Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:alpm/archlinux/cacti@1.1.17-1
Typealpm
Namespacearchlinux
Namecacti
Version1.1.17-1
Qualifiers
Subpath
Is_vulnerabletrue
Next_non_vulnerable_version1.1.28-1
Latest_non_vulnerable_version1.2.16-2
Affected_by_vulnerabilities
0
url VCID-q88b-smmh-77ga
vulnerability_id VCID-q88b-smmh-77ga
summary Cacti 1.1.27 allows remote authenticated administrators to conduct Remote Code Execution attacks by placing the Log Path under the web root, and then making a remote_agent.php request containing PHP code in a Client-ip header.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2017-16660
reference_id
reference_type
scores
0
value 0.01457
scoring_system epss
scoring_elements 0.80764
published_at 2026-04-01T12:55:00Z
1
value 0.01457
scoring_system epss
scoring_elements 0.80772
published_at 2026-04-02T12:55:00Z
2
value 0.01457
scoring_system epss
scoring_elements 0.80793
published_at 2026-04-04T12:55:00Z
3
value 0.01457
scoring_system epss
scoring_elements 0.8079
published_at 2026-04-07T12:55:00Z
4
value 0.01457
scoring_system epss
scoring_elements 0.80817
published_at 2026-04-08T12:55:00Z
5
value 0.01457
scoring_system epss
scoring_elements 0.80826
published_at 2026-04-09T12:55:00Z
6
value 0.02642
scoring_system epss
scoring_elements 0.85723
published_at 2026-04-11T12:55:00Z
7
value 0.02642
scoring_system epss
scoring_elements 0.8572
published_at 2026-04-12T12:55:00Z
8
value 0.02642
scoring_system epss
scoring_elements 0.85716
published_at 2026-04-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2017-16660
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-16660
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-16660
2
reference_url https://github.com/Cacti/cacti/issues/1066
reference_id
reference_type
scores
url https://github.com/Cacti/cacti/issues/1066
3
reference_url https://security.archlinux.org/ASA-201712-2
reference_id ASA-201712-2
reference_type
scores
url https://security.archlinux.org/ASA-201712-2
4
reference_url https://security.archlinux.org/AVG-537
reference_id AVG-537
reference_type
scores
0
value High
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-537
5
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:1.1.27:*:*:*:*:*:*:*
reference_id cpe:2.3:a:cacti:cacti:1.1.27:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:1.1.27:*:*:*:*:*:*:*
6
reference_url https://nvd.nist.gov/vuln/detail/CVE-2017-16660
reference_id CVE-2017-16660
reference_type
scores
0
value 9.0
scoring_system cvssv2
scoring_elements AV:N/AC:L/Au:S/C:C/I:C/A:C
1
value 7.2
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
url https://nvd.nist.gov/vuln/detail/CVE-2017-16660
fixed_packages
0
url pkg:alpm/archlinux/cacti@1.1.28-1
purl pkg:alpm/archlinux/cacti@1.1.28-1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/cacti@1.1.28-1
aliases CVE-2017-16660
risk_score 4.0
exploitability 0.5
weighted_severity 8.1
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-q88b-smmh-77ga
1
url VCID-qbvv-frc2-rqbk
vulnerability_id VCID-qbvv-frc2-rqbk
summary lib/rrd.php in Cacti 1.1.27 allows remote authenticated administrators to execute arbitrary OS commands via the path_rrdtool parameter in an action=save request to settings.php.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2017-16641
reference_id
reference_type
scores
0
value 0.00465
scoring_system epss
scoring_elements 0.64294
published_at 2026-04-01T12:55:00Z
1
value 0.00465
scoring_system epss
scoring_elements 0.64351
published_at 2026-04-02T12:55:00Z
2
value 0.00465
scoring_system epss
scoring_elements 0.6438
published_at 2026-04-04T12:55:00Z
3
value 0.00465
scoring_system epss
scoring_elements 0.64339
published_at 2026-04-07T12:55:00Z
4
value 0.00465
