Django REST framework

Lookup for vulnerable packages by Package URL.

Purl pkg:deb/debian/ruby-commonmarker@0.23.4-1?distro=trixie

Type deb

Namespace debian

Name ruby-commonmarker

Version 0.23.4-1

Qualifiers

distro	trixie

Subpath

Is_vulnerable false

Next_non_vulnerable_version 0.23.10-1

Latest_non_vulnerable_version 0.23.10-1

Affected_by_vulnerabilities

Fixing_vulnerabilities

url VCID-3ngu-1qyq-5ub2

vulnerability_id VCID-3ngu-1qyq-5ub2

summary cmark-gfm: possible RCE due to integer overflow

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-24724.json

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-24724.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2022-24724

reference_id

reference_type

scores

value	0.04189
scoring_system	epss
scoring_elements	0.88895
published_at	2026-05-29T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2022-24724

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24724
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24724

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1006756
reference_id	1006756
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1006756

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1006757
reference_id	1006757
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1006757

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1006758
reference_id	1006758
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1006758

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1006759
reference_id	1006759
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1006759

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1006760
reference_id	1006760
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1006760

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2060662
reference_id	2060662
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2060662

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5CYUU662VO6CCXQKVZVOHXX3RGIF2DLQ/

reference_id

5CYUU662VO6CCXQKVZVOHXX3RGIF2DLQ

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

value	Track*
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-04-22T15:44:15Z/

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5CYUU662VO6CCXQKVZVOHXX3RGIF2DLQ/

reference_url

http://packetstormsecurity.com/files/166599/cmark-gfm-Integer-overflow.html

reference_id

cmark-gfm-Integer-overflow.html

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

value	Track*
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-04-22T15:44:15Z/

url

http://packetstormsecurity.com/files/166599/cmark-gfm-Integer-overflow.html

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/F7V3HAM5H6YFJG2QFEXACZR3XVWFTXTC/

reference_id

F7V3HAM5H6YFJG2QFEXACZR3XVWFTXTC

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

value	Track*
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-04-22T15:44:15Z/

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/F7V3HAM5H6YFJG2QFEXACZR3XVWFTXTC/

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KH4UQA6VWVZU5EW3HNEAB7D7BTCNJSJ2/

reference_id

KH4UQA6VWVZU5EW3HNEAB7D7BTCNJSJ2

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

value	Track*
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-04-22T15:44:15Z/

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KH4UQA6VWVZU5EW3HNEAB7D7BTCNJSJ2/

reference_url	https://access.redhat.com/errata/RHSA-2022:5597
reference_id	RHSA-2022:5597
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:5597

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RSKUOJ2VAYGTJXPDE2RRPMNLVVMKCI77/

reference_id

RSKUOJ2VAYGTJXPDE2RRPMNLVVMKCI77

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

value	Track*
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-04-22T15:44:15Z/

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RSKUOJ2VAYGTJXPDE2RRPMNLVVMKCI77/

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TJBFIJEHJZEEDG6MO4MQHZYKUXELH77O/

reference_id

TJBFIJEHJZEEDG6MO4MQHZYKUXELH77O

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

value	Track*
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-04-22T15:44:15Z/

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TJBFIJEHJZEEDG6MO4MQHZYKUXELH77O/

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Z55K6VNVKO2G5SNKRCQ2KDG5SKTX5PVV/

reference_id

Z55K6VNVKO2G5SNKRCQ2KDG5SKTX5PVV

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

value	Track*
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-04-22T15:44:15Z/

