Django REST framework

Lookup for vulnerable packages by Package URL.

Purl pkg:apk/alpine/phpmyadmin@4.8.4-r0?arch=armv7&distroversion=v3.19&reponame=community

Type apk

Namespace alpine

Name phpmyadmin

Version 4.8.4-r0

Qualifiers

arch	armv7
distroversion	v3.19
reponame	community

Subpath

Is_vulnerable false

Next_non_vulnerable_version 4.8.5-r0

Latest_non_vulnerable_version 5.1.2-r0

Affected_by_vulnerabilities

Fixing_vulnerabilities

url VCID-986a-3m4g-83ge

vulnerability_id VCID-986a-3m4g-83ge

summary

Cross-Site Request Forgery (CSRF)
By deceiving a user into clicking on a crafted URL, it is possible to perform harmful SQL operations such as renaming databases, creating new `tables/routines`, deleting designer pages, `adding/deleting` users, updating user passwords, killing SQL processes.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2018-19969

reference_id

reference_type

scores

value	0.00458
scoring_system	epss
scoring_elements	0.64024
published_at	2026-04-24T12:55:00Z

value	0.00458
scoring_system	epss
scoring_elements	0.63934
published_at	2026-04-07T12:55:00Z

value	0.00458
scoring_system	epss
scoring_elements	0.63984
published_at	2026-04-08T12:55:00Z

value	0.00458
scoring_system	epss
scoring_elements	0.64002
published_at	2026-04-09T12:55:00Z

value	0.00458
scoring_system	epss
scoring_elements	0.64014
published_at	2026-04-11T12:55:00Z

value	0.00458
scoring_system	epss
scoring_elements	0.64
published_at	2026-04-12T12:55:00Z

value	0.00458
scoring_system	epss
scoring_elements	0.6397
published_at	2026-04-13T12:55:00Z

value	0.00458
scoring_system	epss
scoring_elements	0.64005
published_at	2026-04-16T12:55:00Z

value	0.00458
scoring_system	epss
scoring_elements	0.64017
published_at	2026-04-18T12:55:00Z

value	0.00458
scoring_system	epss
scoring_elements	0.64006
published_at	2026-04-21T12:55:00Z

value	0.00458
scoring_system	epss
scoring_elements	0.63888
published_at	2026-04-01T12:55:00Z

value	0.00458
scoring_system	epss
scoring_elements	0.63947
published_at	2026-04-02T12:55:00Z

value	0.00458
scoring_system	epss
scoring_elements	0.63974
published_at	2026-04-04T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2018-19969

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19969
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19969

reference_url

https://web.archive.org/web/20210124223800/https://www.securityfocus.com/bid/106175

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://web.archive.org/web/20210124223800/https://www.securityfocus.com/bid/106175

reference_url	https://web.archive.org/web/20210124223800/https://www.securityfocus.com/bid/106175/
reference_id
reference_type
scores
url	https://web.archive.org/web/20210124223800/https://www.securityfocus.com/bid/106175/

reference_url

https://www.phpmyadmin.net/security/PMASA-2018-7

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://www.phpmyadmin.net/security/PMASA-2018-7

reference_url	https://www.phpmyadmin.net/security/PMASA-2018-7/
reference_id
reference_type
scores
url	https://www.phpmyadmin.net/security/PMASA-2018-7/

reference_url	http://www.securityfocus.com/bid/106175
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/106175

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2018-19969

reference_id

CVE-2018-19969

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2018-19969

reference_url

https://github.com/advisories/GHSA-xwf2-53mc-r8hx

reference_id

GHSA-xwf2-53mc-r8hx

reference_type

scores

value	HIGH
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-xwf2-53mc-r8hx

reference_url

https://security.gentoo.org/glsa/201904-16

reference_id

GLSA-201904-16

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://security.gentoo.org/glsa/201904-16

fixed_packages

url	pkg:apk/alpine/phpmyadmin@4.8.4-r0?arch=armv7&distroversion=v3.19&reponame=community
purl	pkg:apk/alpine/phpmyadmin@4.8.4-r0?arch=armv7&distroversion=v3.19&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/phpmyadmin@4.8.4-r0%3Farch=armv7&distroversion=v3.19&reponame=community

