Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:deb/debian/pdns@3.3.1-3~bpo70%2B1
Typedeb
Namespacedebian
Namepdns
Version3.3.1-3~bpo70+1
Qualifiers
Subpath
Is_vulnerabletrue
Next_non_vulnerable_version4.1.6-3+deb10u1
Latest_non_vulnerable_version4.1.6-3+deb10u1
Affected_by_vulnerabilities
0
url VCID-gfwm-fnp9-d7e1
vulnerability_id VCID-gfwm-fnp9-d7e1
summary PowerDNS (aka pdns) Authoritative Server before 3.4.10 allows remote attackers to cause a denial of service (backend CPU consumption) via a long qname.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-5426
reference_id
reference_type
scores
0
value 0.3697
scoring_system epss
scoring_elements 0.97243
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-5426
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5426
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5426
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5427
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5427
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6172
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6172
fixed_packages
0
url pkg:deb/debian/pdns@3.4.1-4%2Bdeb8u8
purl pkg:deb/debian/pdns@3.4.1-4%2Bdeb8u8
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-n8kr-mt65-13gj
1
vulnerability VCID-qg7g-sudd-hue1
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/pdns@3.4.1-4%252Bdeb8u8
aliases CVE-2016-5426
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-gfwm-fnp9-d7e1
1
url VCID-hp38-vkna-xbbf
vulnerability_id VCID-hp38-vkna-xbbf
summary An issue has been found in PowerDNS Authoritative Server versions up to and including 3.4.10, 4.0.1 allowing an authorized user to crash the server by inserting a specially crafted record in a zone under their control then sending a DNS query for that record. The issue is due to an integer overflow when checking if the content of the record matches the expected size, allowing an attacker to cause a read past the buffer boundary.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-2120
reference_id
reference_type
scores
0
value 0.00131
scoring_system epss
scoring_elements 0.32125
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-2120
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2120
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2120
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7068
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7068
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7072
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7072
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7073
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7073
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7074
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7074
6
reference_url https://security.archlinux.org/ASA-201701-29
reference_id ASA-201701-29
reference_type
scores
url https://security.archlinux.org/ASA-201701-29
7
reference_url https://security.archlinux.org/AVG-147
reference_id AVG-147
reference_type
scores
0
value Medium
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-147
fixed_packages
0
url pkg:deb/debian/pdns@3.4.1-4%2Bdeb8u8
purl pkg:deb/debian/pdns@3.4.1-4%2Bdeb8u8
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-n8kr-mt65-13gj
1
vulnerability VCID-qg7g-sudd-hue1
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/pdns@3.4.1-4%252Bdeb8u8
aliases CVE-2016-2120
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-hp38-vkna-xbbf
2
url VCID-n5n2-xvth-uqd5
vulnerability_id VCID-n5n2-xvth-uqd5
summary PowerDNS (aka pdns) Authoritative Server before 3.4.10 does not properly handle a . (dot) inside labels, which allows remote attackers to cause a denial of service (backend CPU consumption) via a crafted DNS query.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-5427
reference_id
reference_type
scores
0
value 0.85547
scoring_system epss
scoring_elements 0.99385
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-5427
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5426
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5426
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5427
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5427
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6172
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6172
fixed_packages
0
url pkg:deb/debian/pdns@3.4.1-4%2Bdeb8u8
purl pkg:deb/debian/pdns@3.4.1-4%2Bdeb8u8
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-n8kr-mt65-13gj
1
vulnerability VCID-qg7g-sudd-hue1
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/pdns@3.4.1-4%252Bdeb8u8
aliases CVE-2016-5427
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-n5n2-xvth-uqd5
3
url VCID-n8kr-mt65-13gj
vulnerability_id VCID-n8kr-mt65-13gj
summary insufficient validation
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2019-3871
reference_id
reference_type
scores
0
value 0.00026
scoring_system epss
scoring_elements 0.07747
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2019-3871
