Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:deb/debian/sendmail@8.13.8-3
Typedeb
Namespacedebian
Namesendmail
Version8.13.8-3
Qualifiers
Subpath
Is_vulnerabletrue
Next_non_vulnerable_version8.17.1.9-2+deb12u2
Latest_non_vulnerable_version8.17.1.9-2+deb12u2
Affected_by_vulnerabilities
0
url VCID-dk9t-39dj-cud4
vulnerability_id VCID-dk9t-39dj-cud4
summary 
An error in the hostname matching in sendmail might enable remote
    attackers to conduct man-in-the-middle attacks.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-4565.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-4565.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2009-4565
reference_id
reference_type
scores
0
value 0.00771
scoring_system epss
scoring_elements 0.73476
published_at 2026-04-01T12:55:00Z
1
value 0.00771
scoring_system epss
scoring_elements 0.73485
published_at 2026-04-02T12:55:00Z
2
value 0.00771
scoring_system epss
scoring_elements 0.73507
published_at 2026-04-04T12:55:00Z
3
value 0.00771
scoring_system epss
scoring_elements 0.73479
published_at 2026-04-07T12:55:00Z
4
value 0.00771
scoring_system epss
scoring_elements 0.73516
published_at 2026-04-08T12:55:00Z
5
value 0.00771
scoring_system epss
scoring_elements 0.73529
published_at 2026-04-09T12:55:00Z
6
value 0.00771
scoring_system epss
scoring_elements 0.73552
published_at 2026-04-11T12:55:00Z
7
value 0.00771
scoring_system epss
scoring_elements 0.73536
published_at 2026-04-12T12:55:00Z
8
value 0.00771
scoring_system epss
scoring_elements 0.73528
published_at 2026-04-13T12:55:00Z
9
value 0.00771
scoring_system epss
scoring_elements 0.73572
published_at 2026-04-16T12:55:00Z
10
value 0.00771
scoring_system epss
scoring_elements 0.73582
published_at 2026-04-18T12:55:00Z
11
value 0.00771
scoring_system epss
scoring_elements 0.73575
published_at 2026-04-21T12:55:00Z
12
value 0.00771
scoring_system epss
scoring_elements 0.73607
published_at 2026-04-24T12:55:00Z
13
value 0.00771
scoring_system epss
scoring_elements 0.73617
published_at 2026-04-26T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2009-4565
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4565
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4565
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=552622
reference_id 552622
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=552622
4
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=564581
reference_id 564581
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=564581
5
reference_url https://security.gentoo.org/glsa/201206-30
reference_id GLSA-201206-30
reference_type
scores
url https://security.gentoo.org/glsa/201206-30
6
reference_url https://access.redhat.com/errata/RHSA-2010:0237
reference_id RHSA-2010:0237
reference_type
scores
url https://access.redhat.com/errata/RHSA-2010:0237
7
reference_url https://access.redhat.com/errata/RHSA-2011:0262
reference_id RHSA-2011:0262
reference_type
scores
url https://access.redhat.com/errata/RHSA-2011:0262
fixed_packages
0
url pkg:deb/debian/sendmail@8.14.3-9.4
purl pkg:deb/debian/sendmail@8.14.3-9.4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-gycy-hbda-p3ht
1
vulnerability VCID-qzm7-bmk8-9fgf
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/sendmail@8.14.3-9.4
aliases CVE-2009-4565
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-dk9t-39dj-cud4
1
url VCID-gycy-hbda-p3ht
vulnerability_id VCID-gycy-hbda-p3ht
summary 
A vulnerability in sendmail could allow a local attacker to obtain
    sensitive information.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-3956.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-3956.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2014-3956
reference_id
reference_type
scores
0
value 0.0008
scoring_system epss
scoring_elements 0.23676
published_at 2026-04-21T12:55:00Z
1
value 0.0008
scoring_system epss
scoring_elements 0.23564
published_at 2026-04-24T12:55:00Z
2
value 0.0008
scoring_system epss
scoring_elements 0.23555
published_at 2026-04-26T12:55:00Z
3
value 0.001
scoring_system epss
scoring_elements 0.27702
