Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:ebuild/app-emulation/qemu@2.3.0-r4
Typeebuild
Namespaceapp-emulation
Nameqemu
Version2.3.0-r4
Qualifiers
Subpath
Is_vulnerablefalse
Next_non_vulnerable_version2.5.0-r1
Latest_non_vulnerable_version8.0.0
Affected_by_vulnerabilities
Fixing_vulnerabilities
0
url VCID-5e41-v564-xub1
vulnerability_id VCID-5e41-v564-xub1
summary Heap-based buffer overflow in the PCNET controller in QEMU allows remote attackers to execute arbitrary code by sending a packet with TXSTATUS_STARTPACKET set and then a crafted packet with TXSTATUS_DEVICEOWNS set.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-3209.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-3209.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2015-3209
reference_id
reference_type
scores
0
value 0.18024
scoring_system epss
scoring_elements 0.95288
published_at 2026-06-04T12:55:00Z
1
value 0.18024
scoring_system epss
scoring_elements 0.95296
published_at 2026-06-05T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2015-3209
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3209
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3209
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4037
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4037
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4103
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4103
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4104
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4104
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4105
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4105
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4106
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4106
8
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4163
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4163
9
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4164
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4164
10
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1225882
reference_id 1225882
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1225882
11
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=788460
reference_id 788460
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=788460
12
reference_url https://security.gentoo.org/glsa/201510-02
reference_id GLSA-201510-02
reference_type
scores
url https://security.gentoo.org/glsa/201510-02
13
reference_url https://security.gentoo.org/glsa/201604-03
reference_id GLSA-201604-03
reference_type
scores
url https://security.gentoo.org/glsa/201604-03
14
reference_url https://access.redhat.com/errata/RHSA-2015:1087
reference_id RHSA-2015:1087
reference_type
scores
url https://access.redhat.com/errata/RHSA-2015:1087
15
reference_url https://access.redhat.com/errata/RHSA-2015:1088
reference_id RHSA-2015:1088
reference_type
scores
url https://access.redhat.com/errata/RHSA-2015:1088
16
reference_url https://access.redhat.com/errata/RHSA-2015:1089
reference_id RHSA-2015:1089
reference_type
scores
url https://access.redhat.com/errata/RHSA-2015:1089
17
reference_url https://access.redhat.com/errata/RHSA-2015:1189
reference_id RHSA-2015:1189
reference_type
scores
url https://access.redhat.com/errata/RHSA-2015:1189
18
reference_url https://usn.ubuntu.com/2630-1/
reference_id USN-2630-1
reference_type
scores
url https://usn.ubuntu.com/2630-1/
19
reference_url https://xenbits.xen.org/xsa/advisory-135.html
reference_id XSA-135
reference_type
scores
url https://xenbits.xen.org/xsa/advisory-135.html
fixed_packages
0
url pkg:ebuild/app-emulation/qemu@2.3.0-r4
purl pkg:ebuild/app-emulation/qemu@2.3.0-r4
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/app-emulation/qemu@2.3.0-r4
aliases CVE-2015-3209
risk_score 0.1
exploitability 0.5
weighted_severity 0.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-5e41-v564-xub1
1
url VCID-d26x-7mqx-5kh5
vulnerability_id VCID-d26x-7mqx-5kh5
summary The pit_ioport_read in i8254.c in the Linux kernel before 2.6.33 and QEMU before 2.3.1 does not distinguish between read lengths and write lengths, which might allow guest OS users to execute arbitrary code on the host OS by triggering use of an invalid index.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-3214.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-3214.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2015-3214
reference_id
reference_type
scores
0
value 0.01593
scoring_system epss
scoring_elements 0.82
published_at 2026-06-04T12:55:00Z
1
value 0.01593
scoring_system epss
scoring_elements 0.82034
published_at 2026-06-05T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2015-3214
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3214
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3214
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5154
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5154
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5165
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5165
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5225
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5225
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5745
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5745
7
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1229640
reference_id 1229640
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1229640
8
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=795461
reference_id 795461
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=795461
9
reference_url https://code.google.com/p/google-security-research/issues/detail?id=419#c4
reference_id CVE-2015-3214;OSVDB-123468
reference_type exploit
scores
url https://code.google.com/p/google-security-research/issues/detail?id=419#c4
10
reference_url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/dos/37990.txt
reference_id CVE-2015-3214;OSVDB-123468
reference_type exploit
scores
url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/dos/37990.txt
