Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:apk/alpine/go@1.24.4-r0?arch=x86_64&distroversion=v3.23&reponame=community
Typeapk
Namespacealpine
Namego
Version1.24.4-r0
Qualifiers
arch x86_64
distroversion v3.23
reponame community
Subpath
Is_vulnerablefalse
Next_non_vulnerable_version1.24.5-r0
Latest_non_vulnerable_version1.25.9-r0
Affected_by_vulnerabilities
Fixing_vulnerabilities
0
url VCID-7ym3-nkc7-93dw
vulnerability_id VCID-7ym3-nkc7-93dw
summary net/http: Sensitive headers not cleared on cross-origin redirect in net/http
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-4673.json
reference_id
reference_type
scores
0
value 6.8
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:N/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-4673.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-4673
reference_id
reference_type
scores
0
value 0.00021
scoring_system epss
scoring_elements 0.05503
published_at 2026-04-02T12:55:00Z
1
value 0.00021
scoring_system epss
scoring_elements 0.05537
published_at 2026-04-04T12:55:00Z
2
value 0.00074
scoring_system epss
scoring_elements 0.22425
published_at 2026-04-21T12:55:00Z
3
value 0.00074
scoring_system epss
scoring_elements 0.22405
published_at 2026-04-07T12:55:00Z
4
value 0.00074
scoring_system epss
scoring_elements 0.22486
published_at 2026-04-08T12:55:00Z
5
value 0.00074
scoring_system epss
scoring_elements 0.22541
published_at 2026-04-09T12:55:00Z
6
value 0.00074
scoring_system epss
scoring_elements 0.22559
published_at 2026-04-11T12:55:00Z
7
value 0.00074
scoring_system epss
scoring_elements 0.22518
published_at 2026-04-12T12:55:00Z
8
value 0.00074
scoring_system epss
scoring_elements 0.22463
published_at 2026-04-13T12:55:00Z
9
value 0.00074
scoring_system epss
scoring_elements 0.22478
published_at 2026-04-16T12:55:00Z
10
value 0.00074
scoring_system epss
scoring_elements 0.22475
published_at 2026-04-18T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-4673
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-4673
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-4673
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:N/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1107364
reference_id 1107364
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1107364
5
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2373305
reference_id 2373305
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2373305
6
reference_url https://go.dev/cl/679257
reference_id 679257
reference_type
scores
0
value 6.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-11T17:59:02Z/
url https://go.dev/cl/679257
7
reference_url https://go.dev/issue/73816
reference_id 73816
reference_type
scores
0
value 6.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-11T17:59:02Z/
url https://go.dev/issue/73816
8
reference_url https://security.archlinux.org/ASA-202506-4
reference_id ASA-202506-4
reference_type
scores
url https://security.archlinux.org/ASA-202506-4
9
reference_url https://security.archlinux.org/AVG-2896
reference_id AVG-2896
reference_type
scores
0
value Medium
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-2896
10
reference_url https://pkg.go.dev/vuln/GO-2025-3751
reference_id GO-2025-3751
reference_type
scores
0
value 6.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-11T17:59:02Z/
url https://pkg.go.dev/vuln/GO-2025-3751
11
reference_url https://access.redhat.com/errata/RHSA-2025:10672
reference_id RHSA-2025:10672
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:10672
12
reference_url https://access.redhat.com/errata/RHSA-2025:10676
reference_id RHSA-2025:10676
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:10676
13
reference_url https://access.redhat.com/errata/RHSA-2025:10677
reference_id RHSA-2025:10677
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:10677
14
reference_url https://access.redhat.com/errata/RHSA-2025:10735
reference_id RHSA-2025:10735
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:10735
15
reference_url https://access.redhat.com/errata/RHSA-2025:10823
reference_id RHSA-2025:10823
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:10823
16
reference_url https://access.redhat.com/errata/RHSA-2025:15406
reference_id RHSA-2025:15406
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:15406
17
reference_url https://access.redhat.com/errata/RHSA-2025:15887
reference_id RHSA-2025:15887
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:15887
18
reference_url https://access.redhat.com/errata/RHSA-2025:16432
reference_id RHSA-2025:16432
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:16432
19
reference_url https://groups.google.com/g/golang-announce/c/ufZ8WpEsA3A
reference_id ufZ8WpEsA3A
