Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:apk/alpine/zlib@0?arch=ppc64le&distroversion=v3.21&reponame=main
Typeapk
Namespacealpine
Namezlib
Version0
Qualifiers
arch ppc64le
distroversion v3.21
reponame main
Subpath
Is_vulnerablefalse
Next_non_vulnerable_version1.2.11-r4
Latest_non_vulnerable_version1.3.2-r0
Affected_by_vulnerabilities
Fixing_vulnerabilities
0
url VCID-fvf6-q2at-vfd3
vulnerability_id VCID-fvf6-q2at-vfd3
summary 
Cloudflare version of zlib library was found to be vulnerable to memory corruption issues affecting the deflation algorithm implementation (deflate.c). The issues resulted from improper input validation and heap-based buffer overflow.
A local attacker could exploit the problem during compression using a crafted malicious file potentially leading to denial of service of the software.
Patches: The issue has been patched in commit  8352d10 https://github.com/cloudflare/zlib/commit/8352d108c05db1bdc5ac3bdf834dad641694c13c . The upstream repository is not affected.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2023-6992
reference_id
reference_type
scores
0
value 0.00021
scoring_system epss
scoring_elements 0.05533
published_at 2026-04-18T12:55:00Z
1
value 0.00021
scoring_system epss
scoring_elements 0.05584
published_at 2026-04-12T12:55:00Z
2
value 0.00021
scoring_system epss
scoring_elements 0.05577
published_at 2026-04-13T12:55:00Z
3
value 0.00021
scoring_system epss
scoring_elements 0.05524
published_at 2026-04-16T12:55:00Z
4
value 0.00021
scoring_system epss
scoring_elements 0.05526
published_at 2026-04-02T12:55:00Z
5
value 0.00021
scoring_system epss
scoring_elements 0.05561
published_at 2026-04-04T12:55:00Z
6
value 0.00021
scoring_system epss
scoring_elements 0.0556
published_at 2026-04-07T12:55:00Z
7
value 0.00021
scoring_system epss
scoring_elements 0.05598
published_at 2026-04-08T12:55:00Z
8
value 0.00021
scoring_system epss
scoring_elements 0.05622
published_at 2026-04-09T12:55:00Z
9
value 0.00021
scoring_system epss
scoring_elements 0.05594
published_at 2026-04-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2023-6992
1
reference_url https://github.com/cloudflare/zlib/security/advisories/GHSA-vww9-j87r-4cqh
reference_id GHSA-vww9-j87r-4cqh
reference_type
scores
0
value 4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:L
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-03-12T16:53:31Z/
url https://github.com/cloudflare/zlib/security/advisories/GHSA-vww9-j87r-4cqh
2
reference_url https://github.com/cloudflare/zlib
reference_id zlib
reference_type
scores
0
value 4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:L
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-03-12T16:53:31Z/
url https://github.com/cloudflare/zlib
fixed_packages
0
url pkg:apk/alpine/zlib@0?arch=ppc64le&distroversion=v3.21&reponame=main
purl pkg:apk/alpine/zlib@0?arch=ppc64le&distroversion=v3.21&reponame=main
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/zlib@0%3Farch=ppc64le&distroversion=v3.21&reponame=main
aliases CVE-2023-6992
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-fvf6-q2at-vfd3
1
url VCID-v6pc-48dg-4kad
vulnerability_id VCID-v6pc-48dg-4kad
summary 
Integer Overflow or Wraparound
MiniZip in zlib through 1.3 has an integer overflow and resultant heap-based buffer overflow in zipOpenNewFileInZip4_64 via a long filename, comment, or extra field. NOTE: MiniZip is not a supported part of the zlib product.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-45853.json
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-45853.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2023-45853
reference_id
reference_type
scores
0
value 0.01287
scoring_system epss
scoring_elements 0.79629
published_at 2026-04-13T12:55:00Z
1
value 0.01287
scoring_system epss
scoring_elements 0.79659
published_at 2026-04-18T12:55:00Z
2
value 0.01287
scoring_system epss
scoring_elements 0.79631
published_at 2026-04-09T12:55:00Z
3
value 0.01287
scoring_system epss
scoring_elements 0.79652
published_at 2026-04-11T12:55:00Z
4
value 0.01287
scoring_system epss
scoring_elements 0.79636
published_at 2026-04-12T12:55:00Z
5
value 0.01322
scoring_system epss
scoring_elements 0.79841
published_at 2026-04-02T12:55:00Z
6
value 0.01322
scoring_system epss
scoring_elements 0.79879
published_at 2026-04-08T12:55:00Z
7
value 0.01322
scoring_system epss
scoring_elements 0.7985
published_at 2026-04-07T12:55:00Z
8
value 0.01322
scoring_system epss
scoring_elements 0.79863
published_at 2026-04-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2023-45853
2
reference_url https://chromium.googlesource.com/chromium/src/+/d709fb23806858847131027da95ef4c548813356
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
2
value CRITICAL
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-07-19T03:55:37Z/
url https://chromium.googlesource.com/chromium/src/+/d709fb23806858847131027da95ef4c548813356
3
reference_url https://chromium.googlesource.com/chromium/src/+/de29dd6c7151d3cd37cb4cf0036800ddfb1d8b61
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
2
value CRITICAL
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-07-19T03:55:37Z/
