Django REST framework

Lookup for vulnerable packages by Package URL.

Purl pkg:deb/debian/audiofile@0.3.6-5

Type deb

Namespace debian

Name audiofile

Version 0.3.6-5

Qualifiers

Subpath

Is_vulnerable true

Next_non_vulnerable_version 0.3.6-5+deb12u1

Latest_non_vulnerable_version 0.3.6-5+deb12u1

Affected_by_vulnerabilities

url VCID-hfya-313d-mya7

vulnerability_id VCID-hfya-313d-mya7

summary

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-24599.json

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-24599.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2022-24599

reference_id

reference_type

scores

value	0.00201
scoring_system	epss
scoring_elements	0.42224
published_at	2026-06-11T12:55:00Z

value	0.00201
scoring_system	epss
scoring_elements	0.42388
published_at	2026-06-12T12:55:00Z

value	0.00201
scoring_system	epss
scoring_elements	0.4241
published_at	2026-06-13T12:55:00Z

value	0.00201
scoring_system	epss
scoring_elements	0.42399
published_at	2026-06-14T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2022-24599

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24599
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24599

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	4.4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1008017
reference_id	1008017
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1008017

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2058371
reference_id	2058371
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2058371

reference_url	https://usn.ubuntu.com/6558-1/
reference_id	USN-6558-1
reference_type
scores
url	https://usn.ubuntu.com/6558-1/

fixed_packages

url	pkg:deb/debian/audiofile@0.3.6-5%2Bdeb12u1
purl	pkg:deb/debian/audiofile@0.3.6-5%2Bdeb12u1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/audiofile@0.3.6-5%252Bdeb12u1

aliases CVE-2022-24599

risk_score 3.0

exploitability 0.5

weighted_severity 5.9

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-hfya-313d-mya7

url VCID-nq2j-2wry-myan

vulnerability_id VCID-nq2j-2wry-myan

summary

references

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-13147.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-13147.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2019-13147

reference_id

reference_type

scores

value	0.00126
scoring_system	epss
scoring_elements	0.31464
published_at	2026-06-11T12:55:00Z

value	0.00126
scoring_system	epss
scoring_elements	0.31655
published_at	2026-06-12T12:55:00Z

value	0.00126
scoring_system	epss
scoring_elements	0.31673
published_at	2026-06-13T12:55:00Z

value	0.00126
scoring_system	epss
scoring_elements	0.31656
published_at	2026-06-14T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2019-13147

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13147
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13147

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	3.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1726067
reference_id	1726067
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1726067

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=931343
reference_id	931343
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=931343

reference_url	https://usn.ubuntu.com/6558-1/
reference_id	USN-6558-1
reference_type
scores
url	https://usn.ubuntu.com/6558-1/

fixed_packages

url	pkg:deb/debian/audiofile@0.3.6-5%2Bdeb12u1
purl	pkg:deb/debian/audiofile@0.3.6-5%2Bdeb12u1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/audiofile@0.3.6-5%252Bdeb12u1

aliases CVE-2019-13147

risk_score 0.8

exploitability 0.5

weighted_severity 1.6

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-nq2j-2wry-myan

Fixing_vulnerabilities

url VCID-8c2z-8e7m-pke9

vulnerability_id VCID-8c2z-8e7m-pke9

summary

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-13440.json

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-13440.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2018-13440

reference_id

reference_type

scores

value	0.05654
scoring_system	epss
scoring_elements	0.90569
published_at	2026-06-11T12:55:00Z

value	0.05654
scoring_system	epss
scoring_elements	0.90599
published_at	2026-06-12T12:55:00Z

value	0.05654
scoring_system	epss
scoring_elements	0.90606
published_at	2026-06-14T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2018-13440

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-13440
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-13440

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	3.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1600367
reference_id	1600367
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1600367

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=903499
reference_id	903499
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=903499

reference_url	https://access.redhat.com/errata/RHSA-2020:3877
reference_id	RHSA-2020:3877
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:3877

reference_url	https://usn.ubuntu.com/3800-1/
reference_id	USN-3800-1
reference_type
scores
url	https://usn.ubuntu.com/3800-1/

reference_url	https://usn.ubuntu.com/6558-1/
reference_id	USN-6558-1
reference_type
scores
url	https://usn.ubuntu.com/6558-1/

fixed_packages

url pkg:deb/debian/audiofile@0.3.6-5

purl pkg:deb/debian/audiofile@0.3.6-5

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-hfya-313d-mya7

vulnerability	VCID-nq2j-2wry-myan

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/audiofile@0.3.6-5

aliases CVE-2018-13440

risk_score 2.4

exploitability 0.5

weighted_severity 4.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-8c2z-8e7m-pke9

url VCID-d85c-bz9k-vkdn

vulnerability_id VCID-d85c-bz9k-vkdn

summary An issue has been discovered in mpruett Audio File Library (aka audiofile) 0.3.6, 0.3.5, 0.3.4, 0.3.3, 0.3.2, 0.3.1, 0.3.0. A heap-based buffer overflow in Expand3To4Module::run has occurred when running sfconvert.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-17095.json

reference_id

reference_type

scores

value	7.0
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-17095.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2018-17095

reference_id

reference_type

scores

value	0.14976
scoring_system	epss
scoring_elements	0.94717
published_at	2026-06-11T12:55:00Z

value	0.14976
scoring_system	epss
scoring_elements	0.94735
published_at	2026-06-12T12:55:00Z

value	0.14976
scoring_system	epss
scoring_elements	0.94742
published_at	2026-06-13T12:55:00Z

value	0.14976
scoring_system	epss
scoring_elements	0.94744
published_at	2026-06-14T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2018-17095

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-17095
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-17095

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1631088
reference_id	1631088
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1631088

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=913166
reference_id	913166
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=913166

reference_url	https://access.redhat.com/errata/RHSA-2020:3877
reference_id	RHSA-2020:3877
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:3877

reference_url	https://usn.ubuntu.com/3800-1/
reference_id	USN-3800-1
reference_type
scores
url	https://usn.ubuntu.com/3800-1/

reference_url	https://usn.ubuntu.com/6558-1/
reference_id	USN-6558-1
reference_type
scores
url	https://usn.ubuntu.com/6558-1/

fixed_packages

url pkg:deb/debian/audiofile@0.3.6-5

purl pkg:deb/debian/audiofile@0.3.6-5

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-hfya-313d-mya7

vulnerability	VCID-nq2j-2wry-myan

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/audiofile@0.3.6-5

aliases CVE-2018-17095

risk_score 3.1

exploitability 0.5

weighted_severity 6.3

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-d85c-bz9k-vkdn

Risk_score 3.0

Resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/audiofile@0.3.6-5

Package Instance