published_at 2026-04-07T12:55:00Z
4
value 0.001
scoring_system epss
scoring_elements 0.2777
published_at 2026-04-08T12:55:00Z
5
value 0.001
scoring_system epss
scoring_elements 0.27812
published_at 2026-04-09T12:55:00Z
6
value 0.001
scoring_system epss
scoring_elements 0.27818
published_at 2026-04-11T12:55:00Z
7
value 0.001
scoring_system epss
scoring_elements 0.2782
published_at 2026-04-01T12:55:00Z
8
value 0.001
scoring_system epss
scoring_elements 0.27719
published_at 2026-04-13T12:55:00Z
9
value 0.001
scoring_system epss
scoring_elements 0.27727
published_at 2026-04-16T12:55:00Z
10
value 0.001
scoring_system epss
scoring_elements 0.27701
published_at 2026-04-18T12:55:00Z
11
value 0.001
scoring_system epss
scoring_elements 0.27776
published_at 2026-04-12T12:55:00Z
12
value 0.001
scoring_system epss
scoring_elements 0.2787
published_at 2026-04-02T12:55:00Z
13
value 0.001
scoring_system epss
scoring_elements 0.2791
published_at 2026-04-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2014-3956
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3956
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3956
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1102174
reference_id 1102174
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1102174
4
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=750562
reference_id 750562
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=750562
5
reference_url https://security.gentoo.org/glsa/201412-32
reference_id GLSA-201412-32
reference_type
scores
url https://security.gentoo.org/glsa/201412-32
fixed_packages
0
url pkg:deb/debian/sendmail@8.14.4-8
purl pkg:deb/debian/sendmail@8.14.4-8
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-qzm7-bmk8-9fgf
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/sendmail@8.14.4-8
aliases CVE-2014-3956
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-gycy-hbda-p3ht
2
url VCID-qzm7-bmk8-9fgf
vulnerability_id VCID-qzm7-bmk8-9fgf
summary sendmail: SMTP smuggling vulnerability
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-51765.json
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-51765.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2023-51765
reference_id
reference_type
scores
0
value 0.00837
scoring_system epss
scoring_elements 0.74609
published_at 2026-04-02T12:55:00Z
1
value 0.00837
scoring_system epss
scoring_elements 0.74636
published_at 2026-04-04T12:55:00Z
2
value 0.00837
scoring_system epss
scoring_elements 0.7461
published_at 2026-04-07T12:55:00Z
3
value 0.00837
scoring_system epss
scoring_elements 0.74641
published_at 2026-04-08T12:55:00Z
4
value 0.00837
scoring_system epss
scoring_elements 0.74655
published_at 2026-04-09T12:55:00Z
5
value 0.00837
scoring_system epss
scoring_elements 0.74678
published_at 2026-04-11T12:55:00Z
6
value 0.00837
scoring_system epss
scoring_elements 0.74658
published_at 2026-04-12T12:55:00Z
7
value 0.00837
scoring_system epss
scoring_elements 0.7465
published_at 2026-04-13T12:55:00Z
8
value 0.00837
scoring_system epss
scoring_elements 0.74687
published_at 2026-04-16T12:55:00Z
9
value 0.00837
scoring_system epss
scoring_elements 0.74695
published_at 2026-04-18T12:55:00Z
10
value 0.00837
scoring_system epss
scoring_elements 0.74686
published_at 2026-04-21T12:55:00Z
11
value 0.00837
scoring_system epss
scoring_elements 0.74722
published_at 2026-04-24T12:55:00Z
12
value 0.00837
scoring_system epss
scoring_elements 0.74728
published_at 2026-04-26T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2023-51765
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-51765
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-51765
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1059386
reference_id 1059386
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1059386
5
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2255869
reference_id 2255869
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2255869
fixed_packages
0
url pkg:deb/debian/sendmail@8.15.2-22%2Bdeb11u3