scoring_system epss
scoring_elements 0.64387
published_at 2026-04-08T12:55:00Z
5
value 0.00465
scoring_system epss
scoring_elements 0.64402
published_at 2026-04-09T12:55:00Z
6
value 0.0126
scoring_system epss
scoring_elements 0.79432
published_at 2026-04-11T12:55:00Z
7
value 0.0126
scoring_system epss
scoring_elements 0.79415
published_at 2026-04-12T12:55:00Z
8
value 0.0126
scoring_system epss
scoring_elements 0.79404
published_at 2026-04-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2017-16641
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-16641
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-16641
2
reference_url https://github.com/Cacti/cacti/issues/1057
reference_id
reference_type
scores
url https://github.com/Cacti/cacti/issues/1057
3
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=881110
reference_id 881110
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=881110
4
reference_url https://security.archlinux.org/ASA-201712-2
reference_id ASA-201712-2
reference_type
scores
url https://security.archlinux.org/ASA-201712-2
5
reference_url https://security.archlinux.org/AVG-537
reference_id AVG-537
reference_type
scores
0
value High
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-537
6
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:1.1.27:*:*:*:*:*:*:*
reference_id cpe:2.3:a:cacti:cacti:1.1.27:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:1.1.27:*:*:*:*:*:*:*
7
reference_url https://nvd.nist.gov/vuln/detail/CVE-2017-16641
reference_id CVE-2017-16641
reference_type
scores
0
value 9.0
scoring_system cvssv2
scoring_elements AV:N/AC:L/Au:S/C:C/I:C/A:C
1
value 7.2
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
url https://nvd.nist.gov/vuln/detail/CVE-2017-16641
fixed_packages
0
url pkg:alpm/archlinux/cacti@1.1.28-1
purl pkg:alpm/archlinux/cacti@1.1.28-1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/cacti@1.1.28-1
aliases CVE-2017-16641
risk_score 4.0
exploitability 0.5
weighted_severity 8.1
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-qbvv-frc2-rqbk
2
url VCID-x1fg-6mq4-d7ds
vulnerability_id VCID-x1fg-6mq4-d7ds
summary Cacti 1.1.27 allows remote authenticated administrators to read arbitrary files by placing the Log Path into a private directory, and then making a clog.php?filename= request, as demonstrated by filename=passwd (with a Log Path under /etc) to read /etc/passwd.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2017-16661
reference_id
reference_type
scores
0
value 0.00112
scoring_system epss
scoring_elements 0.29806
published_at 2026-04-11T12:55:00Z
1
value 0.00112
scoring_system epss
scoring_elements 0.29711
published_at 2026-04-13T12:55:00Z
2
value 0.00112
scoring_system epss
scoring_elements 0.29761
published_at 2026-04-12T12:55:00Z
3
value 0.00181
scoring_system epss
scoring_elements 0.39665
published_at 2026-04-01T12:55:00Z
4
value 0.00181
scoring_system epss
scoring_elements 0.39812
published_at 2026-04-08T12:55:00Z
5
value 0.00181
scoring_system epss
scoring_elements 0.39827
published_at 2026-04-09T12:55:00Z
6
value 0.00181
scoring_system epss
scoring_elements 0.39757
published_at 2026-04-07T12:55:00Z
7
value 0.00181
scoring_system epss
scoring_elements 0.39814
published_at 2026-04-02T12:55:00Z
8
value 0.00181
scoring_system epss
scoring_elements 0.39837
published_at 2026-04-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2017-16661
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-16661
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-16661
2
reference_url https://github.com/Cacti/cacti/issues/1066
reference_id
reference_type
scores
url https://github.com/Cacti/cacti/issues/1066
3
reference_url https://security.archlinux.org/ASA-201712-2
reference_id ASA-201712-2
