Django REST framework

Lookup for vulnerable packages by Package URL.

Purl pkg:deb/debian/chromium@147.0.7727.55-1

Type deb

Namespace debian

Name chromium

Version 147.0.7727.55-1

Qualifiers

Subpath

Is_vulnerable true

Next_non_vulnerable_version 147.0.7727.101-1

Latest_non_vulnerable_version 147.0.7727.101-1

Affected_by_vulnerabilities

url VCID-dzf3-492x-budu

vulnerability_id VCID-dzf3-492x-budu

summary Use after free in Codecs in Google Chrome prior to 147.0.7727.101 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-6303.json

reference_id

reference_type

scores

value	9.6
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-6303.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2026-6303

reference_id

reference_type

scores

value	0.00048
scoring_system	epss
scoring_elements	0.14679
published_at	2026-04-21T12:55:00Z

value	0.0008
scoring_system	epss
scoring_elements	0.2357
published_at	2026-04-16T12:55:00Z

value	0.00128
scoring_system	epss
scoring_elements	0.3218
published_at	2026-04-18T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2026-6303

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6303
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6303

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2458804
reference_id	2458804
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2458804

reference_url

https://issues.chromium.org/issues/496282147

reference_id

496282147

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-16T03:56:03Z/

url

https://issues.chromium.org/issues/496282147

reference_url

https://chromereleases.googleblog.com/2026/04/stable-channel-update-for-desktop_15.html

reference_id

stable-channel-update-for-desktop_15.html

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-16T03:56:03Z/

url

https://chromereleases.googleblog.com/2026/04/stable-channel-update-for-desktop_15.html

fixed_packages

url	pkg:deb/debian/chromium@147.0.7727.101-1
purl	pkg:deb/debian/chromium@147.0.7727.101-1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@147.0.7727.101-1

aliases CVE-2026-6303

risk_score 4.3

exploitability 0.5

weighted_severity 8.6

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-dzf3-492x-budu

url VCID-erxp-a8pr-zyff

vulnerability_id VCID-erxp-a8pr-zyff

summary Heap buffer overflow in ANGLE in Google Chrome prior to 147.0.7727.101 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Critical)

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-6296.json

reference_id

reference_type

scores

value	9.6
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-6296.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2026-6296

reference_id

reference_type

scores

value	0.00021
scoring_system	epss
scoring_elements	0.05735
published_at	2026-04-16T12:55:00Z

value	0.00025
scoring_system	epss
scoring_elements	0.06911
published_at	2026-04-18T12:55:00Z

value	0.00027
scoring_system	epss
scoring_elements	0.07751
published_at	2026-04-21T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2026-6296

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6296
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6296

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2458783
reference_id	2458783
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2458783

reference_url

https://issues.chromium.org/issues/490170083

reference_id

490170083

reference_type

scores

value	9.6
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-15T20:12:28Z/

url

https://issues.chromium.org/issues/490170083

reference_url

https://chromereleases.googleblog.com/2026/04/stable-channel-update-for-desktop_15.html

reference_id

stable-channel-update-for-desktop_15.html

reference_type

scores

value	9.6
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-15T20:12:28Z/

url

https://chromereleases.googleblog.com/2026/04/stable-channel-update-for-desktop_15.html

fixed_packages

url	pkg:deb/debian/chromium@147.0.7727.101-1
purl	pkg:deb/debian/chromium@147.0.7727.101-1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@147.0.7727.101-1

aliases CVE-2026-6296

risk_score 4.3

exploitability 0.5

weighted_severity 8.6

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-erxp-a8pr-zyff

url VCID-jku3-pwsy-bufq

vulnerability_id VCID-jku3-pwsy-bufq

summary Uninitialized Use in Accessibility in Google Chrome on Windows prior to 147.0.7727.101 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-6311.json

reference_id

reference_type

scores

value	9.0
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-6311.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2026-6311

reference_id

reference_type

scores

value	0.00023
scoring_system	epss
scoring_elements	0.06063
published_at	2026-04-16T12:55:00Z

value	0.00027
scoring_system	epss
scoring_elements	0.07413
published_at	2026-04-18T12:55:00Z

value	0.00029
scoring_system	epss
scoring_elements	0.08277
published_at	2026-04-21T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2026-6311

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6311
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6311

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2458780
reference_id	2458780
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2458780

reference_url

https://issues.chromium.org/issues/498201025

reference_id

498201025

reference_type

scores

value	8.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-15T20:10:59Z/

url

https://issues.chromium.org/issues/498201025

reference_url

https://chromereleases.googleblog.com/2026/04/stable-channel-update-for-desktop_15.html

reference_id

stable-channel-update-for-desktop_15.html

reference_type

scores

value	8.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-15T20:10:59Z/

url

https://chromereleases.googleblog.com/2026/04/stable-channel-update-for-desktop_15.html

fixed_packages

url	pkg:deb/debian/chromium@147.0.7727.101-1
purl	pkg:deb/debian/chromium@147.0.7727.101-1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@147.0.7727.101-1

aliases CVE-2026-6311

risk_score 4.0

exploitability 0.5

weighted_severity 8.1

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-jku3-pwsy-bufq

url VCID-jqs4-fgj9-63g7

vulnerability_id VCID-jqs4-fgj9-63g7

summary Use after free in Proxy in Google Chrome prior to 147.0.7727.101 allowed an attacker in a privileged network position to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Critical)

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-6297.json

reference_id

reference_type

scores

value	8.3
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-6297.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2026-6297

reference_id

reference_type

scores

value	0.0001
scoring_system	epss
scoring_elements	0.01076
published_at	2026-04-18T12:55:00Z

value	0.00011
scoring_system	epss
scoring_elements	0.0134
published_at	2026-04-21T12:55:00Z

value	6e-05
scoring_system	epss
scoring_elements	0.00355
published_at	2026-04-16T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2026-6297

