Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:deb/debian/gnupg2@2.0.9-3.1%2Blenny1
Typedeb
Namespacedebian
Namegnupg2
Version2.0.9-3.1+lenny1
Qualifiers
Subpath
Is_vulnerabletrue
Next_non_vulnerable_version2.2.12-1+deb10u2
Latest_non_vulnerable_version2.2.12-1+deb10u2
Affected_by_vulnerabilities
0
url VCID-duvy-9hux-k3hk
vulnerability_id VCID-duvy-9hux-k3hk
summary The do_uncompress function in g10/compress.c in GnuPG 1.x before 1.4.17 and 2.x before 2.0.24 allows context-dependent attackers to cause a denial of service (infinite loop) via malformed compressed packets, as demonstrated by an a3 01 5b ff byte sequence.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-4617.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-4617.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2014-4617
reference_id
reference_type
scores
0
value 0.08032
scoring_system epss
scoring_elements 0.92261
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2014-4617
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4617
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4617
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1112509
reference_id 1112509
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1112509
4
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=752498
reference_id 752498
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=752498
5
reference_url https://security.gentoo.org/glsa/201407-04
reference_id GLSA-201407-04
reference_type
scores
url https://security.gentoo.org/glsa/201407-04
fixed_packages
0
url pkg:deb/debian/gnupg2@2.0.19-2%2Bdeb7u2
purl pkg:deb/debian/gnupg2@2.0.19-2%2Bdeb7u2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-hw3t-m6fe-pyeh
1
vulnerability VCID-mnnc-a893-6kae
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/gnupg2@2.0.19-2%252Bdeb7u2
aliases CVE-2014-4617
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-duvy-9hux-k3hk
1
url VCID-hw3t-m6fe-pyeh
vulnerability_id VCID-hw3t-m6fe-pyeh
summary
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-34903.json
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-34903.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-34903
reference_id
reference_type
scores
0
value 0.015
scoring_system epss
scoring_elements 0.81468
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-34903
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34903
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34903
3
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1014157
reference_id 1014157
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1014157
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2102868
reference_id 2102868
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2102868
5
reference_url https://security.archlinux.org/AVG-2776
reference_id AVG-2776
reference_type
scores
0
value Unknown
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-2776
6
reference_url https://security.gentoo.org/glsa/202408-23
reference_id GLSA-202408-23
reference_type
scores
url https://security.gentoo.org/glsa/202408-23
7
reference_url https://access.redhat.com/errata/RHSA-2022:6463
reference_id RHSA-2022:6463
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:6463
8
reference_url https://access.redhat.com/errata/RHSA-2022:6602
reference_id RHSA-2022:6602
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:6602
fixed_packages
0
url pkg:deb/debian/gnupg2@2.2.12-1%2Bdeb10u2
purl pkg:deb/debian/gnupg2@2.2.12-1%2Bdeb10u2
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/gnupg2@2.2.12-1%252Bdeb10u2
aliases CVE-2022-34903
risk_score 2.6
exploitability 0.5
weighted_severity 5.3
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-hw3t-m6fe-pyeh
2
url VCID-mnnc-a893-6kae
vulnerability_id VCID-mnnc-a893-6kae
summary content spoofing
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-12020.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-12020.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2018-12020
reference_id
reference_type
scores
0
value 0.01725
scoring_system epss
scoring_elements 0.82768
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2018-12020
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12020
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12020
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1589620
reference_id 1589620
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1589620
4
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=901088
reference_id 901088
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=901088
5
reference_url https://security.archlinux.org/ASA-201806-8
reference_id ASA-201806-8
reference_type
scores
url https://security.archlinux.org/ASA-201806-8
6
reference_url https://security.archlinux.org/AVG-713
reference_id AVG-713
reference_type
scores
0
value High
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-713
7
reference_url https://access.redhat.com/errata/RHSA-2018:2180
reference_id RHSA-2018:2180
reference_type
scores
url https://access.redhat.com/errata/RHSA-2018:2180
8
reference_url https://access.redhat.com/errata/RHSA-2018:2181
reference_id RHSA-2018:2181
