Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:alpm/archlinux/xpdf@4.01.01-1
Typealpm
Namespacearchlinux
Namexpdf
Version4.01.01-1
Qualifiers
Subpath
Is_vulnerablefalse
Next_non_vulnerable_version4.02-1
Latest_non_vulnerable_version4.04-1
Affected_by_vulnerabilities
Fixing_vulnerabilities
0
url VCID-bpmu-gg3s-buh5
vulnerability_id VCID-bpmu-gg3s-buh5
summary A large loop in JBIG2Stream::readSymbolDictSeg in xpdf 4.00 allows an attacker to cause denial of service via a specific file due to inappropriate decoding.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2018-7173
reference_id
reference_type
scores
0
value 0.00148
scoring_system epss
scoring_elements 0.35098
published_at 2026-04-24T12:55:00Z
1
value 0.00148
scoring_system epss
scoring_elements 0.35333
published_at 2026-04-21T12:55:00Z
2
value 0.00148
scoring_system epss
scoring_elements 0.35234
published_at 2026-04-01T12:55:00Z
3
value 0.00148
scoring_system epss
scoring_elements 0.35435
published_at 2026-04-02T12:55:00Z
4
value 0.00148
scoring_system epss
scoring_elements 0.35459
published_at 2026-04-04T12:55:00Z
5
value 0.00148
scoring_system epss
scoring_elements 0.35343
published_at 2026-04-07T12:55:00Z
6
value 0.00148
scoring_system epss
scoring_elements 0.35389
published_at 2026-04-08T12:55:00Z
7
value 0.00148
scoring_system epss
scoring_elements 0.35414
published_at 2026-04-09T12:55:00Z
8
value 0.00148
scoring_system epss
scoring_elements 0.35416
published_at 2026-04-11T12:55:00Z
9
value 0.00148
scoring_system epss
scoring_elements 0.35379
published_at 2026-04-12T12:55:00Z
10
value 0.00148
scoring_system epss
scoring_elements 0.35357
published_at 2026-04-13T12:55:00Z
11
value 0.00148
scoring_system epss
scoring_elements 0.35396
published_at 2026-04-16T12:55:00Z
12
value 0.00148
scoring_system epss
scoring_elements 0.35385
published_at 2026-04-18T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2018-7173
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-7173
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-7173
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 3.3
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://security.archlinux.org/AVG-640
reference_id AVG-640
reference_type
scores
0
value Low
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-640
fixed_packages
0
url pkg:alpm/archlinux/xpdf@4.01.01-1
purl pkg:alpm/archlinux/xpdf@4.01.01-1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/xpdf@4.01.01-1
aliases CVE-2018-7173
risk_score 1.4
exploitability 0.5
weighted_severity 2.7
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-bpmu-gg3s-buh5
1
url VCID-dgeq-w49g-eydx
vulnerability_id VCID-dgeq-w49g-eydx
summary A NULL pointer dereference in JPXStream::fillReadBuf in JPXStream.cc in xpdf 4.00 allows attackers to launch denial of service via a specific pdf file, as demonstrated by pdftohtml.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2018-7452
reference_id
reference_type
scores
0
value 0.00137
scoring_system epss
scoring_elements 0.33339
published_at 2026-04-24T12:55:00Z
1
value 0.00137
scoring_system epss
scoring_elements 0.33499
published_at 2026-04-21T12:55:00Z
2
value 0.00137
scoring_system epss
scoring_elements 0.33487
published_at 2026-04-01T12:55:00Z
3
value 0.00137
scoring_system epss
scoring_elements 0.33642
published_at 2026-04-02T12:55:00Z
4
value 0.00137
scoring_system epss
scoring_elements 0.33675
published_at 2026-04-04T12:55:00Z
5
value 0.00137
scoring_system epss
scoring_elements 0.33514
published_at 2026-04-07T12:55:00Z
6
value 0.00137
scoring_system epss
scoring_elements 0.33558
published_at 2026-04-08T12:55:00Z
7
value 0.00137
scoring_system epss
scoring_elements 0.33592
published_at 2026-04-09T12:55:00Z
8
value 0.00137
scoring_system epss
scoring_elements 0.33587
published_at 2026-04-11T12:55:00Z
9
value 0.00137
scoring_system epss
scoring_elements 0.33545
published_at 2026-04-12T12:55:00Z
10
value 0.00137
scoring_system epss
scoring_elements 0.33521
published_at 2026-04-13T12:55:00Z
11
value 0.00137
scoring_system epss
scoring_elements 0.33556
published_at 2026-04-16T12:55:00Z
12
value 0.00137