reference_type
scores
0
value 6.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-11T17:59:02Z/
url https://groups.google.com/g/golang-announce/c/ufZ8WpEsA3A
20
reference_url https://usn.ubuntu.com/7574-1/
reference_id USN-7574-1
reference_type
scores
url https://usn.ubuntu.com/7574-1/
fixed_packages
0
url pkg:apk/alpine/go@1.24.4-r0?arch=x86_64&distroversion=v3.23&reponame=community
purl pkg:apk/alpine/go@1.24.4-r0?arch=x86_64&distroversion=v3.23&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/go@1.24.4-r0%3Farch=x86_64&distroversion=v3.23&reponame=community
aliases CVE-2025-4673
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-7ym3-nkc7-93dw
1
url VCID-jsz8-cdt5-27f6
vulnerability_id VCID-jsz8-cdt5-27f6
summary crypto/x509: Usage of ExtKeyUsageAny disables policy validation in crypto/x509
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-22874.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-22874.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-22874
reference_id
reference_type
scores
0
value 0.00025
scoring_system epss
scoring_elements 0.06899
published_at 2026-04-02T12:55:00Z
1
value 0.00025
scoring_system epss
scoring_elements 0.06949
published_at 2026-04-04T12:55:00Z
2
value 0.00076
scoring_system epss
scoring_elements 0.22701
published_at 2026-04-21T12:55:00Z
3
value 0.00076
scoring_system epss
scoring_elements 0.22676
published_at 2026-04-07T12:55:00Z
4
value 0.00076
scoring_system epss
scoring_elements 0.22752
published_at 2026-04-08T12:55:00Z
5
value 0.00076
scoring_system epss
scoring_elements 0.22803
published_at 2026-04-09T12:55:00Z
6
value 0.00076
scoring_system epss
scoring_elements 0.22825
published_at 2026-04-11T12:55:00Z
7
value 0.00076
scoring_system epss
scoring_elements 0.22787
published_at 2026-04-12T12:55:00Z
8
value 0.00076
scoring_system epss
scoring_elements 0.22731
published_at 2026-04-13T12:55:00Z
9
value 0.00076
scoring_system epss
scoring_elements 0.22747
published_at 2026-04-16T12:55:00Z
10
value 0.00076
scoring_system epss
scoring_elements 0.22742
published_at 2026-04-18T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-22874
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1107364
reference_id 1107364
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1107364
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2372320
reference_id 2372320
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2372320
5
reference_url https://go.dev/cl/670375
reference_id 670375
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-11T17:45:40Z/
url https://go.dev/cl/670375
6
reference_url https://go.dev/issue/73612
reference_id 73612
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-11T17:45:40Z/
url https://go.dev/issue/73612
7
reference_url https://security.archlinux.org/ASA-202506-4
reference_id ASA-202506-4
reference_type
scores
url https://security.archlinux.org/ASA-202506-4
8
reference_url https://security.archlinux.org/AVG-2896
reference_id AVG-2896
reference_type
scores
0
value Medium
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-2896
9
reference_url https://pkg.go.dev/vuln/GO-2025-3749
reference_id GO-2025-3749
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-11T17:45:40Z/
url https://pkg.go.dev/vuln/GO-2025-3749
10
reference_url https://access.redhat.com/errata/RHSA-2025:10676
reference_id RHSA-2025:10676
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:10676
11
reference_url https://access.redhat.com/errata/RHSA-2025:10677
reference_id RHSA-2025:10677
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:10677
12
reference_url https://access.redhat.com/errata/RHSA-2025:13931
reference_id RHSA-2025:13931
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:13931
13
reference_url https://access.redhat.com/errata/RHSA-2025:13932
reference_id RHSA-2025:13932
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:13932
14
reference_url https://access.redhat.com/errata/RHSA-2025:14470
reference_id RHSA-2025:14470
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:14470
15
reference_url https://access.redhat.com/errata/RHSA-2025:14472
reference_id RHSA-2025:14472
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:14472
16
reference_url https://access.redhat.com/errata/RHSA-2025:14473
reference_id RHSA-2025:14473
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:14473
17
reference_url https://access.redhat.com/errata/RHSA-2025:14476
reference_id RHSA-2025:14476
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:14476
18
reference_url https://access.redhat.com/errata/RHSA-2025:14479
reference_id RHSA-2025:14479
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:14479
19
reference_url https://access.redhat.com/errata/RHSA-2025:14481
