Django REST framework

Lookup for vulnerable packages by Package URL.

Purl pkg:rpm/redhat/tfm-rubygem-fog-openstack@0.1.18-1?arch=el7sat

Type rpm

Namespace redhat

Name tfm-rubygem-fog-openstack

Version 0.1.18-1

Qualifiers

arch	el7sat

Subpath

Is_vulnerable true

Next_non_vulnerable_version null

Latest_non_vulnerable_version null

Affected_by_vulnerabilities

url VCID-nf83-z2xy-5yae

vulnerability_id VCID-nf83-z2xy-5yae

summary v8: multiple vulnerabilities fixed in Google Chrome version 33.0.1750.146

references

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-6668.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-6668.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2013-6668

reference_id

reference_type

scores

value	0.1282
scoring_system	epss
scoring_elements	0.94139
published_at	2026-05-29T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2013-6668

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6653
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6653

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6654
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6654

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6655
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6655

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6656
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6656

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6657
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6657

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6658
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6658

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6659
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6659

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6660
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6660

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6661
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6661

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6663
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6663

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6664
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6664

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6665
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6665

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6666
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6666

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6667
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6667

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6668
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6668

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1700
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1700

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1701
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1701

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1702
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1702

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1703
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1703

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1704
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1704

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1705
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1705

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1713
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1713

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1715
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1715

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1074737
reference_id	1074737
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1074737

reference_url	https://security.gentoo.org/glsa/201403-01
reference_id	GLSA-201403-01
reference_type
scores
url	https://security.gentoo.org/glsa/201403-01

reference_url	https://access.redhat.com/errata/RHSA-2014:1744
reference_id	RHSA-2014:1744
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2014:1744

fixed_packages

aliases CVE-2013-6668

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-nf83-z2xy-5yae

url VCID-rg39-bur5-67e3

vulnerability_id VCID-rg39-bur5-67e3

summary

Rack vulnerable to Denial of Service via large parameter depth request
lib/rack/utils.rb in Rack before 1.5.4 and 1.6.x before 1.6.2, as used with Ruby on Rails 3.x and 4.x and other products, allows remote attackers to cause a denial of service (SystemStackError) via a request with a large parameter depth.

references

reference_url

http://lists.fedoraproject.org/pipermail/package-announce/2015-August/164173.html

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

http://lists.fedoraproject.org/pipermail/package-announce/2015-August/164173.html

reference_url

http://lists.fedoraproject.org/pipermail/package-announce/2015-August/165180.html

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

http://lists.fedoraproject.org/pipermail/package-announce/2015-August/165180.html

reference_url

http://lists.opensuse.org/opensuse-updates/2015-07/msg00040.html

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

http://lists.opensuse.org/opensuse-updates/2015-07/msg00040.html

reference_url

http://lists.opensuse.org/opensuse-updates/2015-07/msg00043.html

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

http://lists.opensuse.org/opensuse-updates/2015-07/msg00043.html

reference_url

http://lists.opensuse.org/opensuse-updates/2015-07/msg00044.html

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

http://lists.opensuse.org/opensuse-updates/2015-07/msg00044.html

reference_url

http://openwall.com/lists/oss-security/2015/06/16/14

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

http://openwall.com/lists/oss-security/2015/06/16/14

reference_url

http://rhn.redhat.com/errata/RHSA-2015-2290.html

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

http://rhn.redhat.com/errata/RHSA-2015-2290.html

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-3225.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-3225.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2015-3225

reference_id

reference_type

scores

value	0.13251
scoring_system	epss
scoring_elements	0.94266
published_at	2026-05-29T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2015-3225

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3225
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3225

reference_url

https://github.com/rack/rack

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/rack/rack

reference_url

https://github.com/rack/rack/blob/master/HISTORY.md

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/rack/rack/blob/master/HISTORY.md

reference_url	https://github.com/rack/rack/commits/1.4.6
reference_id
reference_type
scores
url	https://github.com/rack/rack/commits/1.4.6

reference_url

https://github.com/rubysec/ruby-advisory-db/blob/master/gems/rack/CVE-2015-3225.yml

