Django REST framework

Lookup for vulnerable packages by Package URL.

Purl pkg:rpm/redhat/edk2@20190308git89910a39dcfd-6?arch=el8

Type rpm

Namespace redhat

Name edk2

Version 20190308git89910a39dcfd-6

Qualifiers

arch	el8

Subpath

Is_vulnerable true

Next_non_vulnerable_version null

Latest_non_vulnerable_version null

Affected_by_vulnerabilities

url

VCID-dst7-q1b4-63ft

vulnerability_id

VCID-dst7-q1b4-63ft

summary

edk2: Stack buffer overflow with corrupted BMP

references

reference_url	http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00030.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00030.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00048.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00048.html

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-12181.json

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-12181.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2018-12181

reference_id

reference_type

scores

value	0.00139
scoring_system	epss
scoring_elements	0.33774
published_at	2026-04-01T12:55:00Z

value	0.00139
scoring_system	epss
scoring_elements	0.33998
published_at	2026-04-21T12:55:00Z

value	0.00139
scoring_system	epss
scoring_elements	0.34033
published_at	2026-04-18T12:55:00Z

value	0.00139
scoring_system	epss
scoring_elements	0.3401
published_at	2026-04-13T12:55:00Z

value	0.00139
scoring_system	epss
scoring_elements	0.34045
published_at	2026-04-16T12:55:00Z

value	0.00139
scoring_system	epss
scoring_elements	0.34112
published_at	2026-04-02T12:55:00Z

value	0.00139
scoring_system	epss
scoring_elements	0.34144
published_at	2026-04-04T12:55:00Z

value	0.00139
scoring_system	epss
scoring_elements	0.34004
published_at	2026-04-07T12:55:00Z

value	0.00139
scoring_system	epss
scoring_elements	0.34046
published_at	2026-04-08T12:55:00Z

value	0.00139
scoring_system	epss
scoring_elements	0.34078
published_at	2026-04-09T12:55:00Z

value	0.00139
scoring_system	epss
scoring_elements	0.34076
published_at	2026-04-11T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2018-12181

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12181
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12181

reference_url	https://edk2-docs.gitbooks.io/security-advisory/content/stack-overflow-on-corrupted-bmp.html
reference_id
reference_type
scores
url	https://edk2-docs.gitbooks.io/security-advisory/content/stack-overflow-on-corrupted-bmp.html

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4ABTDKZK2G5XP6JCO3HXMPOA2NRTIYDZ/
reference_id
reference_type
scores
url	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4ABTDKZK2G5XP6JCO3HXMPOA2NRTIYDZ/

reference_url	https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03912en_us
reference_id
reference_type
scores
url	https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03912en_us

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1686783
reference_id	1686783
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1686783

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=924615
reference_id	924615
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=924615

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:tianocore:edk_ii:-:::::::*
reference_id	cpe:2.3:a:tianocore:edk_ii:-:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:tianocore:edk_ii:-:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2018-12181

reference_id

CVE-2018-12181

reference_type

scores

value	3.6
scoring_system	cvssv2
scoring_elements	AV:L/AC:L/Au:N/C:N/I:P/A:P

value	6.0
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H

url

https://nvd.nist.gov/vuln/detail/CVE-2018-12181

reference_url	https://access.redhat.com/errata/RHSA-2019:2125
reference_id	RHSA-2019:2125
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2019:2125

reference_url	https://access.redhat.com/errata/RHSA-2019:3338
reference_id	RHSA-2019:3338
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2019:3338

reference_url	https://usn.ubuntu.com/4349-1/
reference_id	USN-4349-1
reference_type
scores
url	https://usn.ubuntu.com/4349-1/

fixed_packages

aliases

CVE-2018-12181

risk_score

2.7

exploitability

0.5

weighted_severity

5.4

resource_url

http://public2.vulnerablecode.io/vulnerabilities/VCID-dst7-q1b4-63ft

url

VCID-q448-gmmp-pkaa

vulnerability_id

VCID-q448-gmmp-pkaa

summary

edk2: stack overflow in XHCI causing denial of service

references

reference_url	http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00019.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00019.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00046.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00046.html

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-0161.json

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-0161.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2019-0161

reference_id

reference_type

scores

value	0.00045
scoring_system	epss
scoring_elements	0.13913
published_at	2026-04-01T12:55:00Z

value	0.00045
scoring_system	epss
scoring_elements	0.13841
published_at	2026-04-21T12:55:00Z

value	0.00045
scoring_system	epss
scoring_elements	0.13863
published_at	2026-04-13T12:55:00Z

value	0.00045
scoring_system	epss
scoring_elements	0.13771
published_at	2026-04-16T12:55:00Z

value	0.00045
scoring_system	epss
scoring_elements	0.13767
published_at	2026-04-18T12:55:00Z

value	0.00045
scoring_system	epss
scoring_elements	0.13996
published_at	2026-04-02T12:55:00Z

value	0.00045
scoring_system	epss
scoring_elements	0.14051
published_at	2026-04-04T12:55:00Z

value	0.00045
scoring_system	epss
scoring_elements	0.13854
published_at	2026-04-07T12:55:00Z

value	0.00045
scoring_system	epss
scoring_elements	0.13939
published_at	2026-04-08T12:55:00Z

value	0.00045
scoring_system	epss
scoring_elements	0.13992
published_at	2026-04-09T12:55:00Z

value	0.00045
scoring_system	epss
scoring_elements	0.13948
published_at	2026-04-11T12:55:00Z

value	0.00045
scoring_system	epss
scoring_elements	0.13911
published_at	2026-04-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2019-0161

