Django REST framework

Lookup for vulnerable packages by Package URL.

Purl pkg:rpm/redhat/netpbm@10.25-2.1.el4_7?arch=4

Type rpm

Namespace redhat

Name netpbm

Version 10.25-2.1.el4_7

Qualifiers

arch	4

Subpath

Is_vulnerable true

Next_non_vulnerable_version null

Latest_non_vulnerable_version null

Affected_by_vulnerabilities

url

VCID-egc9-qr22-n3bn

vulnerability_id

VCID-egc9-qr22-n3bn

summary

Multiple memory management errors in JasPer might lead to execution of
    arbitrary code via jpeg2k files.

references

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-3520.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-3520.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2008-3520

reference_id

reference_type

scores

value	0.02615
scoring_system	epss
scoring_elements	0.85981
published_at	2026-06-11T12:55:00Z

value	0.02615
scoring_system	epss
scoring_elements	0.86031
published_at	2026-06-12T12:55:00Z

value	0.02615
scoring_system	epss
scoring_elements	0.86042
published_at	2026-06-13T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2008-3520

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3520
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3520

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=461476
reference_id	461476
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=461476

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=559778
reference_id	559778
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=559778

reference_url

https://security.archlinux.org/AVG-99

reference_id

AVG-99

reference_type

scores

value	Critical
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-99

reference_url	https://security.gentoo.org/glsa/200812-18
reference_id	GLSA-200812-18
reference_type
scores
url	https://security.gentoo.org/glsa/200812-18

reference_url	https://access.redhat.com/errata/RHSA-2009:0012
reference_id	RHSA-2009:0012
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2009:0012

reference_url	https://access.redhat.com/errata/RHSA-2015:0698
reference_id	RHSA-2015:0698
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2015:0698

reference_url	https://usn.ubuntu.com/1317-1/
reference_id	USN-1317-1
reference_type
scores
url	https://usn.ubuntu.com/1317-1/

reference_url	https://usn.ubuntu.com/742-1/
reference_id	USN-742-1
reference_type
scores
url	https://usn.ubuntu.com/742-1/

fixed_packages

aliases

CVE-2008-3520

risk_score

4.5

exploitability

0.5

weighted_severity

9.0

resource_url

http://public2.vulnerablecode.io/vulnerabilities/VCID-egc9-qr22-n3bn

url

VCID-xuf6-d3jy-g7fy

vulnerability_id

VCID-xuf6-d3jy-g7fy

summary

The jpc_qcx_getcompparms function in jpc/jpc_cs.c for the JasPer JPEG-2000 library (libjasper) before 1.900 allows remote user-assisted attackers to cause a denial of service (crash) and possibly corrupt the heap via malformed image files, as originally demonstrated using imagemagick convert.

references

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-2721.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-2721.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2007-2721

reference_id

reference_type

scores

value	0.14345
scoring_system	epss
scoring_elements	0.94568
published_at	2026-06-11T12:55:00Z

value	0.14345
scoring_system	epss
scoring_elements	0.94586
published_at	2026-06-12T12:55:00Z

value	0.14345
scoring_system	epss
scoring_elements	0.94592
published_at	2026-06-13T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2007-2721

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2721
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2721

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=346501
reference_id	346501
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=346501

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=447188
reference_id	447188
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=447188

reference_url	https://access.redhat.com/errata/RHSA-2009:0012
reference_id	RHSA-2009:0012
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2009:0012

reference_url	https://usn.ubuntu.com/501-1/
reference_id	USN-501-1
reference_type
scores
url	https://usn.ubuntu.com/501-1/

reference_url	https://usn.ubuntu.com/501-2/
reference_id	USN-501-2
reference_type
scores
url	https://usn.ubuntu.com/501-2/

fixed_packages

aliases

CVE-2007-2721

risk_score

0.1

exploitability

0.5

weighted_severity

0.1

resource_url

http://public2.vulnerablecode.io/vulnerabilities/VCID-xuf6-d3jy-g7fy

Fixing_vulnerabilities

Risk_score 4.5

Resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/netpbm@10.25-2.1.el4_7%3Farch=4

Package Instance