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/rubysec/ruby-advisory-db/blob/master/gems/rack/CVE-2015-3225.yml

reference_url

https://groups.google.com/forum/#!topic/ruby-security-ann/gcUbICUmKMc

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://groups.google.com/forum/#!topic/ruby-security-ann/gcUbICUmKMc

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2015-3225

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2015-3225

reference_url

http://www.debian.org/security/2015/dsa-3322

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

http://www.debian.org/security/2015/dsa-3322

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1232292
reference_id	1232292
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1232292

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=789311
reference_id	789311
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=789311

reference_url

https://github.com/advisories/GHSA-rgr4-9jh5-j4j6

reference_id

GHSA-rgr4-9jh5-j4j6

reference_type

scores

value	MODERATE
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-rgr4-9jh5-j4j6

reference_url	https://access.redhat.com/errata/RHSA-2015:2290
reference_id	RHSA-2015:2290
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2015:2290

fixed_packages

aliases CVE-2015-3225, GHSA-rgr4-9jh5-j4j6

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-rg39-bur5-67e3

url VCID-s95s-ucv6-p3gz

vulnerability_id VCID-s95s-ucv6-p3gz

summary

Moderate severity vulnerability that affects org.apache.qpid:proton-j
The (1) proton.reactor.Connector, (2) proton.reactor.Container, and (3) proton.utils.BlockingConnection classes in Apache Qpid Proton before 0.12.1 improperly use an unencrypted connection for an amqps URI scheme when SSL support is unavailable, which might allow man-in-the-middle attackers to obtain sensitive information or modify data via unspecified vectors.

references

reference_url

http://lists.fedoraproject.org/pipermail/package-announce/2016-April/182414.html

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:H/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

http://lists.fedoraproject.org/pipermail/package-announce/2016-April/182414.html

reference_url

http://packetstormsecurity.com/files/136403/Apache-Qpid-Proton-0.12.0-SSL-Failure.html

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:H/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

http://packetstormsecurity.com/files/136403/Apache-Qpid-Proton-0.12.0-SSL-Failure.html

reference_url

http://qpid.apache.org/releases/qpid-proton-0.12.1/release-notes.html

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:H/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

http://qpid.apache.org/releases/qpid-proton-0.12.1/release-notes.html

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2166.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2166.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2016-2166

reference_id

reference_type

scores

value	0.00271
scoring_system	epss
scoring_elements	0.50739
published_at	2026-05-29T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2016-2166

reference_url

https://github.com/advisories/GHSA-f5cf-f7px-xpmh

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:H/A:N

value	MODERATE
scoring_system	cvssv3.1_qr
scoring_elements

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/advisories/GHSA-f5cf-f7px-xpmh

reference_url

https://git-wip-us.apache.org/repos/asf?p=qpid-proton.git;h=a058585

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:H/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://git-wip-us.apache.org/repos/asf?p=qpid-proton.git;h=a058585

reference_url

https://issues.apache.org/jira/browse/PROTON-1157

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:H/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://issues.apache.org/jira/browse/PROTON-1157

reference_url

https://lists.apache.org/thread.html/914424e4d798a340f523b6169aaf39b626971d9bb00fcdeb1d5d6c0d@%3Ccommits.qpid.apache.org%3E

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:H/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/914424e4d798a340f523b6169aaf39b626971d9bb00fcdeb1d5d6c0d@%3Ccommits.qpid.apache.org%3E

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2016-2166

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:H/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2016-2166

reference_url

http://www.securityfocus.com/archive/1/537864/100/0/threaded

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:H/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

http://www.securityfocus.com/archive/1/537864/100/0/threaded

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1320842
reference_id	1320842
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1320842

fixed_packages

aliases CVE-2016-2166, GHSA-f5cf-f7px-xpmh

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-s95s-ucv6-p3gz

Fixing_vulnerabilities

Risk_score null

Resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/tfm-rubygem-fog-openstack@0.1.18-1%3Farch=el7sat

Package Instance