Django REST framework

Lookup for vulnerable packages by Package URL.

Purl pkg:nginx/nginx@0.8.21?os=windows

Type nginx

Namespace

Name nginx

Version 0.8.21

Qualifiers

os	windows

Subpath

Is_vulnerable true

Next_non_vulnerable_version 0.8.41

Latest_non_vulnerable_version 1.3.1

Affected_by_vulnerabilities

url VCID-s17r-s5bb-jbdh

vulnerability_id VCID-s17r-s5bb-jbdh

summary Vulnerabilities with Windows 8.3 filename pseudonyms

references

fixed_packages

url pkg:nginx/nginx@0.8.33?os=windows

purl pkg:nginx/nginx@0.8.33?os=windows

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-tx6d-uxzp-cuc4

vulnerability	VCID-w5q8-zw8t-t3he

resource_url http://public2.vulnerablecode.io/packages/pkg:nginx/nginx@0.8.33%3Fos=windows

aliases CORE-2010-0121

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-s17r-s5bb-jbdh

url VCID-tx6d-uxzp-cuc4

vulnerability_id VCID-tx6d-uxzp-cuc4

summary nginx 0.8.36 allows remote attackers to cause a denial of service (crash) via certain encoded directory traversal sequences that trigger memory corruption, as demonstrated using the "%c0.%c0." sequence.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2010-2266

reference_id

reference_type

scores

value	0.07262
scoring_system	epss
scoring_elements	0.91753
published_at	2026-05-29T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2010-2266

reference_url	https://nvd.nist.gov/vuln/detail/CVE-2010-2266
reference_id	CVE-2010-2266
reference_type
scores
url	https://nvd.nist.gov/vuln/detail/CVE-2010-2266

fixed_packages

url	pkg:nginx/nginx@0.8.41?os=windows
purl	pkg:nginx/nginx@0.8.41?os=windows
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:nginx/nginx@0.8.41%3Fos=windows

aliases CVE-2010-2266

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-tx6d-uxzp-cuc4

url VCID-w5q8-zw8t-t3he

vulnerability_id VCID-w5q8-zw8t-t3he

summary nginx 0.8 before 0.8.40 and 0.7 before 0.7.66, when running on Windows, allows remote attackers to obtain source code or unparsed content of arbitrary files under the web document root by appending ::$DATA to the URI.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2010-2263

reference_id

reference_type

scores

value	0.44217
scoring_system	epss
scoring_elements	0.97609
published_at	2026-05-29T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2010-2263

reference_url	https://nvd.nist.gov/vuln/detail/CVE-2010-2263
reference_id	CVE-2010-2263
reference_type
scores
url	https://nvd.nist.gov/vuln/detail/CVE-2010-2263

reference_url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/remote/13822.txt
reference_id	CVE-2010-2263;OSVDB-65531
reference_type	exploit
scores
url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/remote/13822.txt

reference_url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/remote/13818.txt
reference_id	CVE-2010-2266;CVE-2010-2263;OSVDB-65531;OSVDB-65530
reference_type	exploit
scores
url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/remote/13818.txt

fixed_packages

url pkg:nginx/nginx@0.8.40?os=windows

purl pkg:nginx/nginx@0.8.40?os=windows

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-tx6d-uxzp-cuc4

resource_url http://public2.vulnerablecode.io/packages/pkg:nginx/nginx@0.8.40%3Fos=windows

aliases CVE-2010-2263

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-w5q8-zw8t-t3he

Fixing_vulnerabilities

Risk_score null

Resource_url http://public2.vulnerablecode.io/packages/pkg:nginx/nginx@0.8.21%3Fos=windows

Package Instance