purl pkg:deb/debian/sendmail@8.15.2-22%2Bdeb11u3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-u8aq-2qhu-gff5
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/sendmail@8.15.2-22%252Bdeb11u3
aliases CVE-2023-51765
risk_score 2.4
exploitability 0.5
weighted_severity 4.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-qzm7-bmk8-9fgf
Fixing_vulnerabilities
0
url VCID-3fjk-gqgc-3yhs
vulnerability_id VCID-3fjk-gqgc-3yhs
summary 
Sendmail is vulnerable to a race condition which could lead to the
    execution of arbitrary code with sendmail privileges.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2006-0058.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2006-0058.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2006-0058
reference_id
reference_type
scores
0
value 0.5899
scoring_system epss
scoring_elements 0.9821
published_at 2026-04-01T12:55:00Z
1
value 0.5899
scoring_system epss
scoring_elements 0.98213
published_at 2026-04-02T12:55:00Z
2
value 0.5899
scoring_system epss
scoring_elements 0.98217
published_at 2026-04-04T12:55:00Z
3
value 0.5899
scoring_system epss
scoring_elements 0.98218
published_at 2026-04-07T12:55:00Z
4
value 0.5899
scoring_system epss
scoring_elements 0.98223
published_at 2026-04-09T12:55:00Z
5
value 0.5899
scoring_system epss
scoring_elements 0.98226
published_at 2026-04-13T12:55:00Z
6
value 0.5899
scoring_system epss
scoring_elements 0.98225
published_at 2026-04-12T12:55:00Z
7
value 0.5899
scoring_system epss
scoring_elements 0.98231
published_at 2026-04-21T12:55:00Z
8
value 0.5899
scoring_system epss
scoring_elements 0.98232
published_at 2026-04-18T12:55:00Z
9
value 0.5899
scoring_system epss
scoring_elements 0.98233
published_at 2026-04-24T12:55:00Z
10
value 0.5899
scoring_system epss
scoring_elements 0.98235
published_at 2026-04-26T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2006-0058
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0058
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0058
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1617872
reference_id 1617872
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1617872
4
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=358440
reference_id 358440
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=358440
5
reference_url https://security.gentoo.org/glsa/200603-21
reference_id GLSA-200603-21
reference_type
scores
url https://security.gentoo.org/glsa/200603-21
6
reference_url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/dos/2051.py
reference_id OSVDB-24037;CVE-2006-0058
reference_type exploit
scores
url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/dos/2051.py
7
reference_url https://access.redhat.com/errata/RHSA-2006:0264
reference_id RHSA-2006:0264
reference_type
scores
url https://access.redhat.com/errata/RHSA-2006:0264
8
reference_url https://access.redhat.com/errata/RHSA-2006:0265
reference_id RHSA-2006:0265
reference_type
scores
url https://access.redhat.com/errata/RHSA-2006:0265
fixed_packages
0
url pkg:deb/debian/sendmail@8.13.8-3
purl pkg:deb/debian/sendmail@8.13.8-3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-dk9t-39dj-cud4
1
vulnerability VCID-gycy-hbda-p3ht
2
vulnerability VCID-qzm7-bmk8-9fgf
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/sendmail@8.13.8-3
aliases CVE-2006-0058
risk_score 1.0
exploitability 2.0
weighted_severity 0.5
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-3fjk-gqgc-3yhs
1
url VCID-fgbr-mydh-7bhx
vulnerability_id VCID-fgbr-mydh-7bhx
summary Use-after-free vulnerability in Sendmail before 8.13.8 allows remote attackers to cause a denial of service (crash) via a long "header line", which causes a previously freed variable to be referenced. NOTE: the original developer has disputed the severity of this issue, saying "The only denial of service that is possible here is to fill up the disk with core dumps if the OS actually generates different core dumps (which is unlikely)... the bug is in the shutdown code (finis()) which leads directly to exit(3), i.e., the process would terminate anyway, no mail delivery or receiption is affected."
