Django REST framework

Lookup for vulnerable packages by Package URL.

Purl pkg:apk/alpine/shadow@4.2.1-r7?arch=aarch64&distroversion=v3.5&reponame=community

Type apk

Namespace alpine

Name shadow

Version 4.2.1-r7

Qualifiers

arch	aarch64
distroversion	v3.5
reponame	community

Subpath

Is_vulnerable false

Next_non_vulnerable_version null

Latest_non_vulnerable_version null

Affected_by_vulnerabilities

Fixing_vulnerabilities

url VCID-a5ny-vcsw-uqh1

vulnerability_id VCID-a5ny-vcsw-uqh1

summary

Multiple vulnerabilities have been found in Shadow, the worst of
    which might allow privilege escalation.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-2616.json

reference_id

reference_type

scores

value	5.5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-2616.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2017-2616

reference_id

reference_type

scores

value	0.00062
scoring_system	epss
scoring_elements	0.19196
published_at	2026-04-18T12:55:00Z

value	0.00062
scoring_system	epss
scoring_elements	0.19295
published_at	2026-04-01T12:55:00Z

value	0.00062
scoring_system	epss
scoring_elements	0.19429
published_at	2026-04-02T12:55:00Z

value	0.00062
scoring_system	epss
scoring_elements	0.19477
published_at	2026-04-04T12:55:00Z

value	0.00062
scoring_system	epss
scoring_elements	0.19195
published_at	2026-04-07T12:55:00Z

value	0.00062
scoring_system	epss
scoring_elements	0.19273
published_at	2026-04-08T12:55:00Z

value	0.00062
scoring_system	epss
scoring_elements	0.19325
published_at	2026-04-09T12:55:00Z

value	0.00062
scoring_system	epss
scoring_elements	0.1933
published_at	2026-04-11T12:55:00Z

value	0.00062
scoring_system	epss
scoring_elements	0.19282
published_at	2026-04-12T12:55:00Z

value	0.00062
scoring_system	epss
scoring_elements	0.19227
published_at	2026-04-13T12:55:00Z

value	0.00062
scoring_system	epss
scoring_elements	0.19187
published_at	2026-04-16T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2017-2616

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6252
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6252

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-2616
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-2616

reference_url

http://www.securitytracker.com/id/1038271

reference_id

1038271

reference_type

scores

value	5.5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-09T15:37:36Z/

url

http://www.securitytracker.com/id/1038271

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1418710
reference_id	1418710
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1418710

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=855943
reference_id	855943
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=855943

reference_url

http://www.securityfocus.com/bid/96404

reference_id

96404

reference_type

scores

value	5.5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-09T15:37:36Z/

url

http://www.securityfocus.com/bid/96404

reference_url

https://github.com/karelzak/util-linux/commit/dffab154d29a288aa171ff50263ecc8f2e14a891

reference_id

dffab154d29a288aa171ff50263ecc8f2e14a891

reference_type

scores

value	5.5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-09T15:37:36Z/

url

https://github.com/karelzak/util-linux/commit/dffab154d29a288aa171ff50263ecc8f2e14a891

reference_url

https://www.debian.org/security/2017/dsa-3793

reference_id

dsa-3793

reference_type

scores

value	5.5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-09T15:37:36Z/

url

https://www.debian.org/security/2017/dsa-3793

reference_url

https://security.gentoo.org/glsa/201706-02

reference_id

GLSA-201706-02

reference_type

scores

value	5.5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-09T15:37:36Z/

url

https://security.gentoo.org/glsa/201706-02

reference_url	https://access.redhat.com/errata/RHSA-2017:0654
reference_id	RHSA-2017:0654
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2017:0654