aliases CVE-2018-19969, GHSA-xwf2-53mc-r8hx

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-986a-3m4g-83ge

url VCID-ebk2-vjau-57h9

vulnerability_id VCID-ebk2-vjau-57h9

summary

Information Exposure
An attacker can exploit phpMyAdm to leak the contents of a local file because of an error in the transformation feature. The attacker must have access to the phpMyAdmin Configuration Storage tables, although these can easily be created in any database to which the attacker has access. An attacker must have valid credentials to log in to phpMyAdmin; this vulnerability does not allow an attacker to circumvent the login system.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2018-19968

reference_id

reference_type

scores

value	0.02543
scoring_system	epss
scoring_elements	0.85517
published_at	2026-04-24T12:55:00Z

value	0.02543
scoring_system	epss
scoring_elements	0.85397
published_at	2026-04-01T12:55:00Z

value	0.02543
scoring_system	epss
scoring_elements	0.85409
published_at	2026-04-02T12:55:00Z

value	0.02543
scoring_system	epss
scoring_elements	0.85429
published_at	2026-04-04T12:55:00Z

value	0.02543
scoring_system	epss
scoring_elements	0.85432
published_at	2026-04-07T12:55:00Z

value	0.02543
scoring_system	epss
scoring_elements	0.85453
published_at	2026-04-08T12:55:00Z

value	0.02543
scoring_system	epss
scoring_elements	0.85461
published_at	2026-04-09T12:55:00Z

value	0.02543
scoring_system	epss
scoring_elements	0.85475
published_at	2026-04-11T12:55:00Z

value	0.02543
scoring_system	epss
scoring_elements	0.85474
published_at	2026-04-12T12:55:00Z

value	0.02543
scoring_system	epss
scoring_elements	0.8547
published_at	2026-04-13T12:55:00Z

value	0.02543
scoring_system	epss
scoring_elements	0.85494
published_at	2026-04-16T12:55:00Z

value	0.02543
scoring_system	epss
scoring_elements	0.85498
published_at	2026-04-18T12:55:00Z

value	0.02543
scoring_system	epss
scoring_elements	0.85495
published_at	2026-04-21T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2018-19968

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19968
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19968

reference_url

https://github.com/phpmyadmin/composer

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/phpmyadmin/composer

reference_url

https://github.com/phpmyadmin/phpmyadmin/commit/6a1ba61e29002f0305a9322a8af4eaaeb11c0732

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/phpmyadmin/phpmyadmin/commit/6a1ba61e29002f0305a9322a8af4eaaeb11c0732

reference_url

https://lists.debian.org/debian-lts-announce/2019/02/msg00003.html

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://lists.debian.org/debian-lts-announce/2019/02/msg00003.html

reference_url

https://www.phpmyadmin.net/security/PMASA-2018-6

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://www.phpmyadmin.net/security/PMASA-2018-6

reference_url	https://www.phpmyadmin.net/security/PMASA-2018-6/
reference_id
reference_type
scores
url	https://www.phpmyadmin.net/security/PMASA-2018-6/

reference_url

http://www.securityfocus.com/bid/106178

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

http://www.securityfocus.com/bid/106178

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2018-19968

reference_id

CVE-2018-19968

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2018-19968

reference_url

https://github.com/advisories/GHSA-xc97-r49q-cxgc

reference_id

GHSA-xc97-r49q-cxgc

reference_type

scores

value	MODERATE
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-xc97-r49q-cxgc

reference_url

https://security.gentoo.org/glsa/201904-16

reference_id

GLSA-201904-16

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://security.gentoo.org/glsa/201904-16

reference_url	https://usn.ubuntu.com/4639-1/
reference_id	USN-4639-1
reference_type
scores
url	https://usn.ubuntu.com/4639-1/

reference_url	https://usn.ubuntu.com/USN-4843-1/
reference_id	USN-USN-4843-1
reference_type
scores
url	https://usn.ubuntu.com/USN-4843-1/

fixed_packages

url	pkg:apk/alpine/phpmyadmin@4.8.4-r0?arch=armv7&distroversion=v3.19&reponame=community
purl	pkg:apk/alpine/phpmyadmin@4.8.4-r0?arch=armv7&distroversion=v3.19&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/phpmyadmin@4.8.4-r0%3Farch=armv7&distroversion=v3.19&reponame=community