url https://chromium.googlesource.com/chromium/src/+/de29dd6c7151d3cd37cb4cf0036800ddfb1d8b61
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45853
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45853
5
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
6
reference_url https://github.com/madler/zlib/blob/ac8f12c97d1afd9bafa9c710f827d40a407d3266/contrib/README.contrib#L1-L4
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
2
value CRITICAL
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-07-19T03:55:37Z/
url https://github.com/madler/zlib/blob/ac8f12c97d1afd9bafa9c710f827d40a407d3266/contrib/README.contrib#L1-L4
7
reference_url https://github.com/madler/zlib/commit/73331a6a0481067628f065ffe87bb1d8f787d10c
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/madler/zlib/commit/73331a6a0481067628f065ffe87bb1d8f787d10c
8
reference_url https://github.com/madler/zlib/pull/843
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
2
value CRITICAL
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-07-19T03:55:37Z/
url https://github.com/madler/zlib/pull/843
9
reference_url https://github.com/smihica/pyminizip
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/smihica/pyminizip
10
reference_url https://github.com/smihica/pyminizip/blob/master/zlib-1.2.11/contrib/minizip/zip.c
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/smihica/pyminizip/blob/master/zlib-1.2.11/contrib/minizip/zip.c
11
reference_url https://lists.debian.org/debian-lts-announce/2023/11/msg00026.html
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
2
value CRITICAL
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-07-19T03:55:37Z/
url https://lists.debian.org/debian-lts-announce/2023/11/msg00026.html
12
reference_url https://nvd.nist.gov/vuln/detail/CVE-2023-45853
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2023-45853
13
reference_url https://pypi.org/project/pyminizip/#history
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
2
value CRITICAL
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-07-19T03:55:37Z/
url https://pypi.org/project/pyminizip/#history
14
reference_url https://security.gentoo.org/glsa/202401-18
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
2
value CRITICAL
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-07-19T03:55:37Z/
url https://security.gentoo.org/glsa/202401-18
15
reference_url https://security.netapp.com/advisory/ntap-20231130-0009
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://security.netapp.com/advisory/ntap-20231130-0009
16
reference_url https://security.netapp.com/advisory/ntap-20231130-0009/
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-07-19T03:55:37Z/
url https://security.netapp.com/advisory/ntap-20231130-0009/
17
reference_url https://www.winimage.com/zLibDll/minizip.html
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
2
value CRITICAL
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-07-19T03:55:37Z/
url https://www.winimage.com/zLibDll/minizip.html
18
reference_url http://www.openwall.com/lists/oss-security/2023/10/20/9
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
2
value CRITICAL
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-07-19T03:55:37Z/
url http://www.openwall.com/lists/oss-security/2023/10/20/9
19
reference_url http://www.openwall.com/lists/oss-security/2024/01/24/10
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
2
value CRITICAL
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-07-19T03:55:37Z/
url http://www.openwall.com/lists/oss-security/2024/01/24/10
20
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1054290
reference_id 1054290
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1054290
21
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1056718
reference_id 1056718
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1056718
22
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2244556
reference_id 2244556
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2244556
23
reference_url https://security.archlinux.org/AVG-2847
reference_id AVG-2847
reference_type
scores
0
value Critical
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-2847
24
reference_url https://github.com/advisories/GHSA-mq29-j5xf-cjwr
reference_id GHSA-mq29-j5xf-cjwr
reference_type
scores
0
value CRITICAL
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-mq29-j5xf-cjwr
25
reference_url https://access.redhat.com/errata/RHSA-2023:7626
reference_id RHSA-2023:7626
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:7626
26
reference_url https://usn.ubuntu.com/7107-1/
reference_id USN-7107-1
reference_type
scores
url https://usn.ubuntu.com/7107-1/
fixed_packages
0
url pkg:apk/alpine/zlib@0?arch=ppc64le&distroversion=v3.21&reponame=main
purl pkg:apk/alpine/zlib@0?arch=ppc64le&distroversion=v3.21&reponame=main
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/zlib@0%3Farch=ppc64le&distroversion=v3.21&reponame=main
aliases CVE-2023-45853, GHSA-mq29-j5xf-cjwr
risk_score 4.5
exploitability 0.5
weighted_severity 9.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-v6pc-48dg-4kad
Risk_scorenull
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:apk/alpine/zlib@0%3Farch=ppc64le&distroversion=v3.21&reponame=main