reference_url

http://rhn.redhat.com/errata/RHSA-2017-0654.html

reference_id

RHSA-2017-0654.html

reference_type

scores

value	5.5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-09T15:37:36Z/

url

http://rhn.redhat.com/errata/RHSA-2017-0654.html

reference_url

https://access.redhat.com/errata/RHSA-2017:0907

reference_id

RHSA-2017:0907

reference_type

scores

value	5.5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-09T15:37:36Z/

url

https://access.redhat.com/errata/RHSA-2017:0907

reference_url

https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-2616

reference_id

show_bug.cgi?id=CVE-2017-2616

reference_type

scores

value	5.5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-09T15:37:36Z/

url

https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-2616

reference_url	https://usn.ubuntu.com/3276-1/
reference_id	USN-3276-1
reference_type
scores
url	https://usn.ubuntu.com/3276-1/

reference_url	https://usn.ubuntu.com/3276-3/
reference_id	USN-3276-3
reference_type
scores
url	https://usn.ubuntu.com/3276-3/

fixed_packages

url	pkg:apk/alpine/shadow@4.2.1-r7?arch=aarch64&distroversion=v3.5&reponame=community
purl	pkg:apk/alpine/shadow@4.2.1-r7?arch=aarch64&distroversion=v3.5&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/shadow@4.2.1-r7%3Farch=aarch64&distroversion=v3.5&reponame=community

aliases (+, CVE-2017-2616, fix), regression

risk_score 2.5

exploitability 0.5

weighted_severity 5.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-a5ny-vcsw-uqh1

url VCID-ueu4-n6bt-xfat

vulnerability_id VCID-ueu4-n6bt-xfat

summary

Multiple vulnerabilities have been found in Shadow, the worst of
    which might allow privilege escalation.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-6252.json

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-6252.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2016-6252

reference_id

reference_type

scores

value	0.00103
scoring_system	epss
scoring_elements	0.28229
published_at	2026-04-01T12:55:00Z

value	0.00103
scoring_system	epss
scoring_elements	0.28142
published_at	2026-04-18T12:55:00Z

value	0.00103
scoring_system	epss
scoring_elements	0.28148
published_at	2026-04-13T12:55:00Z

value	0.00103
scoring_system	epss
scoring_elements	0.28161
published_at	2026-04-16T12:55:00Z

value	0.00103
scoring_system	epss
scoring_elements	0.28299
published_at	2026-04-02T12:55:00Z

value	0.00103
scoring_system	epss
scoring_elements	0.28343
published_at	2026-04-04T12:55:00Z

value	0.00103
scoring_system	epss
scoring_elements	0.28134
published_at	2026-04-07T12:55:00Z

value	0.00103
scoring_system	epss
scoring_elements	0.282
published_at	2026-04-08T12:55:00Z

value	0.00103
scoring_system	epss
scoring_elements	0.28243
published_at	2026-04-09T12:55:00Z

value	0.00103
scoring_system	epss
scoring_elements	0.28249
published_at	2026-04-11T12:55:00Z

value	0.00103
scoring_system	epss
scoring_elements	0.28206
published_at	2026-04-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2016-6252

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6252
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6252

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-2616
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-2616

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	4.1
scoring_system	cvssv2
scoring_elements	AV:L/AC:M/Au:S/C:P/I:P/A:P

value	7.8
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1358625
reference_id	1358625
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1358625

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=832170
reference_id	832170
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=832170

reference_url	https://security.gentoo.org/glsa/201706-02
reference_id	GLSA-201706-02
reference_type
scores
url	https://security.gentoo.org/glsa/201706-02

reference_url	https://usn.ubuntu.com/3276-1/
reference_id	USN-3276-1
reference_type
scores
url	https://usn.ubuntu.com/3276-1/

fixed_packages

url	pkg:apk/alpine/shadow@4.2.1-r7?arch=aarch64&distroversion=v3.5&reponame=community
purl	pkg:apk/alpine/shadow@4.2.1-r7?arch=aarch64&distroversion=v3.5&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/shadow@4.2.1-r7%3Farch=aarch64&distroversion=v3.5&reponame=community

aliases CVE-2016-6252

risk_score 2.4

exploitability 0.5

weighted_severity 4.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ueu4-n6bt-xfat

Risk_score null

Resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/shadow@4.2.1-r7%3Farch=aarch64&distroversion=v3.5&reponame=community

Package Instance