Django REST framework

Lookup for vulnerable packages by Package URL.

Purl pkg:deb/debian/pixman@0.34.0-1

Type deb

Namespace debian

Name pixman

Version 0.34.0-1

Qualifiers

Subpath

Is_vulnerable true

Next_non_vulnerable_version 0.40.0-1.1~deb11u1

Latest_non_vulnerable_version 0.40.0-1.1~deb11u1

Affected_by_vulnerabilities

url VCID-3144-v9zj-7qat

vulnerability_id VCID-3144-v9zj-7qat

summary A vulnerability has been discovered in Pixman, which can lead to a heap buffer overflow.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-44638.json

reference_id

reference_type

scores

value	7.0
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-44638.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2022-44638

reference_id

reference_type

scores

value	0.00367
scoring_system	epss
scoring_elements	0.58715
published_at	2026-04-09T12:55:00Z

value	0.00367
scoring_system	epss
scoring_elements	0.58733
published_at	2026-04-11T12:55:00Z

value	0.00378
scoring_system	epss
scoring_elements	0.59318
published_at	2026-04-04T12:55:00Z

value	0.00378
scoring_system	epss
scoring_elements	0.59333
published_at	2026-04-08T12:55:00Z

value	0.00378
scoring_system	epss
scoring_elements	0.59294
published_at	2026-04-02T12:55:00Z

value	0.00378
scoring_system	epss
scoring_elements	0.59282
published_at	2026-04-07T12:55:00Z

value	0.00416
scoring_system	epss
scoring_elements	0.61736
published_at	2026-04-26T12:55:00Z

value	0.00416
scoring_system	epss
scoring_elements	0.61716
published_at	2026-04-12T12:55:00Z

value	0.00416
scoring_system	epss
scoring_elements	0.61697
published_at	2026-04-13T12:55:00Z

value	0.00416
scoring_system	epss
scoring_elements	0.61737
published_at	2026-04-16T12:55:00Z

value	0.00416
scoring_system	epss
scoring_elements	0.61743
published_at	2026-04-18T12:55:00Z

value	0.00416
scoring_system	epss
scoring_elements	0.61725
published_at	2026-04-21T12:55:00Z

value	0.00416
scoring_system	epss
scoring_elements	0.61719
published_at	2026-04-24T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2022-44638

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-44638
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-44638

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

http://www.openwall.com/lists/oss-security/2022/11/05/1

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-05-02T19:11:57Z/

url

http://www.openwall.com/lists/oss-security/2022/11/05/1

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1023427
reference_id	1023427
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1023427

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2139988
reference_id	2139988
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2139988

reference_url

https://gitlab.freedesktop.org/pixman/pixman/-/issues/63

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-05-02T19:11:57Z/

url

https://gitlab.freedesktop.org/pixman/pixman/-/issues/63

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/AJ5VY2VYXE4WTRGQ6LMGLF6FV3SY37YE/

reference_id

AJ5VY2VYXE4WTRGQ6LMGLF6FV3SY37YE

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-05-02T19:11:57Z/

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/AJ5VY2VYXE4WTRGQ6LMGLF6FV3SY37YE/

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BY4OPSIB33ETNUXZY2UPZ4NGQ3OKDY4D/

reference_id

BY4OPSIB33ETNUXZY2UPZ4NGQ3OKDY4D

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-05-02T19:11:57Z/

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BY4OPSIB33ETNUXZY2UPZ4NGQ3OKDY4D/

reference_url

https://www.debian.org/security/2022/dsa-5276

reference_id

dsa-5276

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-05-02T19:11:57Z/

url

https://www.debian.org/security/2022/dsa-5276

reference_url	https://security.gentoo.org/glsa/202407-04
reference_id	GLSA-202407-04
reference_type
scores
url	https://security.gentoo.org/glsa/202407-04

