Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:apk/alpine/unzip@6.0-r3?arch=x86_64&distroversion=v3.22&reponame=main
Typeapk
Namespacealpine
Nameunzip
Version6.0-r3
Qualifiers
arch x86_64
distroversion v3.22
reponame main
Subpath
Is_vulnerablefalse
Next_non_vulnerable_version6.0-r7
Latest_non_vulnerable_version6.0-r11
Affected_by_vulnerabilities
Fixing_vulnerabilities
0
url VCID-eh5k-xz8h-1ufr
vulnerability_id VCID-eh5k-xz8h-1ufr
summary multiple issues
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9844.json
reference_id
reference_type
scores
0
value 3.3
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9844.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-9844
reference_id
reference_type
scores
0
value 0.09788
scoring_system epss
scoring_elements 0.93103
published_at 2026-06-04T12:55:00Z
1
value 0.09788
scoring_system epss
scoring_elements 0.93107
published_at 2026-06-08T12:55:00Z
2
value 0.09788
scoring_system epss
scoring_elements 0.93112
published_at 2026-06-06T12:55:00Z
3
value 0.09788
scoring_system epss
scoring_elements 0.93109
published_at 2026-06-07T12:55:00Z
4
value 0.09788
scoring_system epss
scoring_elements 0.93113
published_at 2026-06-05T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-9844
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9844
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9844
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv2
scoring_elements AV:N/AC:M/Au:N/C:N/I:N/A:P
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1401864
reference_id 1401864
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1401864
5
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=847486
reference_id 847486
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=847486
6
reference_url https://security.archlinux.org/AVG-611
reference_id AVG-611
reference_type
scores
0
value Medium
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-611
7
reference_url https://usn.ubuntu.com/4672-1/
reference_id USN-4672-1
reference_type
scores
url https://usn.ubuntu.com/4672-1/
fixed_packages
0
url pkg:apk/alpine/unzip@6.0-r3?arch=x86_64&distroversion=v3.22&reponame=main
purl pkg:apk/alpine/unzip@6.0-r3?arch=x86_64&distroversion=v3.22&reponame=main
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/unzip@6.0-r3%3Farch=x86_64&distroversion=v3.22&reponame=main
aliases CVE-2016-9844
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-eh5k-xz8h-1ufr
1
url VCID-k658-w9mb-tyfq
vulnerability_id VCID-k658-w9mb-tyfq
summary unzip 6.0 allows remote attackers to cause a denial of service (out-of-bounds read or write and crash) via an extra field with an uncompressed size smaller than the compressed field size in a zip archive that advertises STORED method compression.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-9636.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-9636.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2014-9636
reference_id
reference_type
scores
0
value 0.58381
scoring_system epss
scoring_elements 0.98232
published_at 2026-06-04T12:55:00Z
1
value 0.58381
scoring_system epss
scoring_elements 0.98234
published_at 2026-06-07T12:55:00Z
2
value 0.58381
scoring_system epss
scoring_elements 0.98235
published_at 2026-06-08T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2014-9636
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9636
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9636
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1184985
reference_id 1184985
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1184985
4
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=776589
reference_id 776589
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=776589
5
reference_url https://security.gentoo.org/glsa/201611-01
reference_id GLSA-201611-01
reference_type
scores
url https://security.gentoo.org/glsa/201611-01
6
reference_url https://access.redhat.com/errata/RHSA-2015:0700
reference_id RHSA-2015:0700
reference_type
scores
url https://access.redhat.com/errata/RHSA-2015:0700
7
reference_url https://usn.ubuntu.com/2489-1/
reference_id USN-2489-1
reference_type
scores
url https://usn.ubuntu.com/2489-1/
fixed_packages
0
url pkg:apk/alpine/unzip@6.0-r3?arch=x86_64&distroversion=v3.22&reponame=main
purl pkg:apk/alpine/unzip@6.0-r3?arch=x86_64&distroversion=v3.22&reponame=main
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/unzip@6.0-r3%3Farch=x86_64&distroversion=v3.22&reponame=main
aliases CVE-2014-9636
risk_score 0.2
exploitability 0.5
weighted_severity 0.5
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-k658-w9mb-tyfq
2
url VCID-kst5-hvc6-6ugy
vulnerability_id VCID-kst5-hvc6-6ugy
summary Heap-based buffer overflow in the test_compr_eb function in Info-ZIP UnZip 6.0 and earlier allows remote attackers to execute arbitrary code via a crafted zip file in the -t command argument to the unzip command.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-8140.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-8140.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2014-8140
reference_id
reference_type
scores
0
value 0.09808
scoring_system epss
scoring_elements 0.93109
published_at 2026-06-04T12:55:00Z
1
value 0.09808
scoring_system epss
scoring_elements 0.93121
published_at 2026-06-05T12:55:00Z
2
value 0.09808
scoring_system epss
scoring_elements 0.93119
published_at 2026-06-06T12:55:00Z
3
value 0.09808
scoring_system epss
scoring_elements 0.93116
published_at 2026-06-07T12:55:00Z
