Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:deb/debian/expat@1.1-1
Typedeb
Namespacedebian
Nameexpat
Version1.1-1
Qualifiers
Subpath
Is_vulnerabletrue
Next_non_vulnerable_version2.2.10-2+deb11u5
Latest_non_vulnerable_version2.2.10-2+deb11u5
Affected_by_vulnerabilities
0
url VCID-7t2y-ppma-aqe1
vulnerability_id VCID-7t2y-ppma-aqe1
summary 
Security researcher Gustavo Grieco reported a potential out-of-bounds
read parsing malformed XML data during character conversion. This is due to a bug in the
Expat library, which is used in Firefox. This could allow an attacker to read other
inaccessible memory.
references
0
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4472
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4472
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0718
reference_id CVE-2016-0718
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0718
2
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2016-68
reference_id mfsa2016-68
reference_type
scores
0
value none
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2016-68
fixed_packages
0
url pkg:deb/debian/expat@2.1.0-6%2Bdeb8u4
purl pkg:deb/debian/expat@2.1.0-6%2Bdeb8u4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-7t2y-ppma-aqe1
1
vulnerability VCID-cvna-73ya-gbg5
2
vulnerability VCID-ea8u-5x5j-dkch
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/expat@2.1.0-6%252Bdeb8u4
1
url pkg:deb/debian/expat@2.2.0-2%2Bdeb9u3
purl pkg:deb/debian/expat@2.2.0-2%2Bdeb9u3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-cvna-73ya-gbg5
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/expat@2.2.0-2%252Bdeb9u3
aliases CVE-2016-0718
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-7t2y-ppma-aqe1
1
url VCID-cvna-73ya-gbg5
vulnerability_id VCID-cvna-73ya-gbg5
summary In libexpat before 2.2.8, crafted XML input could fool the parser into changing from DTD parsing to document parsing too early. A subsequent call to XML_GetCurrentLineNumber or XML_GetCurrentColumnNumber then resulted in a heap-based buffer over-read.
references
0
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11755
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11755
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11757
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11757
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11759
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11759
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11760
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11760
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11761
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11761
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11762
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11762
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11763
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11763
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11764
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11764
8
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15903
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15903
9
reference_url https://security.archlinux.org/ASA-201910-15
reference_id ASA-201910-15
reference_type
scores
url https://security.archlinux.org/ASA-201910-15
10
reference_url https://security.archlinux.org/ASA-201910-16
reference_id ASA-201910-16
reference_type
scores
url https://security.archlinux.org/ASA-201910-16
11
reference_url https://security.archlinux.org/ASA-201910-17
reference_id ASA-201910-17
reference_type
scores
url https://security.archlinux.org/ASA-201910-17
12
reference_url https://security.archlinux.org/AVG-1053
reference_id AVG-1053
reference_type
scores
0
value High
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-1053
13
reference_url https://security.archlinux.org/AVG-1054
reference_id AVG-1054
reference_type
scores
0
value Critical
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-1054
14
reference_url https://security.archlinux.org/AVG-1055
reference_id AVG-1055
reference_type
scores
0
value Critical
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-1055
15
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2019-33
reference_id mfsa2019-33
reference_type
scores
0
value critical
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2019-33
16
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2019-34
reference_id mfsa2019-34
reference_type
scores
0
value critical
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2019-34
17
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2019-35
reference_id mfsa2019-35
reference_type
scores
0
value critical
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2019-35
fixed_packages
0
url pkg:deb/debian/expat@2.2.0-2%2Bdeb9u3
purl pkg:deb/debian/expat@2.2.0-2%2Bdeb9u3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-cvna-73ya-gbg5
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/expat@2.2.0-2%252Bdeb9u3
1
url pkg:deb/debian/expat@2.2.6-2%2Bdeb10u4
purl pkg:deb/debian/expat@2.2.6-2%2Bdeb10u4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-cvna-73ya-gbg5
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/expat@2.2.6-2%252Bdeb10u4
2
url pkg:deb/debian/expat@2.2.10-2%2Bdeb11u5
purl pkg:deb/debian/expat@2.2.10-2%2Bdeb11u5
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/expat@2.2.10-2%252Bdeb11u5
aliases CVE-2019-15903
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-cvna-73ya-gbg5
2
url VCID-ea8u-5x5j-dkch
vulnerability_id VCID-ea8u-5x5j-dkch
summary An integer overflow during the parsing of XML using the Expat library.
references
0
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9063
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9063
1
reference_url https://security.archlinux.org/ASA-201611-16
reference_id ASA-201611-16
reference_type
scores
url https://security.archlinux.org/ASA-201611-16
2
reference_url https://security.archlinux.org/AVG-72
reference_id AVG-72
reference_type
scores
0
value Critical
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-72
3
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2016-89
reference_id mfsa2016-89
reference_type
scores
0
value critical
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2016-89
fixed_packages
0
url pkg:deb/debian/expat@2.2.0-2%2Bdeb9u3
purl pkg:deb/debian/expat@2.2.0-2%2Bdeb9u3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-cvna-73ya-gbg5
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/expat@2.2.0-2%252Bdeb9u3
aliases CVE-2016-9063
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ea8u-5x5j-dkch
Fixing_vulnerabilities
Risk_scorenull
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:deb/debian/expat@1.1-1