Django REST framework

Lookup for vulnerable packages by Package URL.

Purl pkg:deb/debian/sendmail@8.14.3-5%2Blenny1

Type deb

Namespace debian

Name sendmail

Version 8.14.3-5+lenny1

Qualifiers

Subpath

Is_vulnerable true

Next_non_vulnerable_version 8.17.1.9-2+deb12u2

Latest_non_vulnerable_version 8.17.1.9-2+deb12u2

Affected_by_vulnerabilities

url VCID-dk9t-39dj-cud4

vulnerability_id VCID-dk9t-39dj-cud4

summary

An error in the hostname matching in sendmail might enable remote
    attackers to conduct man-in-the-middle attacks.

references

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-4565.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-4565.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2009-4565

reference_id

reference_type

scores

value	0.00771
scoring_system	epss
scoring_elements	0.73476
published_at	2026-04-01T12:55:00Z

value	0.00771
scoring_system	epss
scoring_elements	0.73485
published_at	2026-04-02T12:55:00Z

value	0.00771
scoring_system	epss
scoring_elements	0.73507
published_at	2026-04-04T12:55:00Z

value	0.00771
scoring_system	epss
scoring_elements	0.73479
published_at	2026-04-07T12:55:00Z

value	0.00771
scoring_system	epss
scoring_elements	0.73516
published_at	2026-04-08T12:55:00Z

value	0.00771
scoring_system	epss
scoring_elements	0.73529
published_at	2026-04-09T12:55:00Z

value	0.00771
scoring_system	epss
scoring_elements	0.73552
published_at	2026-04-11T12:55:00Z

value	0.00771
scoring_system	epss
scoring_elements	0.73536
published_at	2026-04-12T12:55:00Z

value	0.00771
scoring_system	epss
scoring_elements	0.73528
published_at	2026-04-13T12:55:00Z

value	0.00771
scoring_system	epss
scoring_elements	0.73572
published_at	2026-04-16T12:55:00Z

value	0.00771
scoring_system	epss
scoring_elements	0.73582
published_at	2026-04-18T12:55:00Z

value	0.00771
scoring_system	epss
scoring_elements	0.73575
published_at	2026-04-21T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2009-4565

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4565
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4565

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=552622
reference_id	552622
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=552622

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=564581
reference_id	564581
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=564581

reference_url	https://security.gentoo.org/glsa/201206-30
reference_id	GLSA-201206-30
reference_type
scores
url	https://security.gentoo.org/glsa/201206-30

reference_url	https://access.redhat.com/errata/RHSA-2010:0237
reference_id	RHSA-2010:0237
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2010:0237

reference_url	https://access.redhat.com/errata/RHSA-2011:0262
reference_id	RHSA-2011:0262
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2011:0262

fixed_packages

url pkg:deb/debian/sendmail@8.14.3-9.4

purl pkg:deb/debian/sendmail@8.14.3-9.4

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-gycy-hbda-p3ht

vulnerability	VCID-qzm7-bmk8-9fgf

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/sendmail@8.14.3-9.4

aliases CVE-2009-4565

risk_score null

exploitability 0.5

weighted_severity 0.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-dk9t-39dj-cud4

url VCID-gycy-hbda-p3ht

vulnerability_id VCID-gycy-hbda-p3ht

summary

A vulnerability in sendmail could allow a local attacker to obtain
    sensitive information.

references

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-3956.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-3956.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2014-3956

reference_id

reference_type

scores

value	0.0008
scoring_system	epss
scoring_elements	0.23676
published_at	2026-04-21T12:55:00Z

value	0.001
scoring_system	epss
scoring_elements	0.2787
published_at	2026-04-02T12:55:00Z

value	0.001
scoring_system	epss
scoring_elements	0.2791
published_at	2026-04-04T12:55:00Z

value	0.001
scoring_system	epss
scoring_elements	0.27702
published_at	2026-04-07T12:55:00Z

value	0.001
scoring_system	epss
scoring_elements	0.2777
published_at	2026-04-08T12:55:00Z

value	0.001
scoring_system	epss
scoring_elements	0.27812
published_at	2026-04-09T12:55:00Z

value	0.001
scoring_system	epss
scoring_elements	0.2782
published_at	2026-04-01T12:55:00Z

value	0.001
scoring_system	epss
scoring_elements	0.27776
published_at	2026-04-12T12:55:00Z

value	0.001
scoring_system	epss
scoring_elements	0.27719
published_at	2026-04-13T12:55:00Z

value	0.001
scoring_system	epss
scoring_elements	0.27727
published_at	2026-04-16T12:55:00Z

value	0.001
scoring_system	epss
scoring_elements	0.27701
published_at	2026-04-18T12:55:00Z

value	0.001
scoring_system	epss
scoring_elements	0.27818
published_at	2026-04-11T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2014-3956

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3956
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3956

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1102174
reference_id	1102174
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1102174

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=750562
reference_id	750562
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=750562

reference_url	https://security.gentoo.org/glsa/201412-32
reference_id	GLSA-201412-32
reference_type
scores
url	https://security.gentoo.org/glsa/201412-32

fixed_packages

url pkg:deb/debian/sendmail@8.14.4-8

purl pkg:deb/debian/sendmail@8.14.4-8

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-qzm7-bmk8-9fgf

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/sendmail@8.14.4-8

aliases CVE-2014-3956

risk_score null

exploitability 0.5

weighted_severity 0.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-gycy-hbda-p3ht

url VCID-qzm7-bmk8-9fgf

vulnerability_id VCID-qzm7-bmk8-9fgf

summary sendmail: SMTP smuggling vulnerability

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-51765.json

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-51765.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2023-51765

reference_id

reference_type

scores

value	0.00837
scoring_system	epss
scoring_elements	0.74609
published_at	2026-04-02T12:55:00Z

value	0.00837
scoring_system	epss
scoring_elements	0.74636
published_at	2026-04-04T12:55:00Z

value	0.00837
scoring_system	epss
scoring_elements	0.7461
published_at	2026-04-07T12:55:00Z

value	0.00837
scoring_system	epss
scoring_elements	0.74641
published_at	2026-04-08T12:55:00Z

value	0.00837
scoring_system	epss
scoring_elements	0.74655
published_at	2026-04-09T12:55:00Z

value	0.00837
scoring_system	epss
scoring_elements	0.74678
published_at	2026-04-11T12:55:00Z

value	0.00837
scoring_system	epss
scoring_elements	0.74658
published_at	2026-04-12T12:55:00Z

value	0.00837
scoring_system	epss
scoring_elements	0.7465
published_at	2026-04-13T12:55:00Z

value	0.00837
scoring_system	epss
scoring_elements	0.74687
published_at	2026-04-16T12:55:00Z

value	0.00837
scoring_system	epss
scoring_elements	0.74695
published_at	2026-04-18T12:55:00Z

value	0.00837
scoring_system	epss
scoring_elements	0.74686
published_at	2026-04-21T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2023-51765

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-51765
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-51765

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1059386
reference_id	1059386
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1059386

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2255869
reference_id	2255869
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2255869

fixed_packages

url pkg:deb/debian/sendmail@8.15.2-22%2Bdeb11u3

purl pkg:deb/debian/sendmail@8.15.2-22%2Bdeb11u3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-u8aq-2qhu-gff5

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/sendmail@8.15.2-22%252Bdeb11u3

aliases CVE-2023-51765

risk_score 2.4

exploitability 0.5

weighted_severity 4.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-qzm7-bmk8-9fgf

Fixing_vulnerabilities

Risk_score 2.4

Resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/sendmail@8.14.3-5%252Blenny1

Package Instance