4
value 0.09808
scoring_system epss
scoring_elements 0.93114
published_at 2026-06-08T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2014-8140
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8139
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8139
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8140
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8140
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8141
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8141
5
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1174851
reference_id 1174851
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1174851
6
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=773722
reference_id 773722
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=773722
7
reference_url https://security.gentoo.org/glsa/201611-01
reference_id GLSA-201611-01
reference_type
scores
url https://security.gentoo.org/glsa/201611-01
8
reference_url https://access.redhat.com/errata/RHSA-2015:0700
reference_id RHSA-2015:0700
reference_type
scores
url https://access.redhat.com/errata/RHSA-2015:0700
9
reference_url https://usn.ubuntu.com/2472-1/
reference_id USN-2472-1
reference_type
scores
url https://usn.ubuntu.com/2472-1/
fixed_packages
0
url pkg:apk/alpine/unzip@6.0-r3?arch=x86_64&distroversion=v3.22&reponame=main
purl pkg:apk/alpine/unzip@6.0-r3?arch=x86_64&distroversion=v3.22&reponame=main
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/unzip@6.0-r3%3Farch=x86_64&distroversion=v3.22&reponame=main
aliases CVE-2014-8140
risk_score 0.1
exploitability 0.5
weighted_severity 0.1
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-kst5-hvc6-6ugy
3
url VCID-myfq-v13h-yue6
vulnerability_id VCID-myfq-v13h-yue6
summary Heap-based buffer overflow in the CRC32 verification in Info-ZIP UnZip 6.0 and earlier allows remote attackers to execute arbitrary code via a crafted zip file in the -t command argument to the unzip command.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-8139.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-8139.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2014-8139
reference_id
reference_type
scores
0
value 0.09808
scoring_system epss
scoring_elements 0.93109
published_at 2026-06-04T12:55:00Z
1
value 0.09808
scoring_system epss
scoring_elements 0.93121
published_at 2026-06-05T12:55:00Z
2
value 0.09808
scoring_system epss
scoring_elements 0.93119
published_at 2026-06-06T12:55:00Z
3
value 0.09808
scoring_system epss
scoring_elements 0.93116
published_at 2026-06-07T12:55:00Z
4
value 0.09808
scoring_system epss
scoring_elements 0.93114
published_at 2026-06-08T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2014-8139
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8139
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8139
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8140
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8140
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8141
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8141
5
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1174844
reference_id 1174844
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1174844
6
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=773722
reference_id 773722
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=773722
7
reference_url https://security.gentoo.org/glsa/201611-01
reference_id GLSA-201611-01
reference_type
scores
url https://security.gentoo.org/glsa/201611-01
8
reference_url https://access.redhat.com/errata/RHSA-2015:0700
reference_id RHSA-2015:0700
reference_type
scores
url https://access.redhat.com/errata/RHSA-2015:0700
9
reference_url https://usn.ubuntu.com/2472-1/
reference_id USN-2472-1
reference_type
scores
url https://usn.ubuntu.com/2472-1/
fixed_packages
0
url pkg:apk/alpine/unzip@6.0-r3?arch=x86_64&distroversion=v3.22&reponame=main
purl pkg:apk/alpine/unzip@6.0-r3?arch=x86_64&distroversion=v3.22&reponame=main
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/unzip@6.0-r3%3Farch=x86_64&distroversion=v3.22&reponame=main
aliases CVE-2014-8139
risk_score 0.1
exploitability 0.5
weighted_severity 0.1
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-myfq-v13h-yue6
4
url VCID-uf4b-432j-p3hu
vulnerability_id VCID-uf4b-432j-p3hu
summary multiple issues
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-1000035.json
reference_id
reference_type
scores
0
value 7.0
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-1000035.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2018-1000035
reference_id
reference_type
scores
0
value 0.63564
scoring_system epss
scoring_elements 0.98439
published_at 2026-06-06T12:55:00Z
1
value 0.63564
scoring_system epss
scoring_elements 0.98434
published_at 2026-06-04T12:55:00Z
2
value 0.63564
scoring_system epss
scoring_elements 0.98438
published_at 2026-06-07T12:55:00Z
3
value 0.63564
scoring_system epss
scoring_elements 0.98437
published_at 2026-06-08T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2018-1000035
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000035
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000035
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.8
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1537043
reference_id 1537043
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1537043
5
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=889838
reference_id 889838
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=889838