aliases CVE-2018-19968, GHSA-xc97-r49q-cxgc

risk_score 3.1

exploitability 0.5

weighted_severity 6.2

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ebk2-vjau-57h9

url VCID-qcra-cu62-43he

vulnerability_id VCID-qcra-cu62-43he

summary

Cross-site Scripting
In phpMyAdm, an XSS vulnerability was found in the navigation tree, where an attacker can deliver a payload to a user through a crafted `database/table` name.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2018-19970

reference_id

reference_type

scores

value	0.01501
scoring_system	epss
scoring_elements	0.81198
published_at	2026-04-24T12:55:00Z

value	0.01501
scoring_system	epss
scoring_elements	0.81074
published_at	2026-04-01T12:55:00Z

value	0.01501
scoring_system	epss
scoring_elements	0.81083
published_at	2026-04-02T12:55:00Z

value	0.01501
scoring_system	epss
scoring_elements	0.81108
published_at	2026-04-04T12:55:00Z

value	0.01501
scoring_system	epss
scoring_elements	0.81107
published_at	2026-04-07T12:55:00Z

value	0.01501
scoring_system	epss
scoring_elements	0.81135
published_at	2026-04-08T12:55:00Z

value	0.01501
scoring_system	epss
scoring_elements	0.81141
published_at	2026-04-09T12:55:00Z

value	0.01501
scoring_system	epss
scoring_elements	0.81159
published_at	2026-04-11T12:55:00Z

value	0.01501
scoring_system	epss
scoring_elements	0.81146
published_at	2026-04-12T12:55:00Z

value	0.01501
scoring_system	epss
scoring_elements	0.81139
published_at	2026-04-13T12:55:00Z

value	0.01501
scoring_system	epss
scoring_elements	0.81176
published_at	2026-04-16T12:55:00Z

value	0.01501
scoring_system	epss
scoring_elements	0.81178
published_at	2026-04-18T12:55:00Z

value	0.01501
scoring_system	epss
scoring_elements	0.81175
published_at	2026-04-21T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2018-19970

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19970
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19970

reference_url

https://github.com/phpmyadmin/composer

reference_id

reference_type

scores

value	6.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/phpmyadmin/composer

reference_url

https://lists.debian.org/debian-lts-announce/2019/02/msg00003.html

reference_id

reference_type

scores

value	6.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://lists.debian.org/debian-lts-announce/2019/02/msg00003.html

reference_url

https://www.phpmyadmin.net/security/PMASA-2018-8

reference_id

reference_type

scores

value	6.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://www.phpmyadmin.net/security/PMASA-2018-8

reference_url	https://www.phpmyadmin.net/security/PMASA-2018-8/
reference_id
reference_type
scores
url	https://www.phpmyadmin.net/security/PMASA-2018-8/

reference_url

http://www.securityfocus.com/bid/106181

reference_id

reference_type

scores

value	6.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

http://www.securityfocus.com/bid/106181

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2018-19970

reference_id

CVE-2018-19970

reference_type

scores

value	6.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2018-19970

reference_url

https://github.com/advisories/GHSA-8987-93fh-rcwq

reference_id

GHSA-8987-93fh-rcwq

reference_type

scores

value	MODERATE
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-8987-93fh-rcwq

reference_url

https://security.gentoo.org/glsa/201904-16

reference_id

GLSA-201904-16

reference_type

scores

value	6.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://security.gentoo.org/glsa/201904-16

reference_url	https://usn.ubuntu.com/4639-1/
reference_id	USN-4639-1
reference_type
scores
url	https://usn.ubuntu.com/4639-1/

reference_url	https://usn.ubuntu.com/USN-4843-1/
reference_id	USN-USN-4843-1
reference_type
scores
url	https://usn.ubuntu.com/USN-4843-1/

fixed_packages

url	pkg:apk/alpine/phpmyadmin@4.8.4-r0?arch=armv7&distroversion=v3.19&reponame=community
purl	pkg:apk/alpine/phpmyadmin@4.8.4-r0?arch=armv7&distroversion=v3.19&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/phpmyadmin@4.8.4-r0%3Farch=armv7&distroversion=v3.19&reponame=community

aliases CVE-2018-19970, GHSA-8987-93fh-rcwq

risk_score 3.1

exploitability 0.5

weighted_severity 6.2

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-qcra-cu62-43he

Risk_score null

Resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/phpmyadmin@4.8.4-r0%3Farch=armv7&distroversion=v3.19&reponame=community

Package Instance