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Z55K6VNVKO2G5SNKRCQ2KDG5SKTX5PVV/

fixed_packages

url	pkg:deb/debian/ruby-commonmarker@0.23.4-1?distro=trixie
purl	pkg:deb/debian/ruby-commonmarker@0.23.4-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/ruby-commonmarker@0.23.4-1%3Fdistro=trixie

url pkg:deb/debian/ruby-commonmarker@0.23.6-1?distro=trixie

purl pkg:deb/debian/ruby-commonmarker@0.23.6-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2an8-zxae-hffk

vulnerability	VCID-3hpr-vga4-kucr

vulnerability	VCID-cr2f-h3ds-m7bp

vulnerability	VCID-fjt6-mbum-gkdh

vulnerability	VCID-g272-pad7-t7bp

vulnerability	VCID-rfcv-sua7-uke4

vulnerability	VCID-u5p8-6fkp-byap

vulnerability	VCID-vapm-4zu8-d7ba

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/ruby-commonmarker@0.23.6-1%3Fdistro=trixie

url	pkg:deb/debian/ruby-commonmarker@0.23.10-1?distro=trixie
purl	pkg:deb/debian/ruby-commonmarker@0.23.10-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/ruby-commonmarker@0.23.10-1%3Fdistro=trixie

aliases CVE-2022-24724

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-3ngu-1qyq-5ub2

url VCID-q8rv-ktdr-q7ep

vulnerability_id VCID-q8rv-ktdr-q7ep

summary commonmarker: integer overflow in cmark-gfm's table row parsing may lead to heap memory corruption

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-22051.json

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-22051.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2024-22051

reference_id

reference_type

scores

value	0.12055
scoring_system	epss
scoring_elements	0.93903
published_at	2026-05-29T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2024-22051

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-22051
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-22051

reference_url

https://github.com/github/cmark-gfm/security/advisories/GHSA-mc3g-88wq-6f4x

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-01-08T18:15:45Z/

url

https://github.com/github/cmark-gfm/security/advisories/GHSA-mc3g-88wq-6f4x

reference_url

https://github.com/gjtorikian/commonmarker

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/gjtorikian/commonmarker

reference_url

https://github.com/gjtorikian/commonmarker/commit/ab4504fd17460627a6ab255bc3c63e8e5fc6aed3

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-01-08T18:15:45Z/

url

https://github.com/gjtorikian/commonmarker/commit/ab4504fd17460627a6ab255bc3c63e8e5fc6aed3

reference_url

https://github.com/gjtorikian/commonmarker/security/advisories/GHSA-fmx4-26r3-wxpf

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3
scoring_elements

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	cvssv3.1_qr
scoring_elements

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-01-08T18:15:45Z/

url

https://github.com/gjtorikian/commonmarker/security/advisories/GHSA-fmx4-26r3-wxpf

reference_url

https://github.com/rubysec/ruby-advisory-db/blob/master/gems/commonmarker/CVE-2024-22051.yml

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/rubysec/ruby-advisory-db/blob/master/gems/commonmarker/CVE-2024-22051.yml

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2024-22051

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2024-22051

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2256887
reference_id	2256887
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2256887

fixed_packages

url	pkg:deb/debian/ruby-commonmarker@0.23.4-1?distro=trixie
purl	pkg:deb/debian/ruby-commonmarker@0.23.4-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/ruby-commonmarker@0.23.4-1%3Fdistro=trixie

url pkg:deb/debian/ruby-commonmarker@0.23.6-1?distro=trixie

purl pkg:deb/debian/ruby-commonmarker@0.23.6-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2an8-zxae-hffk

vulnerability	VCID-3hpr-vga4-kucr

vulnerability	VCID-cr2f-h3ds-m7bp

vulnerability	VCID-fjt6-mbum-gkdh

vulnerability	VCID-g272-pad7-t7bp

vulnerability	VCID-rfcv-sua7-uke4

vulnerability	VCID-u5p8-6fkp-byap

vulnerability	VCID-vapm-4zu8-d7ba

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/ruby-commonmarker@0.23.6-1%3Fdistro=trixie

url	pkg:deb/debian/ruby-commonmarker@0.23.10-1?distro=trixie
purl	pkg:deb/debian/ruby-commonmarker@0.23.10-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/ruby-commonmarker@0.23.10-1%3Fdistro=trixie

aliases CVE-2024-22051, GHSA-fmx4-26r3-wxpf, GMS-2022-240

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-q8rv-ktdr-q7ep

Risk_score null

Resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/ruby-commonmarker@0.23.4-1%3Fdistro=trixie

Package Instance