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-3871
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-3871
2
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=924966
reference_id 924966
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=924966
3
reference_url https://security.archlinux.org/ASA-201903-13
reference_id ASA-201903-13
reference_type
scores
url https://security.archlinux.org/ASA-201903-13
4
reference_url https://security.archlinux.org/AVG-927
reference_id AVG-927
reference_type
scores
0
value High
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-927
fixed_packages
0
url pkg:deb/debian/pdns@4.0.3-1%2Bdeb9u5
purl pkg:deb/debian/pdns@4.0.3-1%2Bdeb9u5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-n8kr-mt65-13gj
1
vulnerability VCID-qg7g-sudd-hue1
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/pdns@4.0.3-1%252Bdeb9u5
1
url pkg:deb/debian/pdns@4.1.6-3%2Bdeb10u1
purl pkg:deb/debian/pdns@4.1.6-3%2Bdeb10u1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/pdns@4.1.6-3%252Bdeb10u1
aliases CVE-2019-3871
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-n8kr-mt65-13gj
4
url VCID-pn7j-7cbx-wbhj
vulnerability_id VCID-pn7j-7cbx-wbhj
summary PowerDNS (aka pdns) Authoritative Server before 4.0.1 allows remote primary DNS servers to cause a denial of service (memory exhaustion and secondary DNS server crash) via a large (1) AXFR or (2) IXFR response.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-6172
reference_id
reference_type
scores
0
value 0.00019
scoring_system epss
scoring_elements 0.05384
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-6172
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5426
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5426
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5427
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5427
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6172
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6172
4
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=830808
reference_id 830808
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=830808
fixed_packages
0
url pkg:deb/debian/pdns@3.4.1-4%2Bdeb8u8
purl pkg:deb/debian/pdns@3.4.1-4%2Bdeb8u8
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-n8kr-mt65-13gj
1
vulnerability VCID-qg7g-sudd-hue1
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/pdns@3.4.1-4%252Bdeb8u8
aliases CVE-2016-6172
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-pn7j-7cbx-wbhj
5
url VCID-qg7g-sudd-hue1
vulnerability_id VCID-qg7g-sudd-hue1
summary arbitrary code execution
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2018-1046
reference_id
reference_type
scores
0
value 3e-05
scoring_system epss
scoring_elements 0.00072
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2018-1046
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1046
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1046
2
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=898255
reference_id 898255
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=898255
3
reference_url https://security.archlinux.org/ASA-201805-1
reference_id ASA-201805-1
reference_type
scores
url https://security.archlinux.org/ASA-201805-1
4
reference_url https://security.archlinux.org/AVG-686
reference_id AVG-686
reference_type
scores
0
value High
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-686
fixed_packages
0
url pkg:deb/debian/pdns@4.1.6-3%2Bdeb10u1
purl pkg:deb/debian/pdns@4.1.6-3%2Bdeb10u1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/pdns@4.1.6-3%252Bdeb10u1
aliases CVE-2018-1046
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-qg7g-sudd-hue1
6
url VCID-tmg6-gqrq-2uc9
vulnerability_id VCID-tmg6-gqrq-2uc9
summary The label decompression functionality in PowerDNS Recursor before 3.6.4 and 3.7.x before 3.7.3 and Authoritative (Auth) Server before 3.3.3 and 3.4.x before 3.4.5 allows remote attackers to cause a denial of service (CPU consumption or crash) via a request with a long name that refers to itself. NOTE: this vulnerability exists because of an incomplete fix for CVE-2015-1868.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2015-5470
reference_id
reference_type
scores
0
value 6e-05
scoring_system epss
scoring_elements 0.00478
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2015-5470
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5470
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5470
fixed_packages
0
url pkg:deb/debian/pdns@3.4.1-4%2Bdeb8u8
purl pkg:deb/debian/pdns@3.4.1-4%2Bdeb8u8
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-n8kr-mt65-13gj
1
vulnerability VCID-qg7g-sudd-hue1
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/pdns@3.4.1-4%252Bdeb8u8
aliases CVE-2015-5470
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-tmg6-gqrq-2uc9
Fixing_vulnerabilities
Risk_score4.0
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:deb/debian/pdns@3.3.1-3~bpo70%252B1