Django REST framework

Lookup for vulnerable packages by Package URL.

Purl pkg:deb/debian/pound@2.6-2?distro=trixie

Type deb

Namespace debian

Name pound

Version 2.6-2

Qualifiers

distro	trixie

Subpath

Is_vulnerable false

Next_non_vulnerable_version 2.6-3

Latest_non_vulnerable_version 4.23-2

Affected_by_vulnerabilities

Fixing_vulnerabilities

url VCID-64mt-9155-tkbv

vulnerability_id VCID-64mt-9155-tkbv

summary The SSL protocol, as used in certain configurations in Microsoft Windows and Microsoft Internet Explorer, Mozilla Firefox, Google Chrome, Opera, and other products, encrypts data by using CBC mode with chained initialization vectors, which allows man-in-the-middle attackers to obtain plaintext HTTP headers via a blockwise chosen-boundary attack (BCBA) on an HTTPS session, in conjunction with JavaScript code that uses (1) the HTML5 WebSocket API, (2) the Java URLConnection API, or (3) the Silverlight WebClient API, aka a "BEAST" attack.

references

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-3389.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-3389.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2011-3389

reference_id

reference_type

scores

value	0.03832
scoring_system	epss
scoring_elements	0.88361
published_at	2026-06-04T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2011-3389

reference_url

https://curl.se/docs/CVE-2011-3389.html

reference_id

reference_type

scores

value	High
scoring_system	cvssv3.1
scoring_elements

url

https://curl.se/docs/CVE-2011-3389.html

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=737506
reference_id	737506
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=737506

reference_url	https://security.gentoo.org/glsa/201111-02
reference_id	GLSA-201111-02
reference_type
scores
url	https://security.gentoo.org/glsa/201111-02

reference_url	https://security.gentoo.org/glsa/201203-02
reference_id	GLSA-201203-02
reference_type
scores
url	https://security.gentoo.org/glsa/201203-02

reference_url	https://security.gentoo.org/glsa/201301-01
reference_id	GLSA-201301-01
reference_type
scores
url	https://security.gentoo.org/glsa/201301-01

reference_url	https://security.gentoo.org/glsa/201406-32
reference_id	GLSA-201406-32
reference_type
scores
url	https://security.gentoo.org/glsa/201406-32

reference_url	https://access.redhat.com/errata/RHSA-2011:1380
reference_id	RHSA-2011:1380
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2011:1380

reference_url	https://access.redhat.com/errata/RHSA-2011:1384
reference_id	RHSA-2011:1384
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2011:1384

reference_url	https://access.redhat.com/errata/RHSA-2012:0006
reference_id	RHSA-2012:0006
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2012:0006

reference_url	https://access.redhat.com/errata/RHSA-2012:0034
reference_id	RHSA-2012:0034
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2012:0034

reference_url	https://access.redhat.com/errata/RHSA-2012:0343
reference_id	RHSA-2012:0343
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2012:0343

reference_url	https://access.redhat.com/errata/RHSA-2012:0508
reference_id	RHSA-2012:0508
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2012:0508

reference_url	https://access.redhat.com/errata/RHSA-2013:1455
reference_id	RHSA-2013:1455
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2013:1455

fixed_packages

url	pkg:deb/debian/pound@2.6-2?distro=trixie
purl	pkg:deb/debian/pound@2.6-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/pound@2.6-2%3Fdistro=trixie

url	pkg:deb/debian/pound@3.0-2?distro=trixie
purl	pkg:deb/debian/pound@3.0-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/pound@3.0-2%3Fdistro=trixie

url	pkg:deb/debian/pound@4.16-3?distro=trixie
purl	pkg:deb/debian/pound@4.16-3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/pound@4.16-3%3Fdistro=trixie

url	pkg:deb/debian/pound@4.23-1?distro=trixie
purl	pkg:deb/debian/pound@4.23-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/pound@4.23-1%3Fdistro=trixie

url	pkg:deb/debian/pound@4.23-2?distro=trixie
purl	pkg:deb/debian/pound@4.23-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/pound@4.23-2%3Fdistro=trixie

aliases CVE-2011-3389

risk_score 3.1

exploitability 0.5

weighted_severity 6.2

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-64mt-9155-tkbv

Risk_score null

Resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/pound@2.6-2%3Fdistro=trixie

Package Instance