Django REST framework

Lookup for vulnerable packages by Package URL.

Purl pkg:apk/alpine/radare2@5.6.6-r0?arch=loongarch64&distroversion=v3.24&reponame=community

Type apk

Namespace alpine

Name radare2

Version 5.6.6-r0

Qualifiers

arch	loongarch64
distroversion	v3.24
reponame	community

Subpath

Is_vulnerable false

Next_non_vulnerable_version 5.6.8-r0

Latest_non_vulnerable_version 5.8.2-r0

Affected_by_vulnerabilities

Fixing_vulnerabilities

url VCID-5q7e-1gat-5kdd

vulnerability_id VCID-5q7e-1gat-5kdd

summary Heap Buffer Overflow in iterate_chained_fixups in GitHub repository radareorg/radare2 prior to 5.6.6.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2022-1052

reference_id

reference_type

scores

value	0.0014
scoring_system	epss
scoring_elements	0.33866
published_at	2026-06-11T12:55:00Z

value	0.0014
scoring_system	epss
scoring_elements	0.34043
published_at	2026-06-12T12:55:00Z

value	0.0014
scoring_system	epss
scoring_elements	0.34064
published_at	2026-06-13T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2022-1052

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1014478
reference_id	1014478
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1014478

fixed_packages

url	pkg:apk/alpine/radare2@5.6.6-r0?arch=loongarch64&distroversion=v3.24&reponame=community
purl	pkg:apk/alpine/radare2@5.6.6-r0?arch=loongarch64&distroversion=v3.24&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/radare2@5.6.6-r0%3Farch=loongarch64&distroversion=v3.24&reponame=community

aliases CVE-2022-1052

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-5q7e-1gat-5kdd

url VCID-71rv-1z7f-dyg4

vulnerability_id VCID-71rv-1z7f-dyg4

summary Heap buffer overflow in libr/bin/format/mach0/mach0.c in GitHub repository radareorg/radare2 prior to 5.8.6. If address sanitizer is disabled during the compiling, the program should executes into the `r_str_ncpy` function. Therefore I think it is very likely to be exploitable. For more general description of heap buffer overflow, see [CWE](https://cwe.mitre.org/data/definitions/122.html).

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2022-1240

reference_id

reference_type

scores

value	0.0017
scoring_system	epss
scoring_elements	0.38028
published_at	2026-06-11T12:55:00Z

value	0.0017
scoring_system	epss
scoring_elements	0.38204
published_at	2026-06-12T12:55:00Z

value	0.0017
scoring_system	epss
scoring_elements	0.3823
published_at	2026-06-13T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2022-1240

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1014478
reference_id	1014478
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1014478

fixed_packages

url	pkg:apk/alpine/radare2@5.6.6-r0?arch=loongarch64&distroversion=v3.24&reponame=community
purl	pkg:apk/alpine/radare2@5.6.6-r0?arch=loongarch64&distroversion=v3.24&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/radare2@5.6.6-r0%3Farch=loongarch64&distroversion=v3.24&reponame=community

aliases CVE-2022-1240

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-71rv-1z7f-dyg4

url VCID-bepe-fna1-a3fe

vulnerability_id VCID-bepe-fna1-a3fe

summary Use After Free in op_is_set_bp in GitHub repository radareorg/radare2 prior to 5.6.6.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2022-1031

reference_id

reference_type

scores

value	0.00273
scoring_system	epss
scoring_elements	0.51008
published_at	2026-06-11T12:55:00Z

value	0.00273
scoring_system	epss
scoring_elements	0.51139
published_at	2026-06-12T12:55:00Z

value	0.00273
scoring_system	epss
scoring_elements	0.51154
published_at	2026-06-13T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2022-1031

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1014478
reference_id	1014478
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1014478

fixed_packages

url	pkg:apk/alpine/radare2@5.6.6-r0?arch=loongarch64&distroversion=v3.24&reponame=community
purl	pkg:apk/alpine/radare2@5.6.6-r0?arch=loongarch64&distroversion=v3.24&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/radare2@5.6.6-r0%3Farch=loongarch64&distroversion=v3.24&reponame=community

aliases CVE-2022-1031

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-bepe-fna1-a3fe

url VCID-gjzt-dqnt-t3de

vulnerability_id VCID-gjzt-dqnt-t3de

summary

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2022-0849

reference_id

reference_type

scores

value	0.00254
scoring_system	epss
scoring_elements	0.48976
published_at	2026-06-11T12:55:00Z

value	0.00254
scoring_system	epss
scoring_elements	0.49112
published_at	2026-06-12T12:55:00Z

value	0.00254
scoring_system	epss
scoring_elements	0.4913
published_at	2026-06-13T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2022-0849

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	7.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1014478
reference_id	1014478
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1014478

fixed_packages

url	pkg:apk/alpine/radare2@5.6.6-r0?arch=loongarch64&distroversion=v3.24&reponame=community
purl	pkg:apk/alpine/radare2@5.6.6-r0?arch=loongarch64&distroversion=v3.24&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/radare2@5.6.6-r0%3Farch=loongarch64&distroversion=v3.24&reponame=community

aliases CVE-2022-0849

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-gjzt-dqnt-t3de

Risk_score null

Resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/radare2@5.6.6-r0%3Farch=loongarch64&distroversion=v3.24&reponame=community

Package Instance