Django REST framework

Lookup for vulnerable packages by Package URL.

Purl pkg:rpm/redhat/tfm-rubygem-clamp@1.0.0-8?arch=el7sat

Type rpm

Namespace redhat

Name tfm-rubygem-clamp

Version 1.0.0-8

Qualifiers

arch	el7sat

Subpath

Is_vulnerable true

Next_non_vulnerable_version null

Latest_non_vulnerable_version null

Affected_by_vulnerabilities

url

VCID-2a6m-asyd-8uax

vulnerability_id

VCID-2a6m-asyd-8uax

summary

Exposure of Sensitive Information to an Unauthorized Actor
The (1) proton.reactor.Connector, (2) proton.reactor.Container, and (3) proton.utils.BlockingConnection classes in Apache Qpid Proton before 0.12.1 improperly use an unencrypted connection for an amqps URI scheme when SSL support is unavailable, which might allow man-in-the-middle attackers to obtain sensitive information or modify data via unspecified vectors.

references

reference_url

http://lists.fedoraproject.org/pipermail/package-announce/2016-April/182414.html

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:H/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

http://lists.fedoraproject.org/pipermail/package-announce/2016-April/182414.html

reference_url

http://packetstormsecurity.com/files/136403/Apache-Qpid-Proton-0.12.0-SSL-Failure.html

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:H/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

http://packetstormsecurity.com/files/136403/Apache-Qpid-Proton-0.12.0-SSL-Failure.html

reference_url

http://qpid.apache.org/releases/qpid-proton-0.12.1/release-notes.html

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:H/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

http://qpid.apache.org/releases/qpid-proton-0.12.1/release-notes.html

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2166.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2166.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2016-2166

reference_id

reference_type

scores

value	0.00271
scoring_system	epss
scoring_elements	0.50765
published_at	2026-06-04T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2016-2166

reference_url

https://git-wip-us.apache.org/repos/asf?p=qpid-proton.git;h=a058585

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:H/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://git-wip-us.apache.org/repos/asf?p=qpid-proton.git;h=a058585

reference_url

https://issues.apache.org/jira/browse/PROTON-1157

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:H/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://issues.apache.org/jira/browse/PROTON-1157

reference_url

https://lists.apache.org/thread.html/914424e4d798a340f523b6169aaf39b626971d9bb00fcdeb1d5d6c0d@%3Ccommits.qpid.apache.org%3E

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:H/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/914424e4d798a340f523b6169aaf39b626971d9bb00fcdeb1d5d6c0d@%3Ccommits.qpid.apache.org%3E

reference_url

http://www.securityfocus.com/archive/1/537864/100/0/threaded

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:H/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

http://www.securityfocus.com/archive/1/537864/100/0/threaded

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1320842
reference_id	1320842
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1320842

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2016-2166

reference_id

CVE-2016-2166

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:H/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2016-2166

reference_url

https://github.com/advisories/GHSA-f5cf-f7px-xpmh

reference_id

GHSA-f5cf-f7px-xpmh

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:H/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/advisories/GHSA-f5cf-f7px-xpmh

fixed_packages

aliases

CVE-2016-2166, GHSA-f5cf-f7px-xpmh

risk_score

3.1

exploitability

0.5

weighted_severity

6.2

resource_url

http://public2.vulnerablecode.io/vulnerabilities/VCID-2a6m-asyd-8uax

url

VCID-2bvt-36z3-9qar

vulnerability_id

VCID-2bvt-36z3-9qar

summary

Potential Denial of Service Vulnerability
Carefully crafted requests can cause a `SystemStackError` and potentially cause a denial of service attack.

references

reference_url

http://lists.fedoraproject.org/pipermail/package-announce/2015-August/164173.html

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

http://lists.fedoraproject.org/pipermail/package-announce/2015-August/164173.html

reference_url

http://lists.fedoraproject.org/pipermail/package-announce/2015-August/165180.html

