Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:deb/debian/modsecurity@3.0.3-1%2Bdeb10u2
Typedeb
Namespacedebian
Namemodsecurity
Version3.0.3-1+deb10u2
Qualifiers
Subpath
Is_vulnerabletrue
Next_non_vulnerable_version3.0.14-1
Latest_non_vulnerable_version3.0.14-1
Affected_by_vulnerabilities
0
url VCID-cq83-mkc9-g3e2
vulnerability_id VCID-cq83-mkc9-g3e2
summary Trustwave ModSecurity 3.0.0 through 3.0.3 allows an attacker to send crafted requests that may, when sent quickly in large volumes, lead to the server becoming slow or unresponsive (Denial of Service) because of a flaw in Transaction::addRequestHeader in transaction.cc.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2019-19886
reference_id
reference_type
scores
0
value 0.04013
scoring_system epss
scoring_elements 0.88399
published_at 2026-04-01T12:55:00Z
1
value 0.04013
scoring_system epss
scoring_elements 0.88407
published_at 2026-04-02T12:55:00Z
2
value 0.04013
scoring_system epss
scoring_elements 0.88416
published_at 2026-04-04T12:55:00Z
3
value 0.04013
scoring_system epss
scoring_elements 0.8842
published_at 2026-04-07T12:55:00Z
4
value 0.04013
scoring_system epss
scoring_elements 0.88439
published_at 2026-04-08T12:55:00Z
5
value 0.04013
scoring_system epss
scoring_elements 0.88445
published_at 2026-04-09T12:55:00Z
6
value 0.04013
scoring_system epss
scoring_elements 0.88456
published_at 2026-04-11T12:55:00Z
7
value 0.04013
scoring_system epss
scoring_elements 0.88448
published_at 2026-04-12T12:55:00Z
8
value 0.04013
scoring_system epss
scoring_elements 0.88447
published_at 2026-04-13T12:55:00Z
9
value 0.04013
scoring_system epss
scoring_elements 0.88462
published_at 2026-04-16T12:55:00Z
10
value 0.04013
scoring_system epss
scoring_elements 0.88459
published_at 2026-04-18T12:55:00Z
11
value 0.04013
scoring_system epss
scoring_elements 0.88457
published_at 2026-04-21T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2019-19886
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19886
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19886
2
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=949682
reference_id 949682
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=949682
fixed_packages
0
url pkg:deb/debian/modsecurity@3.0.4-2
purl pkg:deb/debian/modsecurity@3.0.4-2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-93qw-yjha-tyce
1
vulnerability VCID-azf2-ue64-y7eb
2
vulnerability VCID-kg7a-8fqh-mffc
3
vulnerability VCID-y8ty-2cp5-y3gm
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/modsecurity@3.0.4-2
aliases CVE-2019-19886
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-cq83-mkc9-g3e2
1
url VCID-gr7r-94ky-x3ck
vulnerability_id VCID-gr7r-94ky-x3ck
summary security update
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-15598
reference_id
reference_type
scores
0
value 0.03785
scoring_system epss
scoring_elements 0.88011
published_at 2026-04-01T12:55:00Z
1
value 0.03785
scoring_system epss
scoring_elements 0.8802
published_at 2026-04-02T12:55:00Z
2
value 0.03785
scoring_system epss
scoring_elements 0.88034
published_at 2026-04-04T12:55:00Z
3
value 0.03785
scoring_system epss
scoring_elements 0.8804
published_at 2026-04-07T12:55:00Z
4
value 0.03785
scoring_system epss
scoring_elements 0.8806
published_at 2026-04-08T12:55:00Z
5
value 0.03785
scoring_system epss
scoring_elements 0.88066
published_at 2026-04-09T12:55:00Z
6
value 0.03785
scoring_system epss
scoring_elements 0.88076
published_at 2026-04-11T12:55:00Z
7
value 0.03785
scoring_system epss
scoring_elements 0.88069
published_at 2026-04-13T12:55:00Z
8
value 0.03785
scoring_system epss
scoring_elements 0.88083
published_at 2026-04-16T12:55:00Z
9
value 0.03785
scoring_system epss
scoring_elements 0.8808
published_at 2026-04-21T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-15598
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15598
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15598
fixed_packages
0
url pkg:deb/debian/modsecurity@3.0.4-2
purl pkg:deb/debian/modsecurity@3.0.4-2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-93qw-yjha-tyce
1
vulnerability VCID-azf2-ue64-y7eb
2
vulnerability VCID-kg7a-8fqh-mffc
3
vulnerability VCID-y8ty-2cp5-y3gm
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/modsecurity@3.0.4-2
aliases CVE-2020-15598
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-gr7r-94ky-x3ck
2
url VCID-m634-5nyb-skeu
vulnerability_id VCID-m634-5nyb-skeu
summary ModSecurity 3.x before 3.0.4 mishandles key-value pair parsing, as demonstrated by a "string index out of range" error and worker-process crash for a "Cookie: =abc" header.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2019-25043
reference_id
reference_type
scores
0
value 0.00382
scoring_system epss
scoring_elements 0.59489
published_at 2026-04-01T12:55:00Z
1
value 0.00382
scoring_system epss
scoring_elements 0.59562
published_at 2026-04-02T12:55:00Z
2
value 0.00382
scoring_system epss
scoring_elements 0.59586
published_at 2026-04-04T12:55:00Z
3
value 0.00382
scoring_system epss
scoring_elements 0.59556
published_at 2026-04-07T12:55:00Z
4
value 0.00382
scoring_system epss
scoring_elements 0.59607
published_at 2026-04-08T12:55:00Z
5
value 0.00382
scoring_system epss
scoring_elements 0.5962
published_at 2026-04-09T12:55:00Z
6
value 0.00382
scoring_system epss
scoring_elements 0.59639
published_at 2026-04-11T12:55:00Z
7
value 0.00382
scoring_system epss
scoring_elements 0.59622
published_at 2026-04-12T12:55:00Z
8
value 0.00382
scoring_system epss
scoring_elements 0.59602
published_at 2026-04-13T12:55:00Z
9
value 0.00382
scoring_system epss
scoring_elements 0.59635
published_at 2026-04-16T12:55:00Z
10
value 0.00382
scoring_system epss
scoring_elements 0.59643
published_at 2026-04-18T12:55:00Z
11
value 0.00382
scoring_system epss
scoring_elements 0.59626
published_at 2026-04-21T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2019-25043
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-25043
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-25043
fixed_packages
0
url pkg:deb/debian/modsecurity@3.0.4-2
purl pkg:deb/debian/modsecurity@3.0.4-2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-93qw-yjha-tyce
1
vulnerability VCID-azf2-ue64-y7eb
2
vulnerability VCID-kg7a-8fqh-mffc
3
vulnerability VCID-y8ty-2cp5-y3gm
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/modsecurity@3.0.4-2
aliases CVE-2019-25043
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-m634-5nyb-skeu
Fixing_vulnerabilities
Risk_scorenull
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:deb/debian/modsecurity@3.0.3-1%252Bdeb10u2