Django REST framework

Lookup for vulnerable packages by Package URL.

Purl pkg:rpm/redhat/runc@1.0.0-63.rc8.rhaos4.1.git3cbe540?arch=el8_0

Type rpm

Namespace redhat

Name runc

Version 1.0.0-63.rc8.rhaos4.1.git3cbe540

Qualifiers

arch	el8_0

Subpath

Is_vulnerable true

Next_non_vulnerable_version null

Latest_non_vulnerable_version null

Affected_by_vulnerabilities

url

VCID-997v-f2ds-e3e4

vulnerability_id

VCID-997v-f2ds-e3e4

summary

Multiple vulnerabilities have been discovered in runC, the worst of
    which may lead to privilege escalation.

references

reference_url

http://lists.opensuse.org/opensuse-security-announce/2020-02/msg00018.html

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:U/RC:U

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

http://lists.opensuse.org/opensuse-security-announce/2020-02/msg00018.html

reference_url

https://access.redhat.com/errata/RHSA-2020:0688

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:U/RC:U

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://access.redhat.com/errata/RHSA-2020:0688

reference_url

https://access.redhat.com/errata/RHSA-2020:0695

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:U/RC:U

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://access.redhat.com/errata/RHSA-2020:0695

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-19921.json

reference_id

reference_type

scores

value	7.0
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-19921.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2019-19921

reference_id

reference_type

scores

value	0.00126
scoring_system	epss
scoring_elements	0.31752
published_at	2026-04-24T12:55:00Z

value	0.00126
scoring_system	epss
scoring_elements	0.32005
published_at	2026-04-09T12:55:00Z

value	0.00126
scoring_system	epss
scoring_elements	0.31976
published_at	2026-04-08T12:55:00Z

value	0.00126
scoring_system	epss
scoring_elements	0.31924
published_at	2026-04-07T12:55:00Z

value	0.00126
scoring_system	epss
scoring_elements	0.32102
published_at	2026-04-04T12:55:00Z

value	0.00126
scoring_system	epss
scoring_elements	0.32062
published_at	2026-04-02T12:55:00Z

value	0.00126
scoring_system	epss
scoring_elements	0.31934
published_at	2026-04-01T12:55:00Z

value	0.00126
scoring_system	epss
scoring_elements	0.31948
published_at	2026-04-18T12:55:00Z

value	0.00126
scoring_system	epss
scoring_elements	0.31922
published_at	2026-04-21T12:55:00Z

value	0.00126
scoring_system	epss
scoring_elements	0.31935
published_at	2026-04-13T12:55:00Z

value	0.00126
scoring_system	epss
scoring_elements	0.31969
published_at	2026-04-16T12:55:00Z

value	0.00126
scoring_system	epss
scoring_elements	0.32008
published_at	2026-04-11T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2019-19921

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19921
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19921

reference_url

https://github.com/opencontainers/runc/commit/2fc03cc11c775b7a8b2e48d7ee447cb9bef32ad0

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:U/RC:U

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/opencontainers/runc/commit/2fc03cc11c775b7a8b2e48d7ee447cb9bef32ad0

reference_url

https://github.com/opencontainers/runc/issues/2197

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:U/RC:U

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/opencontainers/runc/issues/2197

reference_url

https://github.com/opencontainers/runc/pull/2190

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:U/RC:U

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/opencontainers/runc/pull/2190

reference_url

https://github.com/opencontainers/runc/pull/2207

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:U/RC:U

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/opencontainers/runc/pull/2207

reference_url

https://github.com/opencontainers/runc/releases

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:U/RC:U

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/opencontainers/runc/releases

reference_url

https://github.com/opencontainers/runc/security/advisories/GHSA-fh74-hm69-rqjw

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:U/RC:U

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/opencontainers/runc/security/advisories/GHSA-fh74-hm69-rqjw

reference_url

https://lists.debian.org/debian-lts-announce/2023/03/msg00023.html

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:U/RC:U

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://lists.debian.org/debian-lts-announce/2023/03/msg00023.html

reference_url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ANUGDBJ7NBUMSUFZUSKU3ZMQYZ2Z3STN

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:U/RC:U

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ANUGDBJ7NBUMSUFZUSKU3ZMQYZ2Z3STN

reference_url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DHGVGGMKGZSJ7YO67TGGPFEHBYMS63VF

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:U/RC:U

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DHGVGGMKGZSJ7YO67TGGPFEHBYMS63VF

reference_url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FNB2UEDIIJCRQW4WJLZOPQJZXCVSXMLD

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:U/RC:U

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FNB2UEDIIJCRQW4WJLZOPQJZXCVSXMLD

reference_url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FYVE3GB4OG3BNT5DLQHYO4M5SXX33AQ5

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:U/RC:U

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FYVE3GB4OG3BNT5DLQHYO4M5SXX33AQ5

reference_url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/I6BF24VCZRFTYBTT3T7HDZUOTKOTNPLZ

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:U/RC:U

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/I6BF24VCZRFTYBTT3T7HDZUOTKOTNPLZ