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-0161
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-0161

reference_url	https://edk2-docs.gitbooks.io/security-advisory/content/xhci-stack-local-stack-overflow.html
reference_id
reference_type
scores
url	https://edk2-docs.gitbooks.io/security-advisory/content/xhci-stack-local-stack-overflow.html

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://lists.debian.org/debian-lts-announce/2021/04/msg00032.html
reference_id
reference_type
scores
url	https://lists.debian.org/debian-lts-announce/2021/04/msg00032.html

reference_url	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TQYVZRFEXSN3KS43AVH4D7QX553EZQYP/
reference_id
reference_type
scores
url	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TQYVZRFEXSN3KS43AVH4D7QX553EZQYP/

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1694065
reference_id	1694065
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1694065

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:tianocore:edk_ii:-:::::::*
reference_id	cpe:2.3:a:tianocore:edk_ii:-:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:tianocore:edk_ii:-:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2019-0161

reference_id

CVE-2019-0161

reference_type

scores

value	2.1
scoring_system	cvssv2
scoring_elements	AV:L/AC:L/Au:N/C:N/I:N/A:P

value	5.5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

url

https://nvd.nist.gov/vuln/detail/CVE-2019-0161

reference_url	https://access.redhat.com/errata/RHSA-2019:2125
reference_id	RHSA-2019:2125
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2019:2125

reference_url	https://access.redhat.com/errata/RHSA-2019:2437
reference_id	RHSA-2019:2437
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2019:2437

reference_url	https://access.redhat.com/errata/RHSA-2019:3338
reference_id	RHSA-2019:3338
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2019:3338

reference_url	https://usn.ubuntu.com/7060-1/
reference_id	USN-7060-1
reference_type
scores
url	https://usn.ubuntu.com/7060-1/

fixed_packages

aliases

CVE-2019-0161

risk_score

2.6

exploitability

0.5

weighted_severity

5.3

resource_url

http://public2.vulnerablecode.io/vulnerabilities/VCID-q448-gmmp-pkaa

url

VCID-s69t-vde7-1fem

vulnerability_id

VCID-s69t-vde7-1fem

summary

edk2: Buffer overflows in PartitionDxe and UdfDxe with long file names and invalid UDF media

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-0160.json

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-0160.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2019-0160

reference_id

reference_type

scores

value	0.0028
scoring_system	epss
scoring_elements	0.51303
published_at	2026-04-01T12:55:00Z

value	0.0028
scoring_system	epss
scoring_elements	0.51432
published_at	2026-04-21T12:55:00Z

value	0.0028
scoring_system	epss
scoring_elements	0.51416
published_at	2026-04-12T12:55:00Z

value	0.0028
scoring_system	epss
scoring_elements	0.51402
published_at	2026-04-13T12:55:00Z

value	0.0028
scoring_system	epss
scoring_elements	0.51444
published_at	2026-04-16T12:55:00Z

value	0.0028
scoring_system	epss
scoring_elements	0.51453
published_at	2026-04-18T12:55:00Z

value	0.0028
scoring_system	epss
scoring_elements	0.51356
published_at	2026-04-02T12:55:00Z

value	0.0028
scoring_system	epss
scoring_elements	0.51382
published_at	2026-04-04T12:55:00Z

value	0.0028
scoring_system	epss
scoring_elements	0.51341
published_at	2026-04-07T12:55:00Z

value	0.0028
scoring_system	epss
scoring_elements	0.51395
published_at	2026-04-08T12:55:00Z

value	0.0028
scoring_system	epss
scoring_elements	0.51393
published_at	2026-04-09T12:55:00Z

value	0.0028
scoring_system	epss
scoring_elements	0.51437
published_at	2026-04-11T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2019-0160

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-0160
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-0160

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://tianocore-docs.github.io/SecurityAdvisory/draft/partitiondxe-and-udf-buffer-overflow.html
reference_id
reference_type
scores
url	https://tianocore-docs.github.io/SecurityAdvisory/draft/partitiondxe-and-udf-buffer-overflow.html

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1691640
reference_id	1691640
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1691640

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:tianocore:edk_ii:-:::::::*
reference_id	cpe:2.3:a:tianocore:edk_ii:-:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:tianocore:edk_ii:-:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:30:::::::*
reference_id	cpe:2.3:o:fedoraproject:fedora:30:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:30:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.0:::::::*
reference_id	cpe:2.3:o:opensuse:leap:15.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:8.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux:8.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:8.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:8.1:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_eus:8.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:8.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:8.2:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_eus:8.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:8.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:8.4:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_eus:8.4:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:8.4:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:8.2:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server_aus:8.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:8.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:8.4:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server_aus:8.4:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:8.4:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:8.2:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server_tus:8.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:8.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:8.4:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server_tus:8.4:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:8.4:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2019-0160

reference_id

CVE-2019-0160

reference_type

scores

value	7.5
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:P/I:P/A:P

value	8.7
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:H

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

url

https://nvd.nist.gov/vuln/detail/CVE-2019-0160

reference_url	https://access.redhat.com/errata/RHSA-2019:2125
reference_id	RHSA-2019:2125
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2019:2125

reference_url	https://access.redhat.com/errata/RHSA-2019:3338
reference_id	RHSA-2019:3338
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2019:3338

reference_url	https://usn.ubuntu.com/6920-1/
reference_id	USN-6920-1
reference_type
scores
url	https://usn.ubuntu.com/6920-1/

fixed_packages

aliases

CVE-2019-0160

risk_score

4.4

exploitability

0.5

weighted_severity

8.8

resource_url

http://public2.vulnerablecode.io/vulnerabilities/VCID-s69t-vde7-1fem

Fixing_vulnerabilities

Risk_score 4.4

Resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/edk2@20190308git89910a39dcfd-6%3Farch=el8

Package Instance