Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:deb/debian/vino@2.16.0-5
Typedeb
Namespacedebian
Namevino
Version2.16.0-5
Qualifiers
Subpath
Is_vulnerabletrue
Next_non_vulnerable_version3.22.0-6
Latest_non_vulnerable_version3.22.0-6
Affected_by_vulnerabilities
0
url VCID-3m91-rw1t-5bh8
vulnerability_id VCID-3m91-rw1t-5bh8
summary multiple issues
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-7225.json
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-7225.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2018-7225
reference_id
reference_type
scores
0
value 0.03304
scoring_system epss
scoring_elements 0.87461
published_at 2026-06-04T12:55:00Z
1
value 0.03304
scoring_system epss
scoring_elements 0.87483
published_at 2026-06-05T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2018-7225
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-7225
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-7225
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.1
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1546858
reference_id 1546858
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1546858
5
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=894045
reference_id 894045
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=894045
6
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=945784
reference_id 945784
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=945784
7
reference_url https://security.archlinux.org/AVG-628
reference_id AVG-628
reference_type
scores
0
value High
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-628
8
reference_url https://security.gentoo.org/glsa/201908-05
reference_id GLSA-201908-05
reference_type
scores
url https://security.gentoo.org/glsa/201908-05
9
reference_url https://access.redhat.com/errata/RHSA-2018:1055
reference_id RHSA-2018:1055
reference_type
scores
url https://access.redhat.com/errata/RHSA-2018:1055
10
reference_url https://usn.ubuntu.com/3618-1/
reference_id USN-3618-1
reference_type
scores
url https://usn.ubuntu.com/3618-1/
11
reference_url https://usn.ubuntu.com/4547-1/
reference_id USN-4547-1
reference_type
scores
url https://usn.ubuntu.com/4547-1/
12
reference_url https://usn.ubuntu.com/4573-1/
reference_id USN-4573-1
reference_type
scores
url https://usn.ubuntu.com/4573-1/
13
reference_url https://usn.ubuntu.com/4587-1/
reference_id USN-4587-1
reference_type
scores
url https://usn.ubuntu.com/4587-1/
fixed_packages
0
url pkg:deb/debian/vino@3.22.0-6
purl pkg:deb/debian/vino@3.22.0-6
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/vino@3.22.0-6
aliases CVE-2018-7225
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-3m91-rw1t-5bh8
1
url VCID-78gh-2kxj-cygt
vulnerability_id VCID-78gh-2kxj-cygt
summary The rfbSendFramebufferUpdate function in server/libvncserver/rfbserver.c in vino-server in Vino 2.x before 2.28.3, 2.32.x before 2.32.2, 3.0.x before 3.0.2, and 3.1.x before 3.1.1, when raw encoding is used, allows remote authenticated users to cause a denial of service (daemon crash) via a large (1) X position or (2) Y position value in a framebuffer update request that triggers an out-of-bounds memory access, related to the rfbTranslateNone and rfbSendRectEncodingRaw functions.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-0904.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-0904.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2011-0904
reference_id
reference_type
scores
0
value 0.00685
scoring_system epss
scoring_elements 0.72073
published_at 2026-06-04T12:55:00Z
1
value 0.00685
scoring_system epss
scoring_elements 0.72114
published_at 2026-06-05T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2011-0904
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0904
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0904
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=694455
reference_id 694455
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=694455
4
reference_url https://security.gentoo.org/glsa/201412-09
reference_id GLSA-201412-09
reference_type
scores
url https://security.gentoo.org/glsa/201412-09
5
reference_url https://access.redhat.com/errata/RHSA-2013:0169
reference_id RHSA-2013:0169
reference_type
scores
url https://access.redhat.com/errata/RHSA-2013:0169
6
reference_url https://usn.ubuntu.com/1128-1/
reference_id USN-1128-1
reference_type
scores
url https://usn.ubuntu.com/1128-1/
fixed_packages
0
url pkg:deb/debian/vino@3.4.2-1
purl pkg:deb/debian/vino@3.4.2-1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3m91-rw1t-5bh8
1
vulnerability VCID-n7ve-shr4-fuef
2
vulnerability VCID-nvvv-3nfy-43gf
3
vulnerability VCID-s6t6-y6h1-wfdd
4
vulnerability VCID-ykkk-3xmt-d7g7
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/vino@3.4.2-1
aliases CVE-2011-0904
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-78gh-2kxj-cygt
2
url VCID-n7ve-shr4-fuef
vulnerability_id VCID-n7ve-shr4-fuef
summary The rfbProcessClientNormalMessage function in libvncserver/rfbserver.c in LibVNCServer 0.9.9 and earlier does not properly handle attempts to send a large amount of ClientCutText data, which allows remote attackers to cause a denial of service (memory consumption or daemon crash) via a crafted message that is processed by using a single unchecked malloc.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-6053.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-6053.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2014-6053
reference_id
reference_type
scores
0