scoring_system epss
scoring_elements 0.33532
published_at 2026-04-18T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2018-7452
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-7452
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-7452
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 3.3
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://security.archlinux.org/AVG-640
reference_id AVG-640
reference_type
scores
0
value Low
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-640
fixed_packages
0
url pkg:alpm/archlinux/xpdf@4.01.01-1
purl pkg:alpm/archlinux/xpdf@4.01.01-1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/xpdf@4.01.01-1
aliases CVE-2018-7452
risk_score 1.4
exploitability 0.5
weighted_severity 2.7
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-dgeq-w49g-eydx
2
url VCID-eyyu-rn4g-p3gf
vulnerability_id VCID-eyyu-rn4g-p3gf
summary An out-of-bounds read in JPXStream::readTilePart in JPXStream.cc in xpdf 4.00 allows attackers to launch denial of service via a specific pdf file, as demonstrated by pdftohtml.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2018-7455
reference_id
reference_type
scores
0
value 0.00148
scoring_system epss
scoring_elements 0.35098
published_at 2026-04-24T12:55:00Z
1
value 0.00148
scoring_system epss
scoring_elements 0.35234
published_at 2026-04-01T12:55:00Z
2
value 0.00148
scoring_system epss
scoring_elements 0.35435
published_at 2026-04-02T12:55:00Z
3
value 0.00148
scoring_system epss
scoring_elements 0.35459
published_at 2026-04-04T12:55:00Z
4
value 0.00148
scoring_system epss
scoring_elements 0.35343
published_at 2026-04-07T12:55:00Z
5
value 0.00148
scoring_system epss
scoring_elements 0.35389
published_at 2026-04-08T12:55:00Z
6
value 0.00148
scoring_system epss
scoring_elements 0.35414
published_at 2026-04-09T12:55:00Z
7
value 0.00148
scoring_system epss
scoring_elements 0.35416
published_at 2026-04-11T12:55:00Z
8
value 0.00148
scoring_system epss
scoring_elements 0.35379
published_at 2026-04-12T12:55:00Z
9
value 0.00148
scoring_system epss
scoring_elements 0.35357
published_at 2026-04-13T12:55:00Z
10
value 0.00148
scoring_system epss
scoring_elements 0.35396
published_at 2026-04-16T12:55:00Z
11
value 0.00148
scoring_system epss
scoring_elements 0.35385
published_at 2026-04-18T12:55:00Z
12
value 0.00148
scoring_system epss
scoring_elements 0.35333
published_at 2026-04-21T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2018-7455
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-7455
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-7455
2
reference_url https://security.archlinux.org/AVG-640
reference_id AVG-640
reference_type
scores
0
value Low
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-640
fixed_packages
0
url pkg:alpm/archlinux/xpdf@4.01.01-1
purl pkg:alpm/archlinux/xpdf@4.01.01-1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/xpdf@4.01.01-1
aliases CVE-2018-7455
risk_score 1.4
exploitability 0.5
weighted_severity 2.7
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-eyyu-rn4g-p3gf
3
url VCID-fzqk-draz-2kad
vulnerability_id VCID-fzqk-draz-2kad
summary An issue was discovered in xpdf 4.00. An infinite loop in XRef::Xref allows an attacker to cause denial of service because loop detection exists only for tables, not streams.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2018-7174
reference_id
reference_type
scores
0
value 0.00177
scoring_system epss
scoring_elements 0.39029
published_at 2026-04-24T12:55:00Z
1
value 0.00177
scoring_system epss
scoring_elements 0.39244
published_at 2026-04-21T12:55:00Z
2
value 0.00177
scoring_system epss
scoring_elements 0.39157
published_at 2026-04-01T12:55:00Z
3
value 0.00177
scoring_system epss
scoring_elements 0.39344
published_at 2026-04-02T12:55:00Z
4
value 0.00177
scoring_system epss
scoring_elements 0.39367
published_at 2026-04-04T12:55:00Z
5
value 0.00177
scoring_system epss
scoring_elements 0.39281
published_at 2026-04-07T12:55:00Z
6
value 0.00177
scoring_system epss
scoring_elements 0.39336
published_at 2026-04-08T12:55:00Z
7
value 0.00177
scoring_system epss
scoring_elements 0.39353