6
reference_url https://security.archlinux.org/AVG-611
reference_id AVG-611
reference_type
scores
0
value Medium
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-611
7
reference_url https://security.gentoo.org/glsa/202003-58
reference_id GLSA-202003-58
reference_type
scores
url https://security.gentoo.org/glsa/202003-58
8
reference_url https://usn.ubuntu.com/4672-1/
reference_id USN-4672-1
reference_type
scores
url https://usn.ubuntu.com/4672-1/
fixed_packages
0
url pkg:apk/alpine/unzip@6.0-r3?arch=x86_64&distroversion=v3.22&reponame=main
purl pkg:apk/alpine/unzip@6.0-r3?arch=x86_64&distroversion=v3.22&reponame=main
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/unzip@6.0-r3%3Farch=x86_64&distroversion=v3.22&reponame=main
aliases CVE-2018-1000035
risk_score 3.1
exploitability 0.5
weighted_severity 6.3
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-uf4b-432j-p3hu
5
url VCID-wz9z-wubj-ffg6
vulnerability_id VCID-wz9z-wubj-ffg6
summary Heap-based buffer overflow in the getZip64Data function in Info-ZIP UnZip 6.0 and earlier allows remote attackers to execute arbitrary code via a crafted zip file in the -t command argument to the unzip command.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-8141.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-8141.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2014-8141
reference_id
reference_type
scores
0
value 0.09808
scoring_system epss
scoring_elements 0.93109
published_at 2026-06-04T12:55:00Z
1
value 0.09808
scoring_system epss
scoring_elements 0.93121
published_at 2026-06-05T12:55:00Z
2
value 0.09808
scoring_system epss
scoring_elements 0.93119
published_at 2026-06-06T12:55:00Z
3
value 0.09808
scoring_system epss
scoring_elements 0.93116
published_at 2026-06-07T12:55:00Z
4
value 0.09808
scoring_system epss
scoring_elements 0.93114
published_at 2026-06-08T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2014-8141
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8139
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8139
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8140
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8140
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8141
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8141
5
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1174856
reference_id 1174856
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1174856
6
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=773722
reference_id 773722
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=773722
7
reference_url https://security.gentoo.org/glsa/201611-01
reference_id GLSA-201611-01
reference_type
scores
url https://security.gentoo.org/glsa/201611-01
8
reference_url https://access.redhat.com/errata/RHSA-2015:0700
reference_id RHSA-2015:0700
reference_type
scores
url https://access.redhat.com/errata/RHSA-2015:0700
9
reference_url https://usn.ubuntu.com/2472-1/
reference_id USN-2472-1
reference_type
scores
url https://usn.ubuntu.com/2472-1/
fixed_packages
0
url pkg:apk/alpine/unzip@6.0-r3?arch=x86_64&distroversion=v3.22&reponame=main
purl pkg:apk/alpine/unzip@6.0-r3?arch=x86_64&distroversion=v3.22&reponame=main
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/unzip@6.0-r3%3Farch=x86_64&distroversion=v3.22&reponame=main
aliases CVE-2014-8141
risk_score 0.1
exploitability 0.5
weighted_severity 0.1
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-wz9z-wubj-ffg6
6
url VCID-zzw3-avu4-wqa8
vulnerability_id VCID-zzw3-avu4-wqa8
summary multiple issues
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-9913.json
reference_id
reference_type
scores
0
value 3.3
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-9913.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2014-9913
reference_id
reference_type
scores
0
value 0.0459
scoring_system epss
scoring_elements 0.89418
published_at 2026-06-04T12:55:00Z
1
value 0.0459
scoring_system epss
scoring_elements 0.89436
published_at 2026-06-08T12:55:00Z
2
value 0.0459
scoring_system epss
scoring_elements 0.89435
published_at 2026-06-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2014-9913
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9913
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9913
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv2
scoring_elements AV:N/AC:M/Au:N/C:N/I:N/A:P
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1401865
reference_id 1401865
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1401865
5
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=847485
reference_id 847485
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=847485
6
reference_url https://security.archlinux.org/AVG-611
reference_id AVG-611
reference_type
scores
0
value Medium
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-611
7
reference_url https://usn.ubuntu.com/4672-1/
reference_id USN-4672-1
reference_type
scores
url https://usn.ubuntu.com/4672-1/
fixed_packages
0
url pkg:apk/alpine/unzip@6.0-r3?arch=x86_64&distroversion=v3.22&reponame=main
purl pkg:apk/alpine/unzip@6.0-r3?arch=x86_64&distroversion=v3.22&reponame=main
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/unzip@6.0-r3%3Farch=x86_64&distroversion=v3.22&reponame=main
aliases CVE-2014-9913
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-zzw3-avu4-wqa8
Risk_scorenull
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:apk/alpine/unzip@6.0-r3%3Farch=x86_64&distroversion=v3.22&reponame=main