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

http://lists.fedoraproject.org/pipermail/package-announce/2015-August/165180.html

reference_url

http://lists.opensuse.org/opensuse-updates/2015-07/msg00040.html

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

http://lists.opensuse.org/opensuse-updates/2015-07/msg00040.html

reference_url

http://lists.opensuse.org/opensuse-updates/2015-07/msg00043.html

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

http://lists.opensuse.org/opensuse-updates/2015-07/msg00043.html

reference_url

http://lists.opensuse.org/opensuse-updates/2015-07/msg00044.html

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

http://lists.opensuse.org/opensuse-updates/2015-07/msg00044.html

reference_url

http://openwall.com/lists/oss-security/2015/06/16/14

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

http://openwall.com/lists/oss-security/2015/06/16/14

reference_url

http://rhn.redhat.com/errata/RHSA-2015-2290.html

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

http://rhn.redhat.com/errata/RHSA-2015-2290.html

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-3225.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-3225.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2015-3225

reference_id

reference_type

scores

value	0.13251
scoring_system	epss
scoring_elements	0.94282
published_at	2026-06-04T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2015-3225

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3225
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3225

reference_url

https://github.com/rack/rack

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/rack/rack

reference_url

https://github.com/rack/rack/blob/master/HISTORY.md

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/rack/rack/blob/master/HISTORY.md

reference_url	https://github.com/rack/rack/commits/1.4.6
reference_id
reference_type
scores
url	https://github.com/rack/rack/commits/1.4.6

reference_url

https://github.com/rubysec/ruby-advisory-db/blob/master/gems/rack/CVE-2015-3225.yml

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/rubysec/ruby-advisory-db/blob/master/gems/rack/CVE-2015-3225.yml

reference_url

https://groups.google.com/forum/#!topic/ruby-security-ann/gcUbICUmKMc

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://groups.google.com/forum/#!topic/ruby-security-ann/gcUbICUmKMc

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2015-3225

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2015-3225

reference_url

http://www.debian.org/security/2015/dsa-3322

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

http://www.debian.org/security/2015/dsa-3322

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1232292
reference_id	1232292
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1232292

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=789311
reference_id	789311
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=789311

reference_url	https://access.redhat.com/errata/RHSA-2015:2290
reference_id	RHSA-2015:2290
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2015:2290

fixed_packages

aliases

CVE-2015-3225, GHSA-rgr4-9jh5-j4j6

risk_score

3.1

exploitability

0.5

weighted_severity

6.2

resource_url

http://public2.vulnerablecode.io/vulnerabilities/VCID-2bvt-36z3-9qar

url

VCID-8jj4-fqt3-xbhy

vulnerability_id

VCID-8jj4-fqt3-xbhy

summary

v8: multiple vulnerabilities fixed in Google Chrome version 33.0.1750.146

references

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-6668.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-6668.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2013-6668

reference_id

reference_type

scores

value	0.1282
scoring_system	epss
scoring_elements	0.94157
published_at	2026-06-04T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2013-6668

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6653
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6653

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6654
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6654

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6655
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6655

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6656
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6656

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6657
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6657

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6658
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6658

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6659
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6659

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6660
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6660

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6661
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6661

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6663
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6663

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6664
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6664

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6665
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6665

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6666
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6666

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6667
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6667

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6668
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6668

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1700
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1700

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1701
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1701

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1702
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1702

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1703
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1703

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1704
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1704

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1705
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1705

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1713
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1713

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1715
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1715

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1074737
reference_id	1074737
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1074737

reference_url	https://security.gentoo.org/glsa/201403-01
reference_id	GLSA-201403-01
reference_type
scores
url	https://security.gentoo.org/glsa/201403-01

reference_url	https://access.redhat.com/errata/RHSA-2014:1744
reference_id	RHSA-2014:1744
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2014:1744

fixed_packages

aliases

CVE-2013-6668

risk_score

0.1

exploitability

0.5

weighted_severity

0.1

resource_url

http://public2.vulnerablecode.io/vulnerabilities/VCID-8jj4-fqt3-xbhy

Fixing_vulnerabilities

Risk_score 3.1

Resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/tfm-rubygem-clamp@1.0.0-8%3Farch=el7sat

Package Instance