reference_id RHSA-2025:14481
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:14481
20
reference_url https://access.redhat.com/errata/RHSA-2025:14484
reference_id RHSA-2025:14484
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:14484
21
reference_url https://access.redhat.com/errata/RHSA-2025:17043
reference_id RHSA-2025:17043
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:17043
22
reference_url https://access.redhat.com/errata/RHSA-2025:17730
reference_id RHSA-2025:17730
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:17730
23
reference_url https://access.redhat.com/errata/RHSA-2025:17731
reference_id RHSA-2025:17731
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:17731
24
reference_url https://access.redhat.com/errata/RHSA-2025:19003
reference_id RHSA-2025:19003
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:19003
25
reference_url https://access.redhat.com/errata/RHSA-2025:19890
reference_id RHSA-2025:19890
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:19890
26
reference_url https://groups.google.com/g/golang-announce/c/ufZ8WpEsA3A
reference_id ufZ8WpEsA3A
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-11T17:45:40Z/
url https://groups.google.com/g/golang-announce/c/ufZ8WpEsA3A
fixed_packages
0
url pkg:apk/alpine/go@1.24.4-r0?arch=x86_64&distroversion=v3.23&reponame=community
purl pkg:apk/alpine/go@1.24.4-r0?arch=x86_64&distroversion=v3.23&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/go@1.24.4-r0%3Farch=x86_64&distroversion=v3.23&reponame=community
aliases CVE-2025-22874
risk_score 3.4
exploitability 0.5
weighted_severity 6.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-jsz8-cdt5-27f6
2
url VCID-xjm1-yec3-mkc6
vulnerability_id VCID-xjm1-yec3-mkc6
summary os.OpenFile(path, os.O_CREATE|O_EXCL) behaved differently on Unix and Windows systems when the target path was a dangling symlink. On Unix systems, OpenFile with O_CREATE and O_EXCL flags never follows symlinks. On Windows, when the target path was a symlink to a nonexistent location, OpenFile would create a file in that location. OpenFile now always returns an error when the O_CREATE and O_EXCL flags are both set and the target path is a symlink.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-0913
reference_id
reference_type
scores
0
value 0.00015
scoring_system epss
scoring_elements 0.03051
published_at 2026-04-04T12:55:00Z
1
value 0.00015
scoring_system epss
scoring_elements 0.03037
published_at 2026-04-02T12:55:00Z
2
value 0.0004
scoring_system epss
scoring_elements 0.12094
published_at 2026-04-21T12:55:00Z
3
value 0.0004
scoring_system epss
scoring_elements 0.12035
published_at 2026-04-07T12:55:00Z
4
value 0.0004
scoring_system epss
scoring_elements 0.12117
published_at 2026-04-08T12:55:00Z
5
value 0.0004
scoring_system epss
scoring_elements 0.12169
published_at 2026-04-09T12:55:00Z
6
value 0.0004
scoring_system epss
scoring_elements 0.12176
published_at 2026-04-11T12:55:00Z
7
value 0.0004
scoring_system epss
scoring_elements 0.1214
published_at 2026-04-12T12:55:00Z
8
value 0.0004
scoring_system epss
scoring_elements 0.12108
published_at 2026-04-13T12:55:00Z
9
value 0.0004
scoring_system epss
scoring_elements 0.11979
published_at 2026-04-16T12:55:00Z
10
value 0.0004
scoring_system epss
scoring_elements 0.11975
published_at 2026-04-18T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-0913
1
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
2
reference_url https://go.dev/cl/672396
reference_id 672396
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-11T17:35:44Z/
url https://go.dev/cl/672396
3
reference_url https://go.dev/issue/73702
reference_id 73702
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-11T17:35:44Z/
url https://go.dev/issue/73702
4
reference_url https://pkg.go.dev/vuln/GO-2025-3750
reference_id GO-2025-3750
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-11T17:35:44Z/
url https://pkg.go.dev/vuln/GO-2025-3750
5
reference_url https://groups.google.com/g/golang-announce/c/ufZ8WpEsA3A
reference_id ufZ8WpEsA3A
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-11T17:35:44Z/
url https://groups.google.com/g/golang-announce/c/ufZ8WpEsA3A
fixed_packages
0
url pkg:apk/alpine/go@1.24.4-r0?arch=x86_64&distroversion=v3.23&reponame=community
purl pkg:apk/alpine/go@1.24.4-r0?arch=x86_64&distroversion=v3.23&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/go@1.24.4-r0%3Farch=x86_64&distroversion=v3.23&reponame=community
aliases CVE-2025-0913
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-xjm1-yec3-mkc6
Risk_scorenull
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:apk/alpine/go@1.24.4-r0%3Farch=x86_64&distroversion=v3.23&reponame=community