Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:deb/debian/mono@4.6.2.7%2Bdfsg-1
Typedeb
Namespacedebian
Namemono
Version4.6.2.7+dfsg-1
Qualifiers
Subpath
Is_vulnerabletrue
Next_non_vulnerable_version6.8.0.105+dfsg-3.3~deb11u1
Latest_non_vulnerable_version6.8.0.105+dfsg-3.3~deb11u1
Affected_by_vulnerabilities
0
url VCID-azkx-bdnb-ebbg
vulnerability_id VCID-azkx-bdnb-ebbg
summary The mono package before 6.8.0.105+dfsg-3.3 for Debian allows arbitrary code execution because the application/x-ms-dos-executable MIME type is associated with an un-sandboxed Mono CLR interpreter.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2023-26314
reference_id
reference_type
scores
0
value 0.01567
scoring_system epss
scoring_elements 0.8155
published_at 2026-04-21T12:55:00Z
1
value 0.01567
scoring_system epss
scoring_elements 0.81476
published_at 2026-04-07T12:55:00Z
2
value 0.01567
scoring_system epss
scoring_elements 0.81504
published_at 2026-04-08T12:55:00Z
3
value 0.01567
scoring_system epss
scoring_elements 0.8151
published_at 2026-04-13T12:55:00Z
4
value 0.01567
scoring_system epss
scoring_elements 0.8153
published_at 2026-04-11T12:55:00Z
5
value 0.01567
scoring_system epss
scoring_elements 0.81517
published_at 2026-04-12T12:55:00Z
6
value 0.01567
scoring_system epss
scoring_elements 0.81547
published_at 2026-04-16T12:55:00Z
7
value 0.01567
scoring_system epss
scoring_elements 0.81548
published_at 2026-04-18T12:55:00Z
8
value 0.01567
scoring_system epss
scoring_elements 0.81479
published_at 2026-04-04T12:55:00Z
9
value 0.01576
scoring_system epss
scoring_elements 0.81497
published_at 2026-04-02T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2023-26314
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-26314
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-26314
2
reference_url https://www.openwall.com/lists/oss-security/2023/01/05/1
reference_id 1
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-03-18T16:24:03Z/
url https://www.openwall.com/lists/oss-security/2023/01/05/1
3
reference_url https://bugs.debian.org/972146
reference_id 972146
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-03-18T16:24:03Z/
url https://bugs.debian.org/972146
4
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=972146
reference_id 972146
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=972146
5
reference_url https://lists.debian.org/debian-lts-announce/2023/02/msg00037.html
reference_id msg00037.html
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-03-18T16:24:03Z/
url https://lists.debian.org/debian-lts-announce/2023/02/msg00037.html
fixed_packages
0
url pkg:deb/debian/mono@6.8.0.105%2Bdfsg-3.3~deb11u1
purl pkg:deb/debian/mono@6.8.0.105%2Bdfsg-3.3~deb11u1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/mono@6.8.0.105%252Bdfsg-3.3~deb11u1
aliases CVE-2023-26314
risk_score 4.0
exploitability 0.5
weighted_severity 7.9
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-azkx-bdnb-ebbg
1
url VCID-xzc1-cy42-2ub4
vulnerability_id VCID-xzc1-cy42-2ub4
summary 
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
SharpZipLib before 1.0 RC1 is vulnerable to directory traversal, allowing attackers to write to arbitrary files via a ../ (dot dot slash) in a Zip archive entry that is mishandled during extraction. This vulnerability is also known as 'Zip-Slip'.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2018-1002208
reference_id
reference_type
scores
0
value 0.00605
scoring_system epss
scoring_elements 0.69542
published_at 2026-04-01T12:55:00Z
1
value 0.00605
scoring_system epss
scoring_elements 0.69639
published_at 2026-04-21T12:55:00Z
2
value 0.00605
scoring_system epss
scoring_elements 0.69658
published_at 2026-04-18T12:55:00Z
3
value 0.00605
scoring_system epss
scoring_elements 0.69649
published_at 2026-04-16T12:55:00Z
4
value 0.00605
scoring_system epss
scoring_elements 0.69609
published_at 2026-04-13T12:55:00Z
5
value 0.00605
scoring_system epss
scoring_elements 0.69623
published_at 2026-04-12T12:55:00Z
6
value 0.00605
scoring_system epss
scoring_elements 0.69638
published_at 2026-04-11T12:55:00Z
7
value 0.00605
scoring_system epss
scoring_elements 0.69616
published_at 2026-04-09T12:55:00Z
8
value 0.00605
scoring_system epss
scoring_elements 0.69599
published_at 2026-04-08T12:55:00Z
9
value 0.00605
scoring_system epss
scoring_elements 0.69549
published_at 2026-04-07T12:55:00Z
10
value 0.00605
scoring_system epss
scoring_elements 0.6957
published_at 2026-04-04T12:55:00Z
11
value 0.00605
scoring_system epss
scoring_elements 0.69554
published_at 2026-04-02T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2018-1002208
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1002208
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1002208
2