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2019-19921

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:U/RC:U

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2019-19921

reference_url

https://pkg.go.dev/vuln/GO-2021-0087

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:U/RC:U

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://pkg.go.dev/vuln/GO-2021-0087

reference_url

https://security-tracker.debian.org/tracker/CVE-2019-19921

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:U/RC:U

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://security-tracker.debian.org/tracker/CVE-2019-19921

reference_url

https://usn.ubuntu.com/4297-1

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:U/RC:U

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://usn.ubuntu.com/4297-1

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1796107
reference_id	1796107
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1796107

reference_url

https://security.gentoo.org/glsa/202003-21

reference_id

GLSA-202003-21

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:U/RC:U

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://security.gentoo.org/glsa/202003-21

reference_url	https://access.redhat.com/errata/RHSA-2020:0942
reference_id	RHSA-2020:0942
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:0942

reference_url	https://access.redhat.com/errata/RHSA-2020:1485
reference_id	RHSA-2020:1485
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:1485

reference_url	https://usn.ubuntu.com/4297-1/
reference_id	USN-4297-1
reference_type
scores
url	https://usn.ubuntu.com/4297-1/

reference_url	https://usn.ubuntu.com/6088-2/
reference_id	USN-6088-2
reference_type
scores
url	https://usn.ubuntu.com/6088-2/

fixed_packages

aliases

CVE-2019-19921, GHSA-fh74-hm69-rqjw

risk_score

3.1

exploitability

0.5

weighted_severity

6.3

resource_url

http://public2.vulnerablecode.io/vulnerabilities/VCID-997v-f2ds-e3e4

url

VCID-rus3-fvn9-53h9

vulnerability_id

VCID-rus3-fvn9-53h9

summary

Improper Neutralization of Special Elements used in an OS Command in Jenkins Git Client Plugin
Jenkins Git Client Plugin 2.8.4 and earlier did not properly restrict values passed as URL argument to an invocation of 'git ls-remote', resulting in OS command injection.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-10392.json

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-10392.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2019-10392

reference_id

reference_type

scores

value	0.80819
scoring_system	epss
scoring_elements	0.99153
published_at	2026-04-24T12:55:00Z

value	0.80819
scoring_system	epss
scoring_elements	0.99146
published_at	2026-04-12T12:55:00Z

value	0.80819
scoring_system	epss
scoring_elements	0.99145
published_at	2026-04-13T12:55:00Z

value	0.80819
scoring_system	epss
scoring_elements	0.99139
published_at	2026-04-02T12:55:00Z

value	0.80819
scoring_system	epss
scoring_elements	0.99141
published_at	2026-04-04T12:55:00Z

value	0.80819
scoring_system	epss
scoring_elements	0.99144
published_at	2026-04-07T12:55:00Z

value	0.80819
scoring_system	epss
scoring_elements	0.99147
published_at	2026-04-16T12:55:00Z

value	0.80819
scoring_system	epss
scoring_elements	0.99149
published_at	2026-04-21T12:55:00Z

value	0.80819
scoring_system	epss
scoring_elements	0.99148
published_at	2026-04-18T12:55:00Z

value	0.80819
scoring_system	epss
scoring_elements	0.99137
published_at	2026-04-01T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2019-10392

reference_url

https://github.com/jenkinsci/git-client-plugin/commit/899123fa2eb9dd2c37137aae630c47c6be6b4b02

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/jenkinsci/git-client-plugin/commit/899123fa2eb9dd2c37137aae630c47c6be6b4b02

reference_url

https://jenkins.io/security/advisory/2019-09-12/#SECURITY-1534

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://jenkins.io/security/advisory/2019-09-12/#SECURITY-1534

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2019-10392

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:S/C:P/I:P/A:P

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2019-10392

reference_url

http://www.openwall.com/lists/oss-security/2019/09/12/2

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

http://www.openwall.com/lists/oss-security/2019/09/12/2

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1819704
reference_id	1819704
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1819704

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:jenkins:git_client:3.0.0:rc::::jenkins::*
reference_id	cpe:2.3:a:jenkins:git_client:3.0.0:rc::::jenkins::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:jenkins:git_client:3.0.0:rc::::jenkins::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:jenkins:git_client::::::jenkins::*
reference_id	cpe:2.3:a:jenkins:git_client::::::jenkins::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:jenkins:git_client::::::jenkins::*

reference_url

https://github.com/advisories/GHSA-hw6x-2qwv-rxr7

reference_id

GHSA-hw6x-2qwv-rxr7

reference_type

scores

value	HIGH
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-hw6x-2qwv-rxr7

reference_url	https://access.redhat.com/errata/RHSA-2020:2478
reference_id	RHSA-2020:2478
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:2478

fixed_packages

aliases

CVE-2019-10392, GHSA-hw6x-2qwv-rxr7

risk_score

10.0

exploitability

2.0

weighted_severity

8.0

resource_url

http://public2.vulnerablecode.io/vulnerabilities/VCID-rus3-fvn9-53h9

Fixing_vulnerabilities

Risk_score 10.0

Resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/runc@1.0.0-63.rc8.rhaos4.1.git3cbe540%3Farch=el8_0

Package Instance