Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:rpm/redhat/openstack-cinder@2012.2.3-4?arch=el6ost
Typerpm
Namespaceredhat
Nameopenstack-cinder
Version2012.2.3-4
Qualifiers
arch el6ost
Subpath
Is_vulnerabletrue
Next_non_vulnerable_versionnull
Latest_non_vulnerable_versionnull
Affected_by_vulnerabilities
0
url VCID-8yfq-hpqh-zqcp
vulnerability_id VCID-8yfq-hpqh-zqcp
summary 
XML External Entity (XXE) in Django
The XML libraries for Python as used in OpenStack Keystone Essex and Folsom, Django, and possibly other products allow remote attackers to read arbitrary files via an XML external entity declaration in conjunction with an entity reference, aka an XML External Entity (XXE) attack.
references
0
reference_url http://blog.python.org/2013/02/announcing-defusedxml-fixes-for-xml.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://blog.python.org/2013/02/announcing-defusedxml-fixes-for-xml.html
1
reference_url http://bugs.python.org/issue17239
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://bugs.python.org/issue17239
2
reference_url http://lists.openstack.org/pipermail/openstack-announce/2013-February/000078.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://lists.openstack.org/pipermail/openstack-announce/2013-February/000078.html
3
reference_url http://rhn.redhat.com/errata/RHSA-2013-0657.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2013-0657.html
4
reference_url http://rhn.redhat.com/errata/RHSA-2013-0658.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2013-0658.html
5
reference_url http://rhn.redhat.com/errata/RHSA-2013-0670.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2013-0670.html
6
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-1665.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-1665.json
7
reference_url https://api.first.org/data/v1/epss?cve=CVE-2013-1665
reference_id
reference_type
scores
0
value 0.02995
scoring_system epss
scoring_elements 0.86572
published_at 2026-04-16T12:55:00Z
1
value 0.02995
scoring_system epss
scoring_elements 0.86495
published_at 2026-04-01T12:55:00Z
2
value 0.02995
scoring_system epss
scoring_elements 0.86505
published_at 2026-04-02T12:55:00Z
3
value 0.02995
scoring_system epss
scoring_elements 0.86524
published_at 2026-04-04T12:55:00Z
4
value 0.02995
scoring_system epss
scoring_elements 0.86523
published_at 2026-04-07T12:55:00Z
5
value 0.02995
scoring_system epss
scoring_elements 0.86543
published_at 2026-04-08T12:55:00Z
6
value 0.02995
scoring_system epss
scoring_elements 0.86553
published_at 2026-04-09T12:55:00Z
7
value 0.02995
scoring_system epss
scoring_elements 0.86567
published_at 2026-04-11T12:55:00Z
8
value 0.02995
scoring_system epss
scoring_elements 0.86564
published_at 2026-04-12T12:55:00Z
9
value 0.02995
scoring_system epss
scoring_elements 0.86557
published_at 2026-04-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2013-1665
8
reference_url https://bugs.launchpad.net/keystone/+bug/1100279
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://bugs.launchpad.net/keystone/+bug/1100279
9
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1665
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1665
10
reference_url https://github.com/django/django/commit/1c60d07ba23e0350351c278ad28d0bd5aa410b40
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/django/django/commit/1c60d07ba23e0350351c278ad28d0bd5aa410b40
11
reference_url https://github.com/django/django/commit/d19a27066b2247102e65412aa66917aff0091112
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/django/django/commit/d19a27066b2247102e65412aa66917aff0091112
12
reference_url https://nvd.nist.gov/vuln/detail/CVE-2013-1665
reference_id
reference_type
scores
0
value 5.0
scoring_system cvssv2
scoring_elements AV:N/AC:L/Au:N/C:P/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2013-1665
13
reference_url http://ubuntu.com/usn/usn-1757-1
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://ubuntu.com/usn/usn-1757-1
14
reference_url http://www.debian.org/security/2013/dsa-2634
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.debian.org/security/2013/dsa-2634
15
reference_url http://www.openwall.com/lists/oss-security/2013/02/19/2
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2013/02/19/2
16
reference_url http://www.openwall.com/lists/oss-security/2013/02/19/4
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2013/02/19/4
17
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=700948
reference_id 700948
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=700948
18
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=912982
reference_id 912982
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=912982
19