reference_type
scores
url https://access.redhat.com/errata/RHSA-2018:2181
fixed_packages
0
url pkg:deb/debian/gnupg2@2.0.26-6%2Bdeb8u2
purl pkg:deb/debian/gnupg2@2.0.26-6%2Bdeb8u2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-hw3t-m6fe-pyeh
1
vulnerability VCID-mnnc-a893-6kae
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/gnupg2@2.0.26-6%252Bdeb8u2
1
url pkg:deb/debian/gnupg2@2.1.18-8~deb9u4
purl pkg:deb/debian/gnupg2@2.1.18-8~deb9u4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-hw3t-m6fe-pyeh
1
vulnerability VCID-mnnc-a893-6kae
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/gnupg2@2.1.18-8~deb9u4
2
url pkg:deb/debian/gnupg2@2.2.12-1
purl pkg:deb/debian/gnupg2@2.2.12-1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-hw3t-m6fe-pyeh
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/gnupg2@2.2.12-1
aliases CVE-2018-12020
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-mnnc-a893-6kae
3
url VCID-x22z-pzw2-gbfa
vulnerability_id VCID-x22z-pzw2-gbfa
summary GnuPG 1.4.x, 2.0.x, and 2.1.x treats a key flags subpacket with all bits cleared (no usage permitted) as if it has all bits set (all usage permitted), which might allow remote attackers to bypass intended cryptographic protection mechanisms by leveraging the subkey.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-4351.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-4351.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2013-4351
reference_id
reference_type
scores
0
value 0.01303
scoring_system epss
scoring_elements 0.80096
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2013-4351
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4351
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4351
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4402
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4402
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1010137
reference_id 1010137
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1010137
5
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=722724
reference_id 722724
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=722724
6
reference_url https://security.gentoo.org/glsa/201402-24
reference_id GLSA-201402-24
reference_type
scores
url https://security.gentoo.org/glsa/201402-24
7
reference_url https://access.redhat.com/errata/RHSA-2013:1458
reference_id RHSA-2013:1458
reference_type
scores
url https://access.redhat.com/errata/RHSA-2013:1458
8
reference_url https://access.redhat.com/errata/RHSA-2013:1459
reference_id RHSA-2013:1459
reference_type
scores
url https://access.redhat.com/errata/RHSA-2013:1459
fixed_packages
0
url pkg:deb/debian/gnupg2@2.0.19-2%2Bdeb7u2
purl pkg:deb/debian/gnupg2@2.0.19-2%2Bdeb7u2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-hw3t-m6fe-pyeh
1
vulnerability VCID-mnnc-a893-6kae
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/gnupg2@2.0.19-2%252Bdeb7u2
aliases CVE-2013-4351
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-x22z-pzw2-gbfa
4
url VCID-zf6a-prab-wkbs
vulnerability_id VCID-zf6a-prab-wkbs
summary The compressed packet parser in GnuPG 1.4.x before 1.4.15 and 2.0.x before 2.0.22 allows remote attackers to cause a denial of service (infinite recursion) via a crafted OpenPGP message.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-4402.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-4402.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2013-4402
reference_id
reference_type
scores
0
value 0.04702
scoring_system epss
scoring_elements 0.89546
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2013-4402
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4351
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4351
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4402
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4402
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1015685
reference_id 1015685
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1015685
5
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=725433
reference_id 725433
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=725433
6
reference_url https://security.gentoo.org/glsa/201402-24
reference_id GLSA-201402-24
reference_type
scores
url https://security.gentoo.org/glsa/201402-24
7
reference_url https://access.redhat.com/errata/RHSA-2013:1458
reference_id RHSA-2013:1458
reference_type
scores
url https://access.redhat.com/errata/RHSA-2013:1458
8
reference_url https://access.redhat.com/errata/RHSA-2013:1459
reference_id RHSA-2013:1459
reference_type
scores
url https://access.redhat.com/errata/RHSA-2013:1459
fixed_packages
0
url pkg:deb/debian/gnupg2@2.0.19-2%2Bdeb7u2
purl pkg:deb/debian/gnupg2@2.0.19-2%2Bdeb7u2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-hw3t-m6fe-pyeh
1
vulnerability VCID-mnnc-a893-6kae
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/gnupg2@2.0.19-2%252Bdeb7u2
aliases CVE-2013-4402
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-zf6a-prab-wkbs
Fixing_vulnerabilities
Risk_score4.0
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:deb/debian/gnupg2@2.0.9-3.1%252Blenny1