published_at 2026-04-09T12:55:00Z
8
value 0.00177
scoring_system epss
scoring_elements 0.39365
published_at 2026-04-11T12:55:00Z
9
value 0.00177
scoring_system epss
scoring_elements 0.39325
published_at 2026-04-12T12:55:00Z
10
value 0.00177
scoring_system epss
scoring_elements 0.39307
published_at 2026-04-13T12:55:00Z
11
value 0.00177
scoring_system epss
scoring_elements 0.39359
published_at 2026-04-16T12:55:00Z
12
value 0.00177
scoring_system epss
scoring_elements 0.39331
published_at 2026-04-18T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2018-7174
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-7174
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-7174
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 3.3
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://security.archlinux.org/AVG-640
reference_id AVG-640
reference_type
scores
0
value Low
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-640
fixed_packages
0
url pkg:alpm/archlinux/xpdf@4.01.01-1
purl pkg:alpm/archlinux/xpdf@4.01.01-1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/xpdf@4.01.01-1
aliases CVE-2018-7174
risk_score 1.4
exploitability 0.5
weighted_severity 2.7
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-fzqk-draz-2kad
4
url VCID-vtzx-euz7-vygu
vulnerability_id VCID-vtzx-euz7-vygu
summary Multiple vulnerabilities have been found in Xpdf, the worst of which could result in denial of service.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2018-7453
reference_id
reference_type
scores
0
value 0.00444
scoring_system epss
scoring_elements 0.63418
published_at 2026-04-24T12:55:00Z
1
value 0.00444
scoring_system epss
scoring_elements 0.634
published_at 2026-04-21T12:55:00Z
2
value 0.00444
scoring_system epss
scoring_elements 0.63292
published_at 2026-04-01T12:55:00Z
3
value 0.00444
scoring_system epss
scoring_elements 0.63352
published_at 2026-04-02T12:55:00Z
4
value 0.00444
scoring_system epss
scoring_elements 0.6338
published_at 2026-04-04T12:55:00Z
5
value 0.00444
scoring_system epss
scoring_elements 0.63346
published_at 2026-04-07T12:55:00Z
6
value 0.00444
scoring_system epss
scoring_elements 0.63397
published_at 2026-04-08T12:55:00Z
7
value 0.00444
scoring_system epss
scoring_elements 0.63415
published_at 2026-04-12T12:55:00Z
8
value 0.00444
scoring_system epss
scoring_elements 0.63432
published_at 2026-04-11T12:55:00Z
9
value 0.00444
scoring_system epss
scoring_elements 0.63379
published_at 2026-04-13T12:55:00Z
10
value 0.00444
scoring_system epss
scoring_elements 0.63414
published_at 2026-04-16T12:55:00Z
11
value 0.00444
scoring_system epss
scoring_elements 0.63422
published_at 2026-04-18T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2018-7453
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-7453
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-7453
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 3.3
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://security.archlinux.org/AVG-640
reference_id AVG-640
reference_type
scores
0
value Low
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-640
4
reference_url https://security.gentoo.org/glsa/202409-25
reference_id GLSA-202409-25
reference_type
scores
url https://security.gentoo.org/glsa/202409-25
fixed_packages
0
url pkg:alpm/archlinux/xpdf@4.01.01-1
purl pkg:alpm/archlinux/xpdf@4.01.01-1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/xpdf@4.01.01-1
aliases CVE-2018-7453
risk_score 1.4
exploitability 0.5
weighted_severity 2.7
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-vtzx-euz7-vygu
5
url VCID-yguc-b2n2-3bha
vulnerability_id VCID-yguc-b2n2-3bha
summary An issue was discovered in xpdf 4.00. A NULL pointer dereference in readCodestream allows an attacker to cause denial of service via a JPX image with zero components.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2018-7175
reference_id
reference_type
scores
0
value 0.00177
scoring_system epss
scoring_elements 0.39029
published_at 2026-04-24T12:55:00Z
1
value 0.00177
scoring_system epss
scoring_elements 0.39244
published_at 2026-04-21T12:55:00Z
2
value 0.00177