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openstack:folsom:-:*:*:*:*:*:*:*
reference_id cpe:2.3:a:openstack:folsom:-:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openstack:folsom:-:*:*:*:*:*:*:*
20
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openstack:keystone_essex:-:*:*:*:*:*:*:*
reference_id cpe:2.3:a:openstack:keystone_essex:-:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openstack:keystone_essex:-:*:*:*:*:*:*:*
21
reference_url https://github.com/advisories/GHSA-x64m-686f-fmm3
reference_id GHSA-x64m-686f-fmm3
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-x64m-686f-fmm3
22
reference_url https://access.redhat.com/errata/RHSA-2013:0596
reference_id RHSA-2013:0596
reference_type
scores
url https://access.redhat.com/errata/RHSA-2013:0596
23
reference_url https://access.redhat.com/errata/RHSA-2013:0657
reference_id RHSA-2013:0657
reference_type
scores
url https://access.redhat.com/errata/RHSA-2013:0657
24
reference_url https://access.redhat.com/errata/RHSA-2013:0658
reference_id RHSA-2013:0658
reference_type
scores
url https://access.redhat.com/errata/RHSA-2013:0658
25
reference_url https://access.redhat.com/errata/RHSA-2013:0670
reference_id RHSA-2013:0670
reference_type
scores
url https://access.redhat.com/errata/RHSA-2013:0670
26
reference_url https://usn.ubuntu.com/1730-1/
reference_id USN-1730-1
reference_type
scores
url https://usn.ubuntu.com/1730-1/
27
reference_url https://usn.ubuntu.com/1757-1/
reference_id USN-1757-1
reference_type
scores
url https://usn.ubuntu.com/1757-1/
fixed_packages
aliases CVE-2013-1665, GHSA-x64m-686f-fmm3
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-8yfq-hpqh-zqcp
1
url VCID-t88t-p8tx-cfcu
vulnerability_id VCID-t88t-p8tx-cfcu
summary 
Multiple vulnerabilities have been found in libxml2, allowing
    remote attackers to execute arbitrary code or cause Denial of Service.
references
0
reference_url http://blog.python.org/2013/02/announcing-defusedxml-fixes-for-xml.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://blog.python.org/2013/02/announcing-defusedxml-fixes-for-xml.html
1
reference_url http://bugs.python.org/issue17239
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://bugs.python.org/issue17239
2
reference_url http://lists.openstack.org/pipermail/openstack-announce/2013-February/000078.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://lists.openstack.org/pipermail/openstack-announce/2013-February/000078.html
3
reference_url http://rhn.redhat.com/errata/RHSA-2013-0657.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2013-0657.html
4
reference_url http://rhn.redhat.com/errata/RHSA-2013-0658.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2013-0658.html
5
reference_url http://rhn.redhat.com/errata/RHSA-2013-0670.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2013-0670.html
6
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-1664.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-1664.json
7
reference_url https://api.first.org/data/v1/epss?cve=CVE-2013-1664
reference_id
reference_type
scores
0
value 0.03938
scoring_system epss
scoring_elements 0.88312
published_at 2026-04-07T12:55:00Z
1
value 0.03938
scoring_system epss
scoring_elements 0.88293
published_at 2026-04-02T12:55:00Z
2
value 0.03938
scoring_system epss
scoring_elements 0.88353
published_at 2026-04-16T12:55:00Z
3
value 0.03938
scoring_system epss
scoring_elements 0.8834
published_at 2026-04-13T12:55:00Z
4
value 0.03938
scoring_system epss
scoring_elements 0.88348
published_at 2026-04-11T12:55:00Z
5
value 0.03938
scoring_system epss
scoring_elements 0.88338
published_at 2026-04-09T12:55:00Z
6
value 0.03938
scoring_system epss
scoring_elements 0.88332
published_at 2026-04-08T12:55:00Z
7
value 0.03938
scoring_system epss
scoring_elements 0.88285
published_at 2026-04-01T12:55:00Z
8
value 0.03938
scoring_system epss
scoring_elements 0.88308
published_at 2026-04-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2013-1664
8
reference_url https://bugs.launchpad.net/nova/+bug/1100282
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://bugs.launchpad.net/nova/+bug/1100282
9
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1664
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1664
10
reference_url https://github.com/django/django
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/django/django
11
reference_url https://github.com/django/django/commit/1c60d07ba23e0350351c278ad28d0bd5aa410b40
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/django/django/commit/1c60d07ba23e0350351c278ad28d0bd5aa410b40
12
reference_url https://github.com/django/django/commit/d19a27066b2247102e65412aa66917aff0091112
