Django REST framework

Lookup for vulnerable packages by Package URL.

Purl pkg:deb/debian/ncompress@4.2.4.0-2

Type deb

Namespace debian

Name ncompress

Version 4.2.4.0-2

Qualifiers

Subpath

Is_vulnerable true

Next_non_vulnerable_version 4.2.4.3-6

Latest_non_vulnerable_version 4.2.4.3-6

Affected_by_vulnerabilities

url VCID-vm8g-v83d-mbfm

vulnerability_id VCID-vm8g-v83d-mbfm

summary

This GLSA contains notification of vulnerabilities found in several
    Gentoo packages which have been fixed prior to January 1, 2011. The worst
    of these vulnerabilities could lead to local privilege escalation and
    remote code execution. Please see the package list and CVE identifiers
    below for more information.

references

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-0001.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-0001.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2010-0001

reference_id

reference_type

scores

value	0.22601
scoring_system	epss
scoring_elements	0.95813
published_at	2026-04-01T12:55:00Z

value	0.22601
scoring_system	epss
scoring_elements	0.95822
published_at	2026-04-02T12:55:00Z

value	0.22601
scoring_system	epss
scoring_elements	0.9583
published_at	2026-04-04T12:55:00Z

value	0.22601
scoring_system	epss
scoring_elements	0.95832
published_at	2026-04-07T12:55:00Z

value	0.22601
scoring_system	epss
scoring_elements	0.95841
published_at	2026-04-08T12:55:00Z

value	0.22601
scoring_system	epss
scoring_elements	0.95845
published_at	2026-04-09T12:55:00Z

value	0.22601
scoring_system	epss
scoring_elements	0.95848
published_at	2026-04-12T12:55:00Z

value	0.22601
scoring_system	epss
scoring_elements	0.95849
published_at	2026-04-13T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2010-0001

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0001
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0001

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=554418
reference_id	554418
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=554418

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=566002
reference_id	566002
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=566002

reference_url	https://security.gentoo.org/glsa/201412-08
reference_id	GLSA-201412-08
reference_type
scores
url	https://security.gentoo.org/glsa/201412-08

reference_url	https://access.redhat.com/errata/RHSA-2010:0061
reference_id	RHSA-2010:0061
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2010:0061

reference_url	https://usn.ubuntu.com/889-1/
reference_id	USN-889-1
reference_type
scores
url	https://usn.ubuntu.com/889-1/

fixed_packages

url	pkg:deb/debian/ncompress@4.2.4.3-6
purl	pkg:deb/debian/ncompress@4.2.4.3-6
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/ncompress@4.2.4.3-6

aliases CVE-2010-0001

risk_score 0.1

exploitability 0.5

weighted_severity 0.2

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-vm8g-v83d-mbfm

Fixing_vulnerabilities

url VCID-cd15-ngyt-93he

vulnerability_id VCID-cd15-ngyt-93he

summary

A buffer underflow vulnerability has been reported in ncompress allowing
    for the execution of arbitrary code.

references

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2006-1168.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2006-1168.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2006-1168

reference_id

reference_type

scores

value	0.09814
scoring_system	epss
scoring_elements	0.92939
published_at	2026-04-01T12:55:00Z

value	0.09814
scoring_system	epss
scoring_elements	0.92947
published_at	2026-04-02T12:55:00Z

value	0.09814
scoring_system	epss
scoring_elements	0.92952
published_at	2026-04-07T12:55:00Z

value	0.09814
scoring_system	epss
scoring_elements	0.92959
published_at	2026-04-08T12:55:00Z

value	0.09814
scoring_system	epss
scoring_elements	0.92964
published_at	2026-04-09T12:55:00Z

value	0.09814
scoring_system	epss
scoring_elements	0.92968
published_at	2026-04-13T12:55:00Z

value	0.09814
scoring_system	epss
scoring_elements	0.92966
published_at	2026-04-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2006-1168

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1168
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1168

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=201919
reference_id	201919
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=201919

reference_url	https://security.gentoo.org/glsa/200610-03
reference_id	GLSA-200610-03
reference_type
scores
url	https://security.gentoo.org/glsa/200610-03

reference_url	https://security.gentoo.org/glsa/201312-02
reference_id	GLSA-201312-02
reference_type
scores
url	https://security.gentoo.org/glsa/201312-02

reference_url	https://access.redhat.com/errata/RHSA-2006:0663
reference_id	RHSA-2006:0663
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2006:0663

reference_url	https://access.redhat.com/errata/RHSA-2012:0308
reference_id	RHSA-2012:0308
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2012:0308

reference_url	https://access.redhat.com/errata/RHSA-2012:0810
reference_id	RHSA-2012:0810
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2012:0810

fixed_packages

url pkg:deb/debian/ncompress@4.2.4.0-2

purl pkg:deb/debian/ncompress@4.2.4.0-2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-vm8g-v83d-mbfm

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/ncompress@4.2.4.0-2

aliases CVE-2006-1168

risk_score 0.1

exploitability 0.5

weighted_severity 0.1

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-cd15-ngyt-93he

Risk_score 0.1

Resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/ncompress@4.2.4.0-2

Package Instance