reference_url https://github.com/icsharpcode/SharpZipLib/issues/232
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/icsharpcode/SharpZipLib/issues/232
3
reference_url https://github.com/icsharpcode/SharpZipLib/wiki/Release-1.0
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/icsharpcode/SharpZipLib/wiki/Release-1.0
4
reference_url https://github.com/snyk/zip-slip-vulnerability
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/snyk/zip-slip-vulnerability
5
reference_url https://snyk.io/research/zip-slip-vulnerability
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://snyk.io/research/zip-slip-vulnerability
6
reference_url https://snyk.io/vuln/SNYK-DOTNET-SHARPZIPLIB-60247
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://snyk.io/vuln/SNYK-DOTNET-SHARPZIPLIB-60247
7
reference_url https://nvd.nist.gov/vuln/detail/CVE-2018-1002208
reference_id CVE-2018-1002208
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2018-1002208
8
reference_url https://github.com/advisories/GHSA-cqj4-m2pc-v9m5
reference_id GHSA-cqj4-m2pc-v9m5
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-cqj4-m2pc-v9m5
fixed_packages
0
url pkg:deb/debian/mono@5.18.0.240%2Bdfsg-3
purl pkg:deb/debian/mono@5.18.0.240%2Bdfsg-3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-azkx-bdnb-ebbg
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/mono@5.18.0.240%252Bdfsg-3
aliases CVE-2018-1002208, GHSA-cqj4-m2pc-v9m5
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-xzc1-cy42-2ub4
Fixing_vulnerabilities
0
url VCID-2jhf-j64s-gygy
vulnerability_id VCID-2jhf-j64s-gygy
summary 
Security researcher Alin Rad Pop of Secunia
Research reported a heap-based buffer overflow in Mozilla's string to
floating point number conversion routines.  Using this vulnerability
an attacker could craft some malicious JavaScript code containing a
very long string to be converted to a floating point number which
would result in improper memory allocation and the execution of an
arbitrary memory location.  This vulnerability could thus be leveraged
by the attacker to run arbitrary code on a victim's computer.Update: The underlying flaw in the dtoa routines used
by Mozilla appears to be essentially the same as that reported against the
libc gdtoa routine by Maksymilian Arciemowicz.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-0689.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-0689.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2009-0689
reference_id
reference_type
scores
0
value 0.4176
scoring_system epss
scoring_elements 0.97433
published_at 2026-04-21T12:55:00Z
1
value 0.4176
scoring_system epss
scoring_elements 0.97395
published_at 2026-04-01T12:55:00Z
2
value 0.4176
scoring_system epss
scoring_elements 0.97421
published_at 2026-04-13T12:55:00Z
3
value 0.4176
scoring_system epss
scoring_elements 0.97429
published_at 2026-04-16T12:55:00Z
4
value 0.4176
scoring_system epss
scoring_elements 0.97402
published_at 2026-04-02T12:55:00Z
5
value 0.4176
scoring_system epss
scoring_elements 0.97406
published_at 2026-04-04T12:55:00Z
6
value 0.4176
scoring_system epss
scoring_elements 0.97408
published_at 2026-04-07T12:55:00Z
7
value 0.4176
scoring_system epss
scoring_elements 0.97415
published_at 2026-04-08T12:55:00Z
8
value 0.4176
scoring_system epss
scoring_elements 0.97417
published_at 2026-04-09T12:55:00Z
9
value 0.4176
scoring_system epss
scoring_elements 0.97419
published_at 2026-04-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2009-0689
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.4
scoring_system cvssv2
scoring_elements AV:N/AC:L/Au:N/C:N/I:P/A:P
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=539784
reference_id 539784
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=539784
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0689
reference_id CVE-2009-0689
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0689
5
reference_url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/bsd/dos/10185.txt
reference_id CVE-2009-0689
reference_type exploit
scores
url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/bsd/dos/10185.txt
6
reference_url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/bsd/dos/10187.txt
reference_id CVE-2009-0689;OSVDB-61186
reference_type exploit
scores
url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/bsd/dos/10187.txt
7
reference_url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/remote/33363.txt
reference_id CVE-2009-0689;OSVDB-61186
reference_type exploit
scores
url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/remote/33363.txt
8
reference_url https://www.securityfocus.com/bid/37078/info
reference_id CVE-2009-0689;OSVDB-61186
reference_type exploit
scores
url https://www.securityfocus.com/bid/37078/info
9
reference_url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/dos/10184.txt