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/django/django/commit/d19a27066b2247102e65412aa66917aff0091112
13
reference_url https://nvd.nist.gov/vuln/detail/CVE-2013-1664
reference_id
reference_type
scores
0
value 5.0
scoring_system cvssv2
scoring_elements AV:N/AC:L/Au:N/C:N/I:N/A:P
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2013-1664
14
reference_url http://ubuntu.com/usn/usn-1757-1
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://ubuntu.com/usn/usn-1757-1
15
reference_url http://www.openwall.com/lists/oss-security/2013/02/19/2
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2013/02/19/2
16
reference_url http://www.openwall.com/lists/oss-security/2013/02/19/4
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2013/02/19/4
17
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=700948
reference_id 700948
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=700948
18
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=700949
reference_id 700949
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=700949
19
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=700950
reference_id 700950
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=700950
20
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=913808
reference_id 913808
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=913808
21
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openstack:cinder_folsom:-:*:*:*:*:*:*:*
reference_id cpe:2.3:a:openstack:cinder_folsom:-:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openstack:cinder_folsom:-:*:*:*:*:*:*:*
22
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openstack:compute_\(nova\)_essex:-:*:*:*:*:*:*:*
reference_id cpe:2.3:a:openstack:compute_\(nova\)_essex:-:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openstack:compute_\(nova\)_essex:-:*:*:*:*:*:*:*
23
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openstack:compute_\(nova\)_folsom:-:*:*:*:*:*:*:*
reference_id cpe:2.3:a:openstack:compute_\(nova\)_folsom:-:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openstack:compute_\(nova\)_folsom:-:*:*:*:*:*:*:*
24
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openstack:folsom:-:*:*:*:*:*:*:*
reference_id cpe:2.3:a:openstack:folsom:-:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openstack:folsom:-:*:*:*:*:*:*:*
25
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openstack:grizzly:-:*:*:*:*:*:*:*
reference_id cpe:2.3:a:openstack:grizzly:-:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openstack:grizzly:-:*:*:*:*:*:*:*
26
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openstack:keystone_essex:-:*:*:*:*:*:*:*
reference_id cpe:2.3:a:openstack:keystone_essex:-:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openstack:keystone_essex:-:*:*:*:*:*:*:*
27
reference_url https://github.com/advisories/GHSA-qrh7-x6fp-c2mp
reference_id GHSA-qrh7-x6fp-c2mp
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-qrh7-x6fp-c2mp
28
reference_url https://security.gentoo.org/glsa/201311-06
reference_id GLSA-201311-06
reference_type
scores
url https://security.gentoo.org/glsa/201311-06
29
reference_url https://security.gentoo.org/glsa/201412-11
reference_id GLSA-201412-11
reference_type
scores
url https://security.gentoo.org/glsa/201412-11
30
reference_url https://access.redhat.com/errata/RHSA-2013:0596
reference_id RHSA-2013:0596
reference_type
scores
url https://access.redhat.com/errata/RHSA-2013:0596
31
reference_url https://access.redhat.com/errata/RHSA-2013:0657
reference_id RHSA-2013:0657
reference_type
scores
url https://access.redhat.com/errata/RHSA-2013:0657
32
reference_url https://access.redhat.com/errata/RHSA-2013:0658
reference_id RHSA-2013:0658
reference_type
scores
url https://access.redhat.com/errata/RHSA-2013:0658
33
reference_url https://access.redhat.com/errata/RHSA-2013:0670
reference_id RHSA-2013:0670
reference_type
scores
url https://access.redhat.com/errata/RHSA-2013:0670
34
reference_url https://usn.ubuntu.com/1730-1/
reference_id USN-1730-1
reference_type
scores
url https://usn.ubuntu.com/1730-1/
35
reference_url https://usn.ubuntu.com/1731-1/
reference_id USN-1731-1
reference_type
scores
url https://usn.ubuntu.com/1731-1/
36
reference_url https://usn.ubuntu.com/1734-1/
reference_id USN-1734-1
reference_type
scores
url https://usn.ubuntu.com/1734-1/
37
reference_url https://usn.ubuntu.com/1757-1/
reference_id USN-1757-1
reference_type
scores
url https://usn.ubuntu.com/1757-1/
fixed_packages
aliases CVE-2013-1664, GHSA-qrh7-x6fp-c2mp
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-t88t-p8tx-cfcu
Fixing_vulnerabilities
Risk_score3.1
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:rpm/redhat/openstack-cinder@2012.2.3-4%3Farch=el6ost