value 0.36865
scoring_system epss
scoring_elements 0.97236
published_at 2026-06-04T12:55:00Z
1
value 0.36865
scoring_system epss
scoring_elements 0.97239
published_at 2026-06-05T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2014-6053
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6051
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6051
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6052
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6052
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6053
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6053
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6054
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6054
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6055
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6055
7
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1144289
reference_id 1144289
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1144289
8
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=762745
reference_id 762745
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=762745
9
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=945784
reference_id 945784
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=945784
10
reference_url https://security.gentoo.org/glsa/201507-07
reference_id GLSA-201507-07
reference_type
scores
url https://security.gentoo.org/glsa/201507-07
11
reference_url https://access.redhat.com/errata/RHSA-2014:1826
reference_id RHSA-2014:1826
reference_type
scores
url https://access.redhat.com/errata/RHSA-2014:1826
12
reference_url https://access.redhat.com/errata/RHSA-2014:1827
reference_id RHSA-2014:1827
reference_type
scores
url https://access.redhat.com/errata/RHSA-2014:1827
13
reference_url https://usn.ubuntu.com/2365-1/
reference_id USN-2365-1
reference_type
scores
url https://usn.ubuntu.com/2365-1/
14
reference_url https://usn.ubuntu.com/4573-1/
reference_id USN-4573-1
reference_type
scores
url https://usn.ubuntu.com/4573-1/
15
reference_url https://usn.ubuntu.com/4587-1/
reference_id USN-4587-1
reference_type
scores
url https://usn.ubuntu.com/4587-1/
fixed_packages
0
url pkg:deb/debian/vino@3.22.0-6
purl pkg:deb/debian/vino@3.22.0-6
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/vino@3.22.0-6
aliases CVE-2014-6053
risk_score 0.1
exploitability 0.5
weighted_severity 0.3
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-n7ve-shr4-fuef
3
url VCID-nvvv-3nfy-43gf
vulnerability_id VCID-nvvv-3nfy-43gf
summary Vino 2.28, 2.32, 3.4.2, and earlier allows remote attackers to read clipboard activity by listening on TCP port 5900.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-4429.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-4429.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2012-4429
reference_id
reference_type
scores
0
value 0.00608
scoring_system epss
scoring_elements 0.70083
published_at 2026-06-04T12:55:00Z
1
value 0.00608
scoring_system epss
scoring_elements 0.70124
published_at 2026-06-05T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2012-4429
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4429
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4429
3
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=687596
reference_id 687596
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=687596
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=857250
reference_id 857250
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=857250
5
reference_url https://access.redhat.com/errata/RHSA-2013:0169
reference_id RHSA-2013:0169
reference_type
scores
url https://access.redhat.com/errata/RHSA-2013:0169
6
reference_url https://usn.ubuntu.com/1701-1/
reference_id USN-1701-1
reference_type
scores
url https://usn.ubuntu.com/1701-1/
fixed_packages
0
url pkg:deb/debian/vino@3.14.0-2
purl pkg:deb/debian/vino@3.14.0-2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3m91-rw1t-5bh8
1
vulnerability VCID-n7ve-shr4-fuef
2
vulnerability VCID-ykkk-3xmt-d7g7
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/vino@3.14.0-2
aliases CVE-2012-4429
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-nvvv-3nfy-43gf
4
url VCID-rtxf-8hvb-s7f8
vulnerability_id VCID-rtxf-8hvb-s7f8
summary The rfbSendFramebufferUpdate function in server/libvncserver/rfbserver.c in vino-server in Vino 2.x before 2.28.3, 2.32.x before 2.32.2, 3.0.x before 3.0.2, and 3.1.x before 3.1.1, when tight encoding is used, allows remote authenticated users to cause a denial of service (daemon crash) via crafted dimensions in a framebuffer update request that triggers an out-of-bounds read operation.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-0905.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-0905.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2011-0905
reference_id
reference_type
scores
0
value 0.01211
scoring_system epss
scoring_elements 0.79319
published_at 2026-06-04T12:55:00Z
1
value 0.01211
scoring_system epss
scoring_elements 0.79345
published_at 2026-06-05T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2011-0905
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0905
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0905
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=694456
reference_id 694456
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=694456
4
reference_url https://security.gentoo.org/glsa/201412-09
reference_id GLSA-201412-09
reference_type
scores
url https://security.gentoo.org/glsa/201412-09
5
