Django REST framework

Lookup for vulnerable packages by Package URL.

Purl pkg:nuget/JQ.NET@1.0.1

Type nuget

Namespace

Name JQ.NET

Version 1.0.1

Qualifiers

Subpath

Is_vulnerable true

Next_non_vulnerable_version null

Latest_non_vulnerable_version null

Affected_by_vulnerabilities

url

VCID-c4mu-phy2-sudx

vulnerability_id

VCID-c4mu-phy2-sudx

summary

references

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-4074.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-4074.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2016-4074

reference_id

reference_type

scores

value	0.0148
scoring_system	epss
scoring_elements	0.81401
published_at	2026-06-11T12:55:00Z

value	0.0148
scoring_system	epss
scoring_elements	0.81461
published_at	2026-06-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2016-4074

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4074
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4074

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	2.6
scoring_system	cvssv2
scoring_elements	AV:N/AC:H/Au:N/C:N/I:N/A:P

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://github.com/hashicorp/consul/issues/10263
reference_id
reference_type
scores
url	https://github.com/hashicorp/consul/issues/10263

reference_url	https://github.com/NixOS/nixpkgs/pull/18908
reference_id
reference_type
scores
url	https://github.com/NixOS/nixpkgs/pull/18908

reference_url	https://github.com/stedolan/jq/
reference_id
reference_type
scores
url	https://github.com/stedolan/jq/

reference_url	https://github.com/stedolan/jq/issues/1136
reference_id
reference_type
scores
url	https://github.com/stedolan/jq/issues/1136

reference_url	http://www.openwall.com/lists/oss-security/2016/04/24/3
reference_id
reference_type
scores
url	http://www.openwall.com/lists/oss-security/2016/04/24/3

reference_url	http://www.openwall.com/lists/oss-security/2016/04/24/4
reference_id
reference_type
scores
url	http://www.openwall.com/lists/oss-security/2016/04/24/4

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1329982
reference_id	1329982
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1329982

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=822456
reference_id	822456
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=822456

reference_url	https://nvd.nist.gov/vuln/detail/CVE-2016-4074
reference_id	CVE-2016-4074
reference_type
scores
url	https://nvd.nist.gov/vuln/detail/CVE-2016-4074

reference_url	https://usn.ubuntu.com/USN-4787-1/
reference_id	USN-USN-4787-1
reference_type
scores
url	https://usn.ubuntu.com/USN-4787-1/

fixed_packages

aliases

CVE-2016-4074

risk_score

0.7

exploitability

0.5

weighted_severity

1.3

resource_url

http://public2.vulnerablecode.io/vulnerabilities/VCID-c4mu-phy2-sudx

url

VCID-fq9t-9934-e7e3

vulnerability_id

VCID-fq9t-9934-e7e3

summary

A buffer overflow in jq might allow remote attackers to execute
    arbitrary code.

references

reference_url	http://lists.opensuse.org/opensuse-updates/2016-05/msg00012.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-updates/2016-05/msg00012.html

reference_url	http://lists.opensuse.org/opensuse-updates/2016-05/msg00014.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-updates/2016-05/msg00014.html

reference_url	http://rhn.redhat.com/errata/RHSA-2016-1098.html
reference_id
reference_type
scores
url	http://rhn.redhat.com/errata/RHSA-2016-1098.html

reference_url	http://rhn.redhat.com/errata/RHSA-2016-1099.html
reference_id
reference_type
scores
url	http://rhn.redhat.com/errata/RHSA-2016-1099.html

reference_url	http://rhn.redhat.com/errata/RHSA-2016-1106.html
reference_id
reference_type
scores
url	http://rhn.redhat.com/errata/RHSA-2016-1106.html

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8863.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8863.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2015-8863

reference_id

reference_type

scores

value	0.10165
scoring_system	epss
scoring_elements	0.9328
published_at	2026-06-11T12:55:00Z

value	0.10165
scoring_system	epss
scoring_elements	0.93302
published_at	2026-06-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2015-8863

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8863
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8863

reference_url	https://github.com/stedolan/jq/commit/8eb1367ca44e772963e704a700ef72ae2e12babd
reference_id
reference_type
scores
url	https://github.com/stedolan/jq/commit/8eb1367ca44e772963e704a700ef72ae2e12babd

reference_url	https://github.com/stedolan/jq/issues/995
reference_id
reference_type
scores
url	https://github.com/stedolan/jq/issues/995

reference_url	http://www.openwall.com/lists/oss-security/2016/04/23/1
reference_id
reference_type
scores
url	http://www.openwall.com/lists/oss-security/2016/04/23/1

reference_url	http://www.openwall.com/lists/oss-security/2016/04/23/2
reference_id
reference_type
scores
url	http://www.openwall.com/lists/oss-security/2016/04/23/2

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1328747
reference_id	1328747
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1328747

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=802231
reference_id	802231
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=802231

reference_url	https://nvd.nist.gov/vuln/detail/CVE-2015-8863
reference_id	CVE-2015-8863
reference_type
scores
url	https://nvd.nist.gov/vuln/detail/CVE-2015-8863

reference_url	https://security.gentoo.org/glsa/201612-20
reference_id	GLSA-201612-20
reference_type
scores
url	https://security.gentoo.org/glsa/201612-20

reference_url	https://access.redhat.com/errata/RHSA-2016:1098
reference_id	RHSA-2016:1098
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:1098

reference_url	https://access.redhat.com/errata/RHSA-2016:1099
reference_id	RHSA-2016:1099
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:1099

reference_url	https://access.redhat.com/errata/RHSA-2016:1106
reference_id	RHSA-2016:1106
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:1106

fixed_packages

aliases

CVE-2015-8863

risk_score

0.1

exploitability

0.5

weighted_severity

0.1

resource_url

http://public2.vulnerablecode.io/vulnerabilities/VCID-fq9t-9934-e7e3

Fixing_vulnerabilities

Risk_score 0.7

Resource_url http://public2.vulnerablecode.io/packages/pkg:nuget/JQ.NET@1.0.1

Package Instance