Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:deb/debian/audacity@2.1.2-2
Typedeb
Namespacedebian
Nameaudacity
Version2.1.2-2
Qualifiers
Subpath
Is_vulnerabletrue
Next_non_vulnerable_version2.4.2~dfsg0-5
Latest_non_vulnerable_version2.4.2~dfsg0-5
Affected_by_vulnerabilities
0
url VCID-veb9-7659-wfg7
vulnerability_id VCID-veb9-7659-wfg7
summary Audacity through 2.3.3 saves temporary files to /var/tmp/audacity-$USER by default. After Audacity creates the temporary directory, it sets its permissions to 755. Any user on the system can read and play the temporary audio .au files located there.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-11867
reference_id
reference_type
scores
0
value 0.00118
scoring_system epss
scoring_elements 0.3055
published_at 2026-04-24T12:55:00Z
1
value 0.00118
scoring_system epss
scoring_elements 0.30749
published_at 2026-04-01T12:55:00Z
2
value 0.00118
scoring_system epss
scoring_elements 0.30876
published_at 2026-04-02T12:55:00Z
3
value 0.00118
scoring_system epss
scoring_elements 0.30923
published_at 2026-04-04T12:55:00Z
4
value 0.00118
scoring_system epss
scoring_elements 0.30743
published_at 2026-04-07T12:55:00Z
5
value 0.00118
scoring_system epss
scoring_elements 0.30801
published_at 2026-04-08T12:55:00Z
6
value 0.00118
scoring_system epss
scoring_elements 0.30833
published_at 2026-04-09T12:55:00Z
7
value 0.00118
scoring_system epss
scoring_elements 0.30835
published_at 2026-04-11T12:55:00Z
8
value 0.00118
scoring_system epss
scoring_elements 0.3079
published_at 2026-04-12T12:55:00Z
9
value 0.00118
scoring_system epss
scoring_elements 0.30745
published_at 2026-04-13T12:55:00Z
10
value 0.00118
scoring_system epss
scoring_elements 0.3077
published_at 2026-04-16T12:55:00Z
11
value 0.00118
scoring_system epss
scoring_elements 0.3075
published_at 2026-04-18T12:55:00Z
12
value 0.00118
scoring_system epss
scoring_elements 0.30716
published_at 2026-04-21T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-11867
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11867
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11867
2
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=976874
reference_id 976874
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=976874
3
reference_url https://security.archlinux.org/AVG-1311
reference_id AVG-1311
reference_type
scores
0
value Low
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-1311
4
reference_url https://usn.ubuntu.com/7211-1/
reference_id USN-7211-1
reference_type
scores
url https://usn.ubuntu.com/7211-1/
fixed_packages
0
url pkg:deb/debian/audacity@2.4.2~dfsg0-5
purl pkg:deb/debian/audacity@2.4.2~dfsg0-5
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/audacity@2.4.2~dfsg0-5
aliases CVE-2020-11867
risk_score 1.4
exploitability 0.5
weighted_severity 2.7
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-veb9-7659-wfg7
Fixing_vulnerabilities
0
url VCID-4e8r-fvv6-f7f2
vulnerability_id VCID-4e8r-fvv6-f7f2
summary Audacity before 2.1.2 allows remote attackers to cause a denial of service (memory corruption and application crash) via a crafted MP2 file.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-2541
reference_id
reference_type
scores
0
value 0.00859
scoring_system epss
scoring_elements 0.74968
published_at 2026-04-01T12:55:00Z
1
value 0.00859
scoring_system epss
scoring_elements 0.74971
published_at 2026-04-02T12:55:00Z
2
value 0.00859
scoring_system epss
scoring_elements 0.75
published_at 2026-04-04T12:55:00Z
3
value 0.00859
scoring_system epss
scoring_elements 0.74976
published_at 2026-04-07T12:55:00Z
4
value 0.00859
scoring_system epss
scoring_elements 0.7501
published_at 2026-04-08T12:55:00Z
5
value 0.00859
scoring_system epss
scoring_elements 0.75022
published_at 2026-04-12T12:55:00Z
6
value 0.00859
scoring_system epss
scoring_elements 0.75043
published_at 2026-04-11T12:55:00Z
7
value 0.00859
scoring_system epss
scoring_elements 0.75011
published_at 2026-04-13T12:55:00Z
8
value 0.00859
scoring_system epss
scoring_elements 0.75047
published_at 2026-04-16T12:55:00Z
9
value 0.00859
scoring_system epss
scoring_elements 0.75055
published_at 2026-04-18T12:55:00Z
10
value 0.00859
scoring_system epss
scoring_elements 0.75044
published_at 2026-04-21T12:55:00Z
11
value 0.00859
scoring_system epss
scoring_elements 0.75083
published_at 2026-04-24T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-2541
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2541
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2541
fixed_packages
0
url pkg:deb/debian/audacity@2.1.2-2
purl pkg:deb/debian/audacity@2.1.2-2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-veb9-7659-wfg7
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/audacity@2.1.2-2
aliases CVE-2016-2541
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-4e8r-fvv6-f7f2
1
url VCID-nxc6-nv2g-17g6
vulnerability_id VCID-nxc6-nv2g-17g6
summary Audacity before 2.1.2 allows remote attackers to cause a denial of service (memory corruption and application crash) via a crafted FORMATCHUNK structure.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-2540
reference_id
reference_type
scores
0
value 0.00908
scoring_system epss
scoring_elements 0.75708
published_at 2026-04-01T12:55:00Z
1
value 0.00908
scoring_system epss
scoring_elements 0.7571
published_at 2026-04-02T12:55:00Z
2
value 0.00908
scoring_system epss
scoring_elements 0.75741
published_at 2026-04-04T12:55:00Z
3
value 0.00908
scoring_system epss
scoring_elements 0.7572
published_at 2026-04-07T12:55:00Z
4
value 0.00908
scoring_system epss
scoring_elements 0.75754
published_at 2026-04-08T12:55:00Z
5
value 0.00908
scoring_system epss
scoring_elements 0.75766
published_at 2026-04-09T12:55:00Z
6
value 0.00908
scoring_system epss
scoring_elements 0.7579
published_at 2026-04-11T12:55:00Z
7
value 0.00908
scoring_system epss
scoring_elements 0.75771
published_at 2026-04-12T12:55:00Z
8
value 0.00908
scoring_system epss
scoring_elements 0.75765
published_at 2026-04-13T12:55:00Z
9
value 0.00908
scoring_system epss
scoring_elements 0.75804
published_at 2026-04-16T12:55:00Z
10
value 0.00908
scoring_system epss
scoring_elements 0.75807
published_at 2026-04-18T12:55:00Z
11
value 0.00908
scoring_system epss
scoring_elements 0.75792
published_at 2026-04-21T12:55:00Z
12
value 0.00908
scoring_system epss
scoring_elements 0.75832
published_at 2026-04-24T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-2540
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2540
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2540
fixed_packages
0
url pkg:deb/debian/audacity@2.1.2-2
purl pkg:deb/debian/audacity@2.1.2-2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-veb9-7659-wfg7
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/audacity@2.1.2-2
aliases CVE-2016-2540
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-nxc6-nv2g-17g6
Risk_score1.4
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:deb/debian/audacity@2.1.2-2