reference_id CVE-2009-0689;OSVDB-61187
reference_type exploit
scores
url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/dos/10184.txt
10
reference_url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/33364.txt
reference_id CVE-2009-0689;OSVDB-61187
reference_type exploit
scores
url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/33364.txt
11
reference_url https://www.securityfocus.com/bid/37080/info
reference_id CVE-2009-0689;OSVDB-61187
reference_type exploit
scores
url https://www.securityfocus.com/bid/37080/info
12
reference_url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/dos/33312.txt
reference_id CVE-2009-0689;OSVDB-61189
reference_type exploit
scores
url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/dos/33312.txt
13
reference_url https://www.securityfocus.com/bid/36851/info
reference_id CVE-2009-0689;OSVDB-61189
reference_type exploit
scores
url https://www.securityfocus.com/bid/36851/info
14
reference_url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/bsd/dos/10186.txt
reference_id CVE-2009-0689;OSVDB-62402
reference_type exploit
scores
url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/bsd/dos/10186.txt
15
reference_url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/dos/33058.txt
reference_id CVE-2009-0689;OSVDB-63639
reference_type exploit
scores
url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/dos/33058.txt
16
reference_url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/osx/dos/33479.c
reference_id CVE-2009-0689;OSVDB-63639
reference_type exploit
scores
url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/osx/dos/33479.c
17
reference_url https://www.securityfocus.com/bid/35510/info
reference_id CVE-2009-0689;OSVDB-63639
reference_type exploit
scores
url https://www.securityfocus.com/bid/35510/info
18
reference_url https://www.securityfocus.com/bid/37687/info
reference_id CVE-2009-0689;OSVDB-63639
reference_type exploit
scores
url https://www.securityfocus.com/bid/37687/info
19
reference_url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/dos/33480.txt
reference_id CVE-2009-0689;OSVDB-63641
reference_type exploit
scores
url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/dos/33480.txt
20
reference_url https://www.securityfocus.com/bid/37688/info
reference_id CVE-2009-0689;OSVDB-63641
reference_type exploit
scores
url https://www.securityfocus.com/bid/37688/info
21
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2009-59
reference_id mfsa2009-59
reference_type
scores
0
value critical
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2009-59
22
reference_url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/remote/10380.pl
reference_id OSVDB-61189;CVE-2009-0689
reference_type exploit
scores
url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/remote/10380.pl
23
reference_url https://access.redhat.com/errata/RHSA-2009:1530
reference_id RHSA-2009:1530
reference_type
scores
url https://access.redhat.com/errata/RHSA-2009:1530
24
reference_url https://access.redhat.com/errata/RHSA-2009:1531
reference_id RHSA-2009:1531
reference_type
scores
url https://access.redhat.com/errata/RHSA-2009:1531
25
reference_url https://access.redhat.com/errata/RHSA-2009:1601
reference_id RHSA-2009:1601
reference_type
scores
url https://access.redhat.com/errata/RHSA-2009:1601
26
reference_url https://access.redhat.com/errata/RHSA-2010:0153
reference_id RHSA-2010:0153
reference_type
scores
url https://access.redhat.com/errata/RHSA-2010:0153
27
reference_url https://access.redhat.com/errata/RHSA-2010:0154
reference_id RHSA-2010:0154
reference_type
scores
url https://access.redhat.com/errata/RHSA-2010:0154
28
reference_url https://access.redhat.com/errata/RHSA-2014:0311
reference_id RHSA-2014:0311
reference_type
scores
url https://access.redhat.com/errata/RHSA-2014:0311
29
reference_url https://access.redhat.com/errata/RHSA-2014:0312
reference_id RHSA-2014:0312
reference_type
scores
url https://access.redhat.com/errata/RHSA-2014:0312
30
reference_url https://usn.ubuntu.com/871-1/
reference_id USN-871-1
reference_type
scores
url https://usn.ubuntu.com/871-1/
31
reference_url https://usn.ubuntu.com/915-1/
reference_id USN-915-1
reference_type
scores
url https://usn.ubuntu.com/915-1/
fixed_packages
0
url pkg:deb/debian/mono@4.6.2.7%2Bdfsg-1
purl pkg:deb/debian/mono@4.6.2.7%2Bdfsg-1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-azkx-bdnb-ebbg
1
vulnerability VCID-xzc1-cy42-2ub4
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/mono@4.6.2.7%252Bdfsg-1
aliases CVE-2009-0689
risk_score 10.0
exploitability 2.0
weighted_severity 9.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-2jhf-j64s-gygy
Risk_score4.0
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:deb/debian/mono@4.6.2.7%252Bdfsg-1