reference_url https://access.redhat.com/errata/RHSA-2013:0169
reference_id RHSA-2013:0169
reference_type
scores
url https://access.redhat.com/errata/RHSA-2013:0169
6
reference_url https://usn.ubuntu.com/1128-1/
reference_id USN-1128-1
reference_type
scores
url https://usn.ubuntu.com/1128-1/
fixed_packages
0
url pkg:deb/debian/vino@3.4.2-1
purl pkg:deb/debian/vino@3.4.2-1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3m91-rw1t-5bh8
1
vulnerability VCID-n7ve-shr4-fuef
2
vulnerability VCID-nvvv-3nfy-43gf
3
vulnerability VCID-s6t6-y6h1-wfdd
4
vulnerability VCID-ykkk-3xmt-d7g7
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/vino@3.4.2-1
aliases CVE-2011-0905
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-rtxf-8hvb-s7f8
5
url VCID-s6t6-y6h1-wfdd
vulnerability_id VCID-s6t6-y6h1-wfdd
summary The vino_server_client_data_pending function in vino-server.c in GNOME Vino 2.26.1, 2.32.1, 3.7.3, and earlier, and 3.8 when encryption is disabled, does not properly clear client data when an error causes the connection to close during authentication, which allows remote attackers to cause a denial of service (infinite loop, CPU and disk consumption) via multiple crafted requests during authentication.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-5745.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-5745.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2013-5745
reference_id
reference_type
scores
0
value 0.18726
scoring_system epss
scoring_elements 0.95408
published_at 2026-06-04T12:55:00Z
1
value 0.18726
scoring_system epss
scoring_elements 0.95416
published_at 2026-06-05T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2013-5745
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5745
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5745
3
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=724545
reference_id 724545
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=724545
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=910082
reference_id 910082
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=910082
5
reference_url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/dos/28338.txt
reference_id CVE-2013-5745;OSVDB-97419
reference_type exploit
scores
url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/dos/28338.txt
6
reference_url https://access.redhat.com/errata/RHSA-2013:1452
reference_id RHSA-2013:1452
reference_type
scores
url https://access.redhat.com/errata/RHSA-2013:1452
7
reference_url https://usn.ubuntu.com/1980-1/
reference_id USN-1980-1
reference_type
scores
url https://usn.ubuntu.com/1980-1/
fixed_packages
0
url pkg:deb/debian/vino@3.14.0-2
purl pkg:deb/debian/vino@3.14.0-2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3m91-rw1t-5bh8
1
vulnerability VCID-n7ve-shr4-fuef
2
vulnerability VCID-ykkk-3xmt-d7g7
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/vino@3.14.0-2
aliases CVE-2013-5745
risk_score 0.4
exploitability 2.0
weighted_severity 0.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-s6t6-y6h1-wfdd
6
url VCID-ykkk-3xmt-d7g7
vulnerability_id VCID-ykkk-3xmt-d7g7
summary LibVNC commit before d01e1bb4246323ba6fcee3b82ef1faa9b1dac82a contains a memory leak (CWE-655) in VNC server code, which allow an attacker to read stack memory and can be abused for information disclosure. Combined with another vulnerability, it can be used to leak stack memory and bypass ASLR. This attack appear to be exploitable via network connectivity. These vulnerabilities have been fixed in commit d01e1bb4246323ba6fcee3b82ef1faa9b1dac82a.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-15681.json
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-15681.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2019-15681
reference_id
reference_type
scores
0
value 0.0937
scoring_system epss
scoring_elements 0.9293
published_at 2026-06-04T12:55:00Z
1
value 0.0937
scoring_system epss
scoring_elements 0.92941
published_at 2026-06-05T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2019-15681
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15681
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15681
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 4.8
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1854761
reference_id 1854761
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1854761
5
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=943793
reference_id 943793
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=943793
6
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=945784
reference_id 945784
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=945784
7
reference_url https://usn.ubuntu.com/4407-1/
reference_id USN-4407-1
reference_type
scores
url https://usn.ubuntu.com/4407-1/
8
reference_url https://usn.ubuntu.com/4547-1/
reference_id USN-4547-1
reference_type
scores
url https://usn.ubuntu.com/4547-1/
9
reference_url https://usn.ubuntu.com/4573-1/
reference_id USN-4573-1
reference_type
scores
url https://usn.ubuntu.com/4573-1/
10
reference_url https://usn.ubuntu.com/4587-1/
reference_id USN-4587-1
reference_type
scores
url https://usn.ubuntu.com/4587-1/
fixed_packages
0
url pkg:deb/debian/vino@3.22.0-6
purl pkg:deb/debian/vino@3.22.0-6
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/vino@3.22.0-6
aliases CVE-2019-15681
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ykkk-3xmt-d7g7
Fixing_vulnerabilities
Risk_score4.0
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:deb/debian/vino@2.16.0-5