reference_type
scores
url https://security.archlinux.org/ASA-201712-2
4
reference_url https://security.archlinux.org/AVG-537
reference_id AVG-537
reference_type
scores
0
value High
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-537
5
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:1.1.27:*:*:*:*:*:*:*
reference_id cpe:2.3:a:cacti:cacti:1.1.27:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:1.1.27:*:*:*:*:*:*:*
6
reference_url https://nvd.nist.gov/vuln/detail/CVE-2017-16661
reference_id CVE-2017-16661
reference_type
scores
0
value 4.0
scoring_system cvssv2
scoring_elements AV:N/AC:L/Au:S/C:P/I:N/A:N
1
value 4.9
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
url https://nvd.nist.gov/vuln/detail/CVE-2017-16661
fixed_packages
0
url pkg:alpm/archlinux/cacti@1.1.28-1
purl pkg:alpm/archlinux/cacti@1.1.28-1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/cacti@1.1.28-1
aliases CVE-2017-16661
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-x1fg-6mq4-d7ds
3
url VCID-yjny-ubdp-7few
vulnerability_id VCID-yjny-ubdp-7few
summary Cacti 1.1.27 has reflected XSS via the PATH_INFO to host.php.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2017-16785
reference_id
reference_type
scores
0
value 0.00182
scoring_system epss
scoring_elements 0.40045
published_at 2026-04-11T12:55:00Z
1
value 0.00182
scoring_system epss
scoring_elements 0.39988
published_at 2026-04-13T12:55:00Z
2
value 0.00182
scoring_system epss
scoring_elements 0.40008
published_at 2026-04-12T12:55:00Z
3
value 0.00196
scoring_system epss
scoring_elements 0.41485
published_at 2026-04-01T12:55:00Z
4
value 0.00196
scoring_system epss
scoring_elements 0.4158
published_at 2026-04-08T12:55:00Z
5
value 0.00196
scoring_system epss
scoring_elements 0.41589
published_at 2026-04-09T12:55:00Z
6
value 0.00196
scoring_system epss
scoring_elements 0.4153
published_at 2026-04-07T12:55:00Z
7
value 0.00196
scoring_system epss
scoring_elements 0.41574
published_at 2026-04-02T12:55:00Z
8
value 0.00196
scoring_system epss
scoring_elements 0.41603
published_at 2026-04-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2017-16785
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-16785
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-16785
2
reference_url https://github.com/Cacti/cacti/issues/1071
reference_id
reference_type
scores
url https://github.com/Cacti/cacti/issues/1071
3
reference_url http://www.securitytracker.com/id/1039774
reference_id
reference_type
scores
url http://www.securitytracker.com/id/1039774
4
reference_url https://security.archlinux.org/ASA-201712-2
reference_id ASA-201712-2
reference_type
scores
url https://security.archlinux.org/ASA-201712-2
5
reference_url https://security.archlinux.org/AVG-537
reference_id AVG-537
reference_type
scores
0
value High
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-537
6
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:1.1.27:*:*:*:*:*:*:*
reference_id cpe:2.3:a:cacti:cacti:1.1.27:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:1.1.27:*:*:*:*:*:*:*
7
reference_url https://nvd.nist.gov/vuln/detail/CVE-2017-16785
reference_id CVE-2017-16785
reference_type
scores
0
value 4.3
scoring_system cvssv2
scoring_elements AV:N/AC:M/Au:N/C:N/I:P/A:N
1
value 6.1
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
url https://nvd.nist.gov/vuln/detail/CVE-2017-16785
fixed_packages
0
url pkg:alpm/archlinux/cacti@1.1.28-1
purl pkg:alpm/archlinux/cacti@1.1.28-1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/cacti@1.1.28-1
aliases CVE-2017-16785
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-yjny-ubdp-7few
Fixing_vulnerabilities
Risk_score4.0
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/cacti@1.1.17-1