
scoring_elements	0.92423
published_at	2026-04-09T12:55:00Z

value	0.0861
scoring_system	epss
scoring_elements	0.92419
published_at	2026-04-08T12:55:00Z

value	0.0861
scoring_system	epss
scoring_elements	0.92407
published_at	2026-04-07T12:55:00Z

value	0.0861
scoring_system	epss
scoring_elements	0.92403
published_at	2026-04-04T12:55:00Z

value	0.0861
scoring_system	epss
scoring_elements	0.92389
published_at	2026-04-01T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2020-8555

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8555
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8555

reference_url

https://github.com/kubernetes/kubernetes/issues/91542

reference_id

reference_type

scores

value	6.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/kubernetes/kubernetes/issues/91542

reference_url

https://github.com/kubernetes/kubernetes/pull/89794

reference_id

reference_type

scores

value	6.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/kubernetes/kubernetes/pull/89794

reference_url

https://groups.google.com/d/topic/kubernetes-security-announce/kEK27tqqs30/discussion

reference_id

reference_type

scores

value	6.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://groups.google.com/d/topic/kubernetes-security-announce/kEK27tqqs30/discussion

reference_url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3SOCLOPTSYABTE4CLTSPDIFE6ZZZR4LX

reference_id

reference_type

scores

value	6.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3SOCLOPTSYABTE4CLTSPDIFE6ZZZR4LX

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2020-8555

reference_id

reference_type

scores

value	6.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2020-8555

reference_url

https://security.netapp.com/advisory/ntap-20200724-0005

reference_id

reference_type

scores

value	6.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://security.netapp.com/advisory/ntap-20200724-0005

reference_url

http://www.openwall.com/lists/oss-security/2020/06/01/4

reference_id

reference_type

scores

value	6.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

http://www.openwall.com/lists/oss-security/2020/06/01/4

reference_url

http://www.openwall.com/lists/oss-security/2021/05/04/8

reference_id

reference_type

scores

value	6.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

http://www.openwall.com/lists/oss-security/2021/05/04/8

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1821583
reference_id	1821583
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1821583

reference_url	https://access.redhat.com/errata/RHSA-2020:2440
reference_id	RHSA-2020:2440
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:2440

reference_url	https://access.redhat.com/errata/RHSA-2020:2441
reference_id	RHSA-2020:2441
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:2441

reference_url	https://access.redhat.com/errata/RHSA-2020:2448
reference_id	RHSA-2020:2448
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:2448

reference_url	https://access.redhat.com/errata/RHSA-2020:2449
reference_id	RHSA-2020:2449
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:2449

reference_url	https://access.redhat.com/errata/RHSA-2020:2479
reference_id	RHSA-2020:2479
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:2479

reference_url	https://access.redhat.com/errata/RHSA-2020:2594
reference_id	RHSA-2020:2594
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:2594

fixed_packages

aliases

CVE-2020-8555, GHSA-x6mj-w4jf-jmgw

risk_score

3.1

exploitability

0.5

weighted_severity

6.2

resource_url

http://public2.vulnerablecode.io/vulnerabilities/VCID-ny1b-eq77-fuhw

Fixing_vulnerabilities

Risk_score 4.0

Resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/atomic-openshift@3.11.232-1.git.0.a5bc32f%3Farch=el7

Package Instance