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2006-4434.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2006-4434.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2006-4434
reference_id
reference_type
scores
0
value 0.07028
scoring_system epss
scoring_elements 0.91437
published_at 2026-04-01T12:55:00Z
1
value 0.07028
scoring_system epss
scoring_elements 0.91443
published_at 2026-04-02T12:55:00Z
2
value 0.07028
scoring_system epss
scoring_elements 0.91453
published_at 2026-04-04T12:55:00Z
3
value 0.07028
scoring_system epss
scoring_elements 0.9146
published_at 2026-04-07T12:55:00Z
4
value 0.07028
scoring_system epss
scoring_elements 0.91473
published_at 2026-04-08T12:55:00Z
5
value 0.07028
scoring_system epss
scoring_elements 0.91479
published_at 2026-04-09T12:55:00Z
6
value 0.07028
scoring_system epss
scoring_elements 0.91484
published_at 2026-04-11T12:55:00Z
7
value 0.07028
scoring_system epss
scoring_elements 0.91487
published_at 2026-04-12T12:55:00Z
8
value 0.07028
scoring_system epss
scoring_elements 0.91485
published_at 2026-04-13T12:55:00Z
9
value 0.07028
scoring_system epss
scoring_elements 0.91509
published_at 2026-04-16T12:55:00Z
10
value 0.07028
scoring_system epss
scoring_elements 0.91504
published_at 2026-04-21T12:55:00Z
11
value 0.07028
scoring_system epss
scoring_elements 0.91513
published_at 2026-04-24T12:55:00Z
12
value 0.07028
scoring_system epss
scoring_elements 0.91511
published_at 2026-04-26T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2006-4434
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4434
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4434
3
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=385054
reference_id 385054
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=385054
fixed_packages
0
url pkg:deb/debian/sendmail@8.13.8-3
purl pkg:deb/debian/sendmail@8.13.8-3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-dk9t-39dj-cud4
1
vulnerability VCID-gycy-hbda-p3ht
2
vulnerability VCID-qzm7-bmk8-9fgf
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/sendmail@8.13.8-3
aliases CVE-2006-4434
risk_score 0.1
exploitability 0.5
weighted_severity 0.1
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-fgbr-mydh-7bhx
2
url VCID-m7np-crvq-p3dc
vulnerability_id VCID-m7np-crvq-p3dc
summary 
Faulty multipart MIME messages can cause forked Sendmail processes to
    crash.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2006-1173.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2006-1173.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2006-1173
reference_id
reference_type
scores
0
value 0.21456
scoring_system epss
scoring_elements 0.95674
published_at 2026-04-01T12:55:00Z
1
value 0.21456
scoring_system epss
scoring_elements 0.95683
published_at 2026-04-02T12:55:00Z
2
value 0.21456
scoring_system epss
scoring_elements 0.95689
published_at 2026-04-04T12:55:00Z
3
value 0.21456
scoring_system epss
scoring_elements 0.95691
published_at 2026-04-07T12:55:00Z
4
value 0.21456
scoring_system epss
scoring_elements 0.957
published_at 2026-04-08T12:55:00Z
5
value 0.21456
scoring_system epss
scoring_elements 0.95704
published_at 2026-04-09T12:55:00Z
6
value 0.21456
scoring_system epss
scoring_elements 0.95707
published_at 2026-04-12T12:55:00Z
7
value 0.21456
scoring_system epss
scoring_elements 0.95709
published_at 2026-04-13T12:55:00Z
8
value 0.21456
scoring_system epss
scoring_elements 0.95718
published_at 2026-04-16T12:55:00Z
9
value 0.21456
scoring_system epss
scoring_elements 0.95721
published_at 2026-04-18T12:55:00Z
10
value 0.21456
scoring_system epss
scoring_elements 0.95722
published_at 2026-04-21T12:55:00Z
11
value 0.21456
scoring_system epss
scoring_elements 0.95724
published_at 2026-04-26T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2006-1173
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1173
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1173
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1618028
reference_id 1618028
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1618028
4
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=373801
reference_id 373801
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=373801
5
reference_url https://security.gentoo.org/glsa/200606-19
reference_id GLSA-200606-19
reference_type
scores
url https://security.gentoo.org/glsa/200606-19
6
reference_url https://access.redhat.com/errata/RHSA-2006:0515
reference_id RHSA-2006:0515
reference_type
scores
url https://access.redhat.com/errata/RHSA-2006:0515
fixed_packages
0
url pkg:deb/debian/sendmail@8.13.8-3
purl pkg:deb/debian/sendmail@8.13.8-3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-dk9t-39dj-cud4
1
vulnerability VCID-gycy-hbda-p3ht
2
vulnerability VCID-qzm7-bmk8-9fgf
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/sendmail@8.13.8-3
aliases CVE-2006-1173
risk_score 0.1
exploitability 0.5
weighted_severity 0.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-m7np-crvq-p3dc
Risk_score2.4
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:deb/debian/sendmail@8.13.8-3