11
reference_url https://security.gentoo.org/glsa/201510-02
reference_id GLSA-201510-02
reference_type
scores
url https://security.gentoo.org/glsa/201510-02
12
reference_url https://access.redhat.com/errata/RHSA-2015:1507
reference_id RHSA-2015:1507
reference_type
scores
url https://access.redhat.com/errata/RHSA-2015:1507
13
reference_url https://access.redhat.com/errata/RHSA-2015:1508
reference_id RHSA-2015:1508
reference_type
scores
url https://access.redhat.com/errata/RHSA-2015:1508
14
reference_url https://access.redhat.com/errata/RHSA-2015:1512
reference_id RHSA-2015:1512
reference_type
scores
url https://access.redhat.com/errata/RHSA-2015:1512
15
reference_url https://usn.ubuntu.com/2692-1/
reference_id USN-2692-1
reference_type
scores
url https://usn.ubuntu.com/2692-1/
fixed_packages
0
url pkg:ebuild/app-emulation/qemu@2.3.0-r4
purl pkg:ebuild/app-emulation/qemu@2.3.0-r4
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/app-emulation/qemu@2.3.0-r4
aliases CVE-2015-3214
risk_score null
exploitability 2.0
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-d26x-7mqx-5kh5
2
url VCID-mtyw-7hrb-jyha
vulnerability_id VCID-mtyw-7hrb-jyha
summary Heap-based buffer overflow in the IDE subsystem in QEMU, as used in Xen 4.5.x and earlier, when the container has a CDROM drive enabled, allows local guest users to execute arbitrary code on the host via unspecified ATAPI commands.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-5154.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-5154.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2015-5154
reference_id
reference_type
scores
0
value 0.00388
scoring_system epss
scoring_elements 0.60187
published_at 2026-06-04T12:55:00Z
1
value 0.00388
scoring_system epss
scoring_elements 0.60234
published_at 2026-06-05T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2015-5154
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3214
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3214
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5154
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5154
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5165
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5165
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5225
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5225
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5745
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5745
7
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1243563
reference_id 1243563
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1243563
8
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=793811
reference_id 793811
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=793811
9
reference_url https://security.gentoo.org/glsa/201510-02
reference_id GLSA-201510-02
reference_type
scores
url https://security.gentoo.org/glsa/201510-02
10
reference_url https://security.gentoo.org/glsa/201604-03
reference_id GLSA-201604-03
reference_type
scores
url https://security.gentoo.org/glsa/201604-03
11
reference_url https://access.redhat.com/errata/RHSA-2015:1507
reference_id RHSA-2015:1507
reference_type
scores
url https://access.redhat.com/errata/RHSA-2015:1507
12
reference_url https://access.redhat.com/errata/RHSA-2015:1508
reference_id RHSA-2015:1508
reference_type
scores
url https://access.redhat.com/errata/RHSA-2015:1508
13
reference_url https://access.redhat.com/errata/RHSA-2015:1512
reference_id RHSA-2015:1512
reference_type
scores
url https://access.redhat.com/errata/RHSA-2015:1512
14
reference_url https://usn.ubuntu.com/2692-1/
reference_id USN-2692-1
reference_type
scores
url https://usn.ubuntu.com/2692-1/
15
reference_url https://xenbits.xen.org/xsa/advisory-138.html
reference_id XSA-138
reference_type
scores
url https://xenbits.xen.org/xsa/advisory-138.html
fixed_packages
0
url pkg:ebuild/app-emulation/qemu@2.3.0-r4
purl pkg:ebuild/app-emulation/qemu@2.3.0-r4
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/app-emulation/qemu@2.3.0-r4
aliases CVE-2015-5154
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-mtyw-7hrb-jyha
3
url VCID-vgfq-vf5j-7bf6
vulnerability_id VCID-vgfq-vf5j-7bf6
summary Stack-based buffer overflow in hw/scsi/scsi-bus.c in QEMU, when built with SCSI-device emulation support, allows guest OS users with CAP_SYS_RAWIO permissions to cause a denial of service (instance crash) via an invalid opcode in a SCSI command descriptor block.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-5158.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-5158.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2015-5158
reference_id
reference_type
scores
0
value 0.00081
scoring_system epss
scoring_elements 0.23873
published_at 2026-06-04T12:55:00Z
1
value 0.00081
scoring_system epss
scoring_elements 0.23967
published_at 2026-06-05T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2015-5158
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5158
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5158
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1244332
reference_id 1244332
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1244332
4
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=793388
reference_id 793388
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=793388
5
reference_url https://security.gentoo.org/glsa/201510-02
reference_id GLSA-201510-02
reference_type
scores
url https://security.gentoo.org/glsa/201510-02
6
reference_url https://usn.ubuntu.com/2692-1/
reference_id USN-2692-1
reference_type
scores
url https://usn.ubuntu.com/2692-1/
fixed_packages
0
url pkg:ebuild/app-emulation/qemu@2.3.0-r4
purl pkg:ebuild/app-emulation/qemu@2.3.0-r4
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/app-emulation/qemu@2.3.0-r4
aliases CVE-2015-5158
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-vgfq-vf5j-7bf6
Risk_scorenull
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:ebuild/app-emulation/qemu@2.3.0-r4