scoring_system epss
scoring_elements 0.39157
published_at 2026-04-01T12:55:00Z
3
value 0.00177
scoring_system epss
scoring_elements 0.39344
published_at 2026-04-02T12:55:00Z
4
value 0.00177
scoring_system epss
scoring_elements 0.39367
published_at 2026-04-04T12:55:00Z
5
value 0.00177
scoring_system epss
scoring_elements 0.39281
published_at 2026-04-07T12:55:00Z
6
value 0.00177
scoring_system epss
scoring_elements 0.39336
published_at 2026-04-08T12:55:00Z
7
value 0.00177
scoring_system epss
scoring_elements 0.39353
published_at 2026-04-09T12:55:00Z
8
value 0.00177
scoring_system epss
scoring_elements 0.39365
published_at 2026-04-11T12:55:00Z
9
value 0.00177
scoring_system epss
scoring_elements 0.39325
published_at 2026-04-12T12:55:00Z
10
value 0.00177
scoring_system epss
scoring_elements 0.39307
published_at 2026-04-13T12:55:00Z
11
value 0.00177
scoring_system epss
scoring_elements 0.39359
published_at 2026-04-16T12:55:00Z
12
value 0.00177
scoring_system epss
scoring_elements 0.39331
published_at 2026-04-18T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2018-7175
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-7175
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-7175
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://security.archlinux.org/AVG-640
reference_id AVG-640
reference_type
scores
0
value Low
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-640
fixed_packages
0
url pkg:alpm/archlinux/xpdf@4.01.01-1
purl pkg:alpm/archlinux/xpdf@4.01.01-1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/xpdf@4.01.01-1
aliases CVE-2018-7175
risk_score 1.4
exploitability 0.5
weighted_severity 2.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-yguc-b2n2-3bha
6
url VCID-z7g1-26q1-sbfs
vulnerability_id VCID-z7g1-26q1-sbfs
summary A NULL pointer dereference in XFAForm::scanFields in XFAForm.cc in xpdf 4.00 allows attackers to launch denial of service via a specific pdf file, as demonstrated by pdftohtml.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2018-7454
reference_id
reference_type
scores
0
value 0.00148
scoring_system epss
scoring_elements 0.35098
published_at 2026-04-24T12:55:00Z
1
value 0.00148
scoring_system epss
scoring_elements 0.35333
published_at 2026-04-21T12:55:00Z
2
value 0.00148
scoring_system epss
scoring_elements 0.35234
published_at 2026-04-01T12:55:00Z
3
value 0.00148
scoring_system epss
scoring_elements 0.35435
published_at 2026-04-02T12:55:00Z
4
value 0.00148
scoring_system epss
scoring_elements 0.35459
published_at 2026-04-04T12:55:00Z
5
value 0.00148
scoring_system epss
scoring_elements 0.35343
published_at 2026-04-07T12:55:00Z
6
value 0.00148
scoring_system epss
scoring_elements 0.35389
published_at 2026-04-08T12:55:00Z
7
value 0.00148
scoring_system epss
scoring_elements 0.35414
published_at 2026-04-09T12:55:00Z
8
value 0.00148
scoring_system epss
scoring_elements 0.35416
published_at 2026-04-11T12:55:00Z
9
value 0.00148
scoring_system epss
scoring_elements 0.35379
published_at 2026-04-12T12:55:00Z
10
value 0.00148
scoring_system epss
scoring_elements 0.35357
published_at 2026-04-13T12:55:00Z
11
value 0.00148
scoring_system epss
scoring_elements 0.35396
published_at 2026-04-16T12:55:00Z
12
value 0.00148
scoring_system epss
scoring_elements 0.35385
published_at 2026-04-18T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2018-7454
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-7454
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-7454
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 3.3
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://security.archlinux.org/AVG-640
reference_id AVG-640
reference_type
scores
0
value Low
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-640
fixed_packages
0
url pkg:alpm/archlinux/xpdf@4.01.01-1
purl pkg:alpm/archlinux/xpdf@4.01.01-1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/xpdf@4.01.01-1
aliases CVE-2018-7454
risk_score 1.4
exploitability 0.5
weighted_severity 2.7
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-z7g1-26q1-sbfs
Risk_scorenull
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/xpdf@4.01.01-1