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IUJ2BULJTZ2BMSKQHB6US674P55UCWWS/

reference_id

IUJ2BULJTZ2BMSKQHB6US674P55UCWWS

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-05-02T19:11:57Z/

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IUJ2BULJTZ2BMSKQHB6US674P55UCWWS/

reference_url

https://lists.debian.org/debian-lts-announce/2022/11/msg00008.html

reference_id

msg00008.html

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-05-02T19:11:57Z/

url

https://lists.debian.org/debian-lts-announce/2022/11/msg00008.html

reference_url

http://packetstormsecurity.com/files/170121/pixman-pixman_sample_floor_y-Integer-Overflow.html

reference_id

pixman-pixman_sample_floor_y-Integer-Overflow.html

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-05-02T19:11:57Z/

url

http://packetstormsecurity.com/files/170121/pixman-pixman_sample_floor_y-Integer-Overflow.html

reference_url	https://access.redhat.com/errata/RHSA-2023:7375
reference_id	RHSA-2023:7375
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:7375

reference_url	https://access.redhat.com/errata/RHSA-2023:7386
reference_id	RHSA-2023:7386
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:7386

reference_url	https://access.redhat.com/errata/RHSA-2023:7403
reference_id	RHSA-2023:7403
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:7403

reference_url	https://access.redhat.com/errata/RHSA-2023:7531
reference_id	RHSA-2023:7531
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:7531

reference_url	https://access.redhat.com/errata/RHSA-2023:7754
reference_id	RHSA-2023:7754
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:7754

reference_url	https://access.redhat.com/errata/RHSA-2024:0131
reference_id	RHSA-2024:0131
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0131

reference_url	https://access.redhat.com/errata/RHSA-2024:2525
reference_id	RHSA-2024:2525
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:2525

reference_url	https://usn.ubuntu.com/5718-1/
reference_id	USN-5718-1
reference_type
scores
url	https://usn.ubuntu.com/5718-1/

reference_url	https://usn.ubuntu.com/5718-2/
reference_id	USN-5718-2
reference_type
scores
url	https://usn.ubuntu.com/5718-2/

fixed_packages

url	pkg:deb/debian/pixman@0.40.0-1.1~deb11u1
purl	pkg:deb/debian/pixman@0.40.0-1.1~deb11u1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/pixman@0.40.0-1.1~deb11u1

aliases CVE-2022-44638

risk_score 4.0

exploitability 0.5

weighted_severity 7.9

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-3144-v9zj-7qat

Fixing_vulnerabilities

url VCID-zpe1-47bs-nqev

vulnerability_id VCID-zpe1-47bs-nqev

summary pixman: general_composite_rect() integer overflow

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-5297.json

reference_id

reference_type

scores

value	6.7
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-5297.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2015-5297

reference_id

reference_type

scores

value	0.00387
scoring_system	epss
scoring_elements	0.59715
published_at	2026-04-01T12:55:00Z

value	0.00387
scoring_system	epss
scoring_elements	0.59788
published_at	2026-04-02T12:55:00Z

value	0.00387
scoring_system	epss
scoring_elements	0.59812
published_at	2026-04-04T12:55:00Z

value	0.00387
scoring_system	epss
scoring_elements	0.59782
published_at	2026-04-07T12:55:00Z

value	0.00387
scoring_system	epss
scoring_elements	0.59833
published_at	2026-04-24T12:55:00Z

value	0.00387
scoring_system	epss
scoring_elements	0.59847
published_at	2026-04-09T12:55:00Z

value	0.00387
scoring_system	epss
scoring_elements	0.59867
published_at	2026-04-11T12:55:00Z

value	0.00387
scoring_system	epss
scoring_elements	0.59851
published_at	2026-04-26T12:55:00Z

value	0.00387
scoring_system	epss
scoring_elements	0.59832
published_at	2026-04-13T12:55:00Z

value	0.00387
scoring_system	epss
scoring_elements	0.5987
published_at	2026-04-16T12:55:00Z

value	0.00387
scoring_system	epss
scoring_elements	0.59877
published_at	2026-04-18T12:55:00Z

value	0.00387
scoring_system	epss
scoring_elements	0.59863
published_at	2026-04-21T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2015-5297

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5297
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5297

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1651585
reference_id	1651585
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1651585

reference_url	https://usn.ubuntu.com/3843-1/
reference_id	USN-3843-1
reference_type
scores
url	https://usn.ubuntu.com/3843-1/

reference_url	https://usn.ubuntu.com/3843-2/
reference_id	USN-3843-2
reference_type
scores
url	https://usn.ubuntu.com/3843-2/

fixed_packages

url pkg:deb/debian/pixman@0.34.0-1

purl pkg:deb/debian/pixman@0.34.0-1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-3144-v9zj-7qat

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/pixman@0.34.0-1

aliases CVE-2015-5297

risk_score 3.0

exploitability 0.5

weighted_severity 6.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-zpe1-47bs-nqev

Risk_score 4.0

Resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/pixman@0.34.0-1

Package Instance