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6297
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6297

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2458794
reference_id	2458794
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2458794

reference_url

https://issues.chromium.org/issues/493628982

reference_id

493628982

reference_type

scores

value	8.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-15T19:43:24Z/

url

https://issues.chromium.org/issues/493628982

reference_url

https://chromereleases.googleblog.com/2026/04/stable-channel-update-for-desktop_15.html

reference_id

stable-channel-update-for-desktop_15.html

reference_type

scores

value	8.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-15T19:43:24Z/

url

https://chromereleases.googleblog.com/2026/04/stable-channel-update-for-desktop_15.html

fixed_packages

url	pkg:deb/debian/chromium@147.0.7727.101-1
purl	pkg:deb/debian/chromium@147.0.7727.101-1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@147.0.7727.101-1

aliases CVE-2026-6297

risk_score 3.8

exploitability 0.5

weighted_severity 7.5

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-jqs4-fgj9-63g7

url VCID-k82r-r6dh-qfem

vulnerability_id VCID-k82r-r6dh-qfem

summary chromium-browser: Use after free in CSS

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-6300.json

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-6300.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2026-6300

reference_id

reference_type

scores

value	0.00028
scoring_system	epss
scoring_elements	0.07722
published_at	2026-04-16T12:55:00Z

value	0.00044
scoring_system	epss
scoring_elements	0.13367
published_at	2026-04-18T12:55:00Z

value	0.00048
scoring_system	epss
scoring_elements	0.14679
published_at	2026-04-21T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2026-6300

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6300
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6300

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2458775
reference_id	2458775
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2458775

reference_url

https://issues.chromium.org/issues/491994185

reference_id

491994185

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-15T19:49:54Z/

url

https://issues.chromium.org/issues/491994185

reference_url

https://chromereleases.googleblog.com/2026/04/stable-channel-update-for-desktop_15.html

reference_id

stable-channel-update-for-desktop_15.html

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-15T19:49:54Z/

url

https://chromereleases.googleblog.com/2026/04/stable-channel-update-for-desktop_15.html

fixed_packages

url	pkg:deb/debian/chromium@147.0.7727.101-1
purl	pkg:deb/debian/chromium@147.0.7727.101-1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@147.0.7727.101-1

aliases CVE-2026-6300

risk_score 4.0

exploitability 0.5

weighted_severity 7.9

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-k82r-r6dh-qfem

url VCID-my86-8n81-y3hd

vulnerability_id VCID-my86-8n81-y3hd

summary Type Confusion in Turbofan in Google Chrome prior to 147.0.7727.101 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-6307.json

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-6307.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2026-6307

reference_id

reference_type

scores

value	0.00028
scoring_system	epss
scoring_elements	0.0783
published_at	2026-04-16T12:55:00Z

value	0.00033
scoring_system	epss
scoring_elements	0.09433
published_at	2026-04-18T12:55:00Z

value	0.00036
scoring_system	epss
scoring_elements	0.10563
published_at	2026-04-21T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2026-6307

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6307
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6307

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2458799
reference_id	2458799
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2458799

reference_url

https://issues.chromium.org/issues/497404188

reference_id

497404188

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-15T19:51:52Z/

url

https://issues.chromium.org/issues/497404188

reference_url

https://chromereleases.googleblog.com/2026/04/stable-channel-update-for-desktop_15.html

reference_id

stable-channel-update-for-desktop_15.html

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-15T19:51:52Z/

url

https://chromereleases.googleblog.com/2026/04/stable-channel-update-for-desktop_15.html

fixed_packages

url	pkg:deb/debian/chromium@147.0.7727.101-1
purl	pkg:deb/debian/chromium@147.0.7727.101-1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@147.0.7727.101-1

aliases CVE-2026-6307

risk_score 4.0

exploitability 0.5

weighted_severity 7.9

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-my86-8n81-y3hd

url VCID-q17c-ud54-5ydd

vulnerability_id VCID-q17c-ud54-5ydd

summary Heap buffer overflow in PDFium in Google Chrome prior to 147.0.7727.101 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted PDF file. (Chromium security severity: High)

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-6306.json

reference_id

reference_type

scores

value	9.6
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-6306.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2026-6306

reference_id

reference_type

scores

value	0.00031
scoring_system	epss
scoring_elements	0.0907
published_at	2026-04-21T12:55:00Z

value	0.00071
scoring_system	epss
scoring_elements	0.21771
published_at	2026-04-16T12:55:00Z

value	0.00084
scoring_system	epss
scoring_elements	0.24477
published_at	2026-04-18T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2026-6306

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6306
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6306

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2458778
reference_id	2458778
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2458778

reference_url

https://issues.chromium.org/issues/496907110

reference_id

496907110

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-16T03:56:12Z/

url

https://issues.chromium.org/issues/496907110

reference_url

https://chromereleases.googleblog.com/2026/04/stable-channel-update-for-desktop_15.html

reference_id

stable-channel-update-for-desktop_15.html

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-16T03:56:12Z/

url

https://chromereleases.googleblog.com/2026/04/stable-channel-update-for-desktop_15.html

fixed_packages

url	pkg:deb/debian/chromium@147.0.7727.101-1
purl	pkg:deb/debian/chromium@147.0.7727.101-1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@147.0.7727.101-1

aliases CVE-2026-6306

risk_score 4.3

exploitability 0.5

weighted_severity 8.6

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-q17c-ud54-5ydd

Fixing_vulnerabilities

Risk_score 4.3

Resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@147.0.7727.55-1

Package Instance