Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:apk/alpine/nodejs-current@15.10.0-r0?arch=x86_64&distroversion=v3.15&reponame=community
Typeapk
Namespacealpine
Namenodejs-current
Version15.10.0-r0
Qualifiers
arch x86_64
distroversion v3.15
reponame community
Subpath
Is_vulnerablefalse
Next_non_vulnerable_version16.6.0-r0
Latest_non_vulnerable_version17.3.1-r0
Affected_by_vulnerabilities
Fixing_vulnerabilities
0
url VCID-gh7q-71uy-hbe7
vulnerability_id VCID-gh7q-71uy-hbe7
summary Node.js before 10.24.0, 12.21.0, 14.16.0, and 15.10.0 is vulnerable to DNS rebinding attacks as the whitelist includes “localhost6”. When “localhost6” is not present in /etc/hosts, it is just an ordinary domain that is resolved via DNS, i.e., over network. If the attacker controls the victim's DNS server or can spoof its responses, the DNS rebinding protection can be bypassed by using the “localhost6” domain. As long as the attacker uses the “localhost6” domain, they can still apply the attack described in CVE-2018-7160.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-22884.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-22884.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-22884
reference_id
reference_type
scores
0
value 0.0027
scoring_system epss
scoring_elements 0.50706
published_at 2026-06-06T12:55:00Z
1
value 0.0027
scoring_system epss
scoring_elements 0.50686
published_at 2026-06-07T12:55:00Z
2
value 0.0027
scoring_system epss
scoring_elements 0.50639
published_at 2026-06-04T12:55:00Z
3
value 0.0027
scoring_system epss
scoring_elements 0.50701
published_at 2026-06-05T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-22884
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22883
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22883
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22884
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22884
4
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:L/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
5
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1932024
reference_id 1932024
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1932024
6
reference_url https://security.archlinux.org/AVG-1604
reference_id AVG-1604
reference_type
scores
0
value Medium
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-1604
7
reference_url https://security.gentoo.org/glsa/202405-29
reference_id GLSA-202405-29
reference_type
scores
url https://security.gentoo.org/glsa/202405-29
8
reference_url https://access.redhat.com/errata/RHSA-2021:0734
reference_id RHSA-2021:0734
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:0734
9
reference_url https://access.redhat.com/errata/RHSA-2021:0735
reference_id RHSA-2021:0735
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:0735
10
reference_url https://access.redhat.com/errata/RHSA-2021:0738
reference_id RHSA-2021:0738
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:0738
11
reference_url https://access.redhat.com/errata/RHSA-2021:0739
reference_id RHSA-2021:0739
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:0739
12
reference_url https://access.redhat.com/errata/RHSA-2021:0740
reference_id RHSA-2021:0740
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:0740
13
reference_url https://access.redhat.com/errata/RHSA-2021:0741
reference_id RHSA-2021:0741
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:0741
14
reference_url https://access.redhat.com/errata/RHSA-2021:0744
reference_id RHSA-2021:0744
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:0744
15
reference_url https://access.redhat.com/errata/RHSA-2021:0827
reference_id RHSA-2021:0827
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:0827
16
reference_url https://access.redhat.com/errata/RHSA-2021:0830
reference_id RHSA-2021:0830
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:0830
17
reference_url https://access.redhat.com/errata/RHSA-2021:0831
reference_id RHSA-2021:0831
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:0831
18
reference_url https://usn.ubuntu.com/6418-1/
reference_id USN-6418-1
reference_type
scores
url https://usn.ubuntu.com/6418-1/
fixed_packages
0
url pkg:apk/alpine/nodejs-current@15.10.0-r0?arch=x86_64&distroversion=v3.15&reponame=community
purl pkg:apk/alpine/nodejs-current@15.10.0-r0?arch=x86_64&distroversion=v3.15&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/nodejs-current@15.10.0-r0%3Farch=x86_64&distroversion=v3.15&reponame=community
aliases CVE-2021-22884
risk_score 3.4
exploitability 0.5
weighted_severity 6.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-gh7q-71uy-hbe7
1
url VCID-nqqw-br3s-f7fn
vulnerability_id VCID-nqqw-br3s-f7fn
summary Node.js before 10.24.0, 12.21.0, 14.16.0, and 15.10.0 is vulnerable to a denial of service attack when too many connection attempts with an 'unknownProtocol' are established. This leads to a leak of file descriptors. If a file descriptor limit is configured on the system, then the server is unable to accept new connections and prevent the process also from opening, e.g. a file. If no file descriptor limit is configured, then this lead to an excessive memory usage and cause the system to run out of memory.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-22883.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-22883.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-22883
reference_id
reference_type
scores
0
value 0.89427
scoring_system epss
scoring_elements 0.99564
published_at 2026-06-04T12:55:00Z
1
value 0.89427
scoring_system epss
scoring_elements 0.99566
published_at 2026-06-06T12:55:00Z
2
value 0.89427
scoring_system epss
scoring_elements 0.99565
published_at 2026-06-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-22883
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22883
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22883
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22884
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22884
4
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
5
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1932014
reference_id 1932014
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1932014
6
reference_url https://security.archlinux.org/AVG-1604
reference_id AVG-1604
reference_type
scores
0
value Medium
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-1604
7
reference_url https://security.gentoo.org/glsa/202405-29
reference_id GLSA-202405-29
reference_type
scores
url https://security.gentoo.org/glsa/202405-29
8
reference_url https://access.redhat.com/errata/RHSA-2021:0734
reference_id RHSA-2021:0734
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:0734
9
reference_url https://access.redhat.com/errata/RHSA-2021:0735
reference_id RHSA-2021:0735
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:0735
10
reference_url https://access.redhat.com/errata/RHSA-2021:0738
reference_id RHSA-2021:0738
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:0738
11
reference_url https://access.redhat.com/errata/RHSA-2021:0739
reference_id RHSA-2021:0739
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:0739
12
reference_url https://access.redhat.com/errata/RHSA-2021:0740
reference_id RHSA-2021:0740
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:0740
13
reference_url https://access.redhat.com/errata/RHSA-2021:0741
reference_id RHSA-2021:0741
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:0741
14
reference_url https://access.redhat.com/errata/RHSA-2021:0744
reference_id RHSA-2021:0744
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:0744
15
reference_url https://access.redhat.com/errata/RHSA-2021:0827
reference_id RHSA-2021:0827
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:0827
16
reference_url https://access.redhat.com/errata/RHSA-2021:0830
reference_id RHSA-2021:0830
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:0830
17
reference_url https://access.redhat.com/errata/RHSA-2021:0831
reference_id RHSA-2021:0831
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:0831
18
reference_url https://usn.ubuntu.com/6418-1/
reference_id USN-6418-1
reference_type
scores
url https://usn.ubuntu.com/6418-1/
fixed_packages
0
url pkg:apk/alpine/nodejs-current@15.10.0-r0?arch=x86_64&distroversion=v3.15&reponame=community
purl pkg:apk/alpine/nodejs-current@15.10.0-r0?arch=x86_64&distroversion=v3.15&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/nodejs-current@15.10.0-r0%3Farch=x86_64&distroversion=v3.15&reponame=community
aliases CVE-2021-22883
risk_score 10.0
exploitability 2.0
weighted_severity 6.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-nqqw-br3s-f7fn
Risk_scorenull
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:apk/alpine/nodejs-current@15.10.0-r0%3Farch=x86_64&distroversion=v3.15&reponame=community