Django REST framework

Lookup for vulnerable packages by Package URL.

Purl pkg:rpm/redhat/firefox@38.0-3?arch=el7_1

Type rpm

Namespace redhat

Name firefox

Version 38.0-3

Qualifiers

arch	el7_1

Subpath

Is_vulnerable true

Next_non_vulnerable_version null

Latest_non_vulnerable_version null

Affected_by_vulnerabilities

url

VCID-55t4-7jnq-j7fx

vulnerability_id

VCID-55t4-7jnq-j7fx

summary

Multiple vulnerabilities have been found in Firefox, Thunderbird,
    Network Security Services (NSS), and NetScape Portable Runtime (NSPR) with
    the worst of which may allow remote execution of arbitrary code.

references

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-2716.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-2716.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2015-2716

reference_id

reference_type

scores

value	0.05614
scoring_system	epss
scoring_elements	0.90342
published_at	2026-04-16T12:55:00Z

value	0.05614
scoring_system	epss
scoring_elements	0.90283
published_at	2026-04-01T12:55:00Z

value	0.05614
scoring_system	epss
scoring_elements	0.90286
published_at	2026-04-02T12:55:00Z

value	0.05614
scoring_system	epss
scoring_elements	0.90299
published_at	2026-04-04T12:55:00Z

value	0.05614
scoring_system	epss
scoring_elements	0.90303
published_at	2026-04-07T12:55:00Z

value	0.05614
scoring_system	epss
scoring_elements	0.90318
published_at	2026-04-08T12:55:00Z

value	0.05614
scoring_system	epss
scoring_elements	0.90325
published_at	2026-04-09T12:55:00Z

value	0.05614
scoring_system	epss
scoring_elements	0.90333
published_at	2026-04-11T12:55:00Z

value	0.05614
scoring_system	epss
scoring_elements	0.90332
published_at	2026-04-12T12:55:00Z

value	0.05614
scoring_system	epss
scoring_elements	0.90326
published_at	2026-04-13T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2015-2716

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3079
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3079

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0797
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0797

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2708
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2708

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2710
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2710

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2713
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2713

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2716
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2716

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1220607
reference_id	1220607
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1220607

reference_url	https://security.gentoo.org/glsa/201605-06
reference_id	GLSA-201605-06
reference_type
scores
url	https://security.gentoo.org/glsa/201605-06

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2015-54

reference_id

mfsa2015-54

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2015-54

reference_url	https://access.redhat.com/errata/RHSA-2015:0988
reference_id	RHSA-2015:0988
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2015:0988

reference_url	https://access.redhat.com/errata/RHSA-2015:1012
reference_id	RHSA-2015:1012
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2015:1012

reference_url	https://access.redhat.com/errata/RHSA-2020:1011
reference_id	RHSA-2020:1011
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:1011

reference_url	https://access.redhat.com/errata/RHSA-2020:2508
reference_id	RHSA-2020:2508
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:2508

reference_url	https://usn.ubuntu.com/2602-1/
reference_id	USN-2602-1
reference_type
scores
url	https://usn.ubuntu.com/2602-1/

reference_url	https://usn.ubuntu.com/2603-1/
reference_id	USN-2603-1
reference_type
scores
url	https://usn.ubuntu.com/2603-1/

fixed_packages

aliases

CVE-2015-2716

risk_score

4.5

exploitability

0.5

weighted_severity

9.0

resource_url

http://public2.vulnerablecode.io/vulnerabilities/VCID-55t4-7jnq-j7fx

url

VCID-et32-whyj-dyev

vulnerability_id

VCID-et32-whyj-dyev

summary

Security researcher Joshua Drake reported potential integer overflows in the libstagefright library while processing video sample metadata in MPEG4 video files. This can lead to a potentially exploitable crash.

references

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-4496.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-4496.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2015-4496

reference_id

reference_type

scores

value	0.01513
scoring_system	epss
scoring_elements	0.81249
published_at	2026-04-16T12:55:00Z

value	0.01513
scoring_system	epss
scoring_elements	0.81149
published_at	2026-04-01T12:55:00Z

value	0.01513
scoring_system	epss
scoring_elements	0.81158
published_at	2026-04-02T12:55:00Z

value	0.01513
scoring_system	epss
scoring_elements	0.81182
published_at	2026-04-04T12:55:00Z

value	0.01513
scoring_system	epss
scoring_elements	0.81181
published_at	2026-04-07T12:55:00Z

value	0.01513
scoring_system	epss
scoring_elements	0.81208
published_at	2026-04-08T12:55:00Z

value	0.01513
scoring_system	epss
scoring_elements	0.81214
published_at	2026-04-09T12:55:00Z

value	0.01513
scoring_system	epss
scoring_elements	0.81234
published_at	2026-04-11T12:55:00Z

value	0.01513
scoring_system	epss
scoring_elements	0.8122
published_at	2026-04-12T12:55:00Z

value	0.01513
scoring_system	epss
scoring_elements	0.81213
published_at	2026-04-13T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2015-4496

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1253550
reference_id	1253550
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1253550

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4496
reference_id	CVE-2015-4496
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4496

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2015-93

reference_id

mfsa2015-93

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2015-93

reference_url	https://access.redhat.com/errata/RHSA-2015:0988
reference_id	RHSA-2015:0988
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2015:0988

fixed_packages

aliases

CVE-2015-4496

risk_score

4.5

exploitability

0.5

weighted_severity

9.0

resource_url

http://public2.vulnerablecode.io/vulnerabilities/VCID-et32-whyj-dyev

Fixing_vulnerabilities

Risk_score 4.5

Resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/firefox@38.0-3%3Farch=el7_1

Package Instance