Django REST framework

Lookup for vulnerable packages by Package URL.

Purl pkg:deb/debian/bochs@1.4pre2-1

Type deb

Namespace debian

Name bochs

Version 1.4pre2-1

Qualifiers

Subpath

Is_vulnerable true

Next_non_vulnerable_version 2.3.7-1

Latest_non_vulnerable_version 2.3.7-1

Affected_by_vulnerabilities

url VCID-3xye-q9rz-p7es

vulnerability_id VCID-3xye-q9rz-p7es

summary

Multiple vulnerabilities have been discovered in Bochs, possibly allowing
    for the execution of arbitrary code or a Denial of Service.

references

reference_url	http://bugs.gentoo.org/show_bug.cgi?id=188148
reference_id
reference_type
scores
url	http://bugs.gentoo.org/show_bug.cgi?id=188148

reference_url	http://osvdb.org/36799
reference_id
reference_type
scores
url	http://osvdb.org/36799

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-2893.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-2893.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2007-2893

reference_id

reference_type

scores

value	0.00059
scoring_system	epss
scoring_elements	0.18364
published_at	2026-04-24T12:55:00Z

value	0.00059
scoring_system	epss
scoring_elements	0.18534
published_at	2026-04-01T12:55:00Z

value	0.00059
scoring_system	epss
scoring_elements	0.18675
published_at	2026-04-02T12:55:00Z

value	0.00059
scoring_system	epss
scoring_elements	0.18729
published_at	2026-04-04T12:55:00Z

value	0.00059
scoring_system	epss
scoring_elements	0.18445
published_at	2026-04-07T12:55:00Z

value	0.00059
scoring_system	epss
scoring_elements	0.18525
published_at	2026-04-08T12:55:00Z

value	0.00059
scoring_system	epss
scoring_elements	0.18578
published_at	2026-04-09T12:55:00Z

value	0.00059
scoring_system	epss
scoring_elements	0.18582
published_at	2026-04-11T12:55:00Z

value	0.00059
scoring_system	epss
scoring_elements	0.18535
published_at	2026-04-12T12:55:00Z

value	0.00059
scoring_system	epss
scoring_elements	0.18484
published_at	2026-04-13T12:55:00Z

value	0.00059
scoring_system	epss
scoring_elements	0.18427
published_at	2026-04-16T12:55:00Z

value	0.00059
scoring_system	epss
scoring_elements	0.18439
published_at	2026-04-18T12:55:00Z

value	0.00059
scoring_system	epss
scoring_elements	0.18462
published_at	2026-04-21T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2007-2893

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2893
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2893

reference_url	http://secunia.com/advisories/25470
reference_id
reference_type
scores
url	http://secunia.com/advisories/25470

reference_url	http://secunia.com/advisories/26364
reference_id
reference_type
scores
url	http://secunia.com/advisories/26364

reference_url	http://secunia.com/advisories/27715
reference_id
reference_type
scores
url	http://secunia.com/advisories/27715

reference_url	http://security.gentoo.org/glsa/glsa-200711-21.xml
reference_id
reference_type
scores
url	http://security.gentoo.org/glsa/glsa-200711-21.xml

reference_url	https://exchange.xforce.ibmcloud.com/vulnerabilities/34508
reference_id
reference_type
scores
url	https://exchange.xforce.ibmcloud.com/vulnerabilities/34508

reference_url	http://taviso.decsystem.org/virtsec.pdf
reference_id
reference_type
scores
url	http://taviso.decsystem.org/virtsec.pdf

reference_url	http://www.debian.org/security/2007/dsa-1351
reference_id
reference_type
scores
url	http://www.debian.org/security/2007/dsa-1351

reference_url	http://www.securityfocus.com/bid/24246
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/24246

reference_url	http://www.vupen.com/english/advisories/2007/1936
reference_id
reference_type
scores
url	http://www.vupen.com/english/advisories/2007/1936

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=237347
reference_id	237347
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=237347

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=427144
reference_id	427144
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=427144

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:bochs_project:bochs:2.3:-::::::
reference_id	cpe:2.3:a:bochs_project:bochs:2.3:-::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:bochs_project:bochs:2.3:-::::::

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2007-2893

reference_id

CVE-2007-2893

reference_type

scores

value	7.2
scoring_system	cvssv2
scoring_elements	AV:L/AC:L/Au:N/C:C/I:C/A:C

url

https://nvd.nist.gov/vuln/detail/CVE-2007-2893

reference_url	https://security.gentoo.org/glsa/200711-21
reference_id	GLSA-200711-21
reference_type
scores
url	https://security.gentoo.org/glsa/200711-21

fixed_packages

url	pkg:deb/debian/bochs@2.3.7-1
purl	pkg:deb/debian/bochs@2.3.7-1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/bochs@2.3.7-1

aliases CVE-2007-2893

risk_score 3.2

exploitability 0.5

weighted_severity 6.5

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-3xye-q9rz-p7es

url VCID-6ujq-6gej-d7ed

vulnerability_id VCID-6ujq-6gej-d7ed

summary Buffer overflow in Bochs before 2.1.1, if installed setuid, allows local users to execute arbitrary code via a long HOME environment variable, which is used if the .bochsrc, bochsrc, and bochsrc.txt cannot be found in a known path. NOTE: some external documents recommend that Bochs be installed setuid root, so this should be treated as a vulnerability.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2004-2372

reference_id

reference_type

scores

value	0.00123
scoring_system	epss
scoring_elements	0.31369
published_at	2026-04-01T12:55:00Z

value	0.00123
scoring_system	epss
scoring_elements	0.31507
published_at	2026-04-02T12:55:00Z

value	0.00123
scoring_system	epss
scoring_elements	0.31549
published_at	2026-04-04T12:55:00Z

value	0.00123
scoring_system	epss
scoring_elements	0.31367
published_at	2026-04-07T12:55:00Z

value	0.00123
scoring_system	epss
scoring_elements	0.3142
published_at	2026-04-08T12:55:00Z

value	0.00123
scoring_system	epss
scoring_elements	0.31451
published_at	2026-04-09T12:55:00Z

value	0.00123
scoring_system	epss
scoring_elements	0.31454
published_at	2026-04-11T12:55:00Z

value	0.00123
scoring_system	epss
scoring_elements	0.31411
published_at	2026-04-12T12:55:00Z

value	0.00123
scoring_system	epss
scoring_elements	0.31375
published_at	2026-04-13T12:55:00Z

value	0.00123
scoring_system	epss
scoring_elements	0.31409
published_at	2026-04-16T12:55:00Z

value	0.00123
scoring_system	epss
scoring_elements	0.31389
published_at	2026-04-18T12:55:00Z

value	0.00123
scoring_system	epss
scoring_elements	0.3136
published_at	2026-04-21T12:55:00Z

value	0.00123
scoring_system	epss
scoring_elements	0.3119
published_at	2026-04-24T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2004-2372

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-2372
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-2372

fixed_packages

url pkg:deb/debian/bochs@2.1.1%2B20041109-3sarge1

purl pkg:deb/debian/bochs@2.1.1%2B20041109-3sarge1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-3xye-q9rz-p7es

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/bochs@2.1.1%252B20041109-3sarge1

aliases CVE-2004-2372

risk_score null

exploitability 0.5

weighted_severity 0.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-6ujq-6gej-d7ed

Fixing_vulnerabilities

Risk_score 3.2

Resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/bochs@1.4pre2-1

Package Instance