Django REST framework

Lookup for vulnerable packages by Package URL.

Purl pkg:deb/debian/fetchmail@6.4.16-4%2Bdeb11u1

Type deb

Namespace debian

Name fetchmail

Version 6.4.16-4+deb11u1

Qualifiers

Subpath

Is_vulnerable true

Next_non_vulnerable_version 6.6.3-2

Latest_non_vulnerable_version 6.6.3-2

Affected_by_vulnerabilities

url VCID-9jz6-rpya-pugm

vulnerability_id VCID-9jz6-rpya-pugm

summary fetchmail: Fetchmail denial of service

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-61962.json

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-61962.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2025-61962

reference_id

reference_type

scores

value	0.00056
scoring_system	epss
scoring_elements	0.17688
published_at	2026-04-02T12:55:00Z

value	0.00056
scoring_system	epss
scoring_elements	0.17421
published_at	2026-04-24T12:55:00Z

value	0.00056
scoring_system	epss
scoring_elements	0.17605
published_at	2026-04-09T12:55:00Z

value	0.00056
scoring_system	epss
scoring_elements	0.17622
published_at	2026-04-11T12:55:00Z

value	0.00056
scoring_system	epss
scoring_elements	0.17576
published_at	2026-04-12T12:55:00Z

value	0.00056
scoring_system	epss
scoring_elements	0.17524
published_at	2026-04-13T12:55:00Z

value	0.00056
scoring_system	epss
scoring_elements	0.17468
published_at	2026-04-16T12:55:00Z

value	0.00056
scoring_system	epss
scoring_elements	0.17476
published_at	2026-04-18T12:55:00Z

value	0.00056
scoring_system	epss
scoring_elements	0.17511
published_at	2026-04-21T12:55:00Z

value	0.00056
scoring_system	epss
scoring_elements	0.17734
published_at	2026-04-04T12:55:00Z

value	0.00056
scoring_system	epss
scoring_elements	0.17455
published_at	2026-04-07T12:55:00Z

value	0.00056
scoring_system	epss
scoring_elements	0.17546
published_at	2026-04-08T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2025-61962

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-61962
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-61962

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1117136
reference_id	1117136
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1117136

reference_url

https://www.openwall.com/lists/oss-security/2025/10/03/2

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-06T14:20:46Z/

url

https://www.openwall.com/lists/oss-security/2025/10/03/2

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2401405
reference_id	2401405
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2401405

reference_url

https://gitlab.com/fetchmail/fetchmail/-/commit/4c3cebfa4e659fb778ca2cae0ccb3f69201609a8

reference_id

4c3cebfa4e659fb778ca2cae0ccb3f69201609a8

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-06T14:20:46Z/

url

https://gitlab.com/fetchmail/fetchmail/-/commit/4c3cebfa4e659fb778ca2cae0ccb3f69201609a8

reference_url

https://www.fetchmail.info/fetchmail-SA-2025-01.txt

reference_id

fetchmail-SA-2025-01.txt

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-06T14:20:46Z/

url

https://www.fetchmail.info/fetchmail-SA-2025-01.txt

reference_url	https://usn.ubuntu.com/7838-1/
reference_id	USN-7838-1
reference_type
scores
url	https://usn.ubuntu.com/7838-1/

fixed_packages

url	pkg:deb/debian/fetchmail@6.6.2-3
purl	pkg:deb/debian/fetchmail@6.6.2-3
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/fetchmail@6.6.2-3

url	pkg:deb/debian/fetchmail@6.6.3-1
purl	pkg:deb/debian/fetchmail@6.6.3-1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/fetchmail@6.6.3-1

url	pkg:deb/debian/fetchmail@6.6.3-2
purl	pkg:deb/debian/fetchmail@6.6.3-2
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/fetchmail@6.6.3-2

aliases CVE-2025-61962

risk_score 2.6

exploitability 0.5

weighted_severity 5.3

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-9jz6-rpya-pugm

url VCID-qdy8-1c8c-jbcs

vulnerability_id VCID-qdy8-1c8c-jbcs

summary Multiple vulnerabilities have been discovered in Fetchmail, the worst of which could result in email disclosure to third parties.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-39272.json

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-39272.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2021-39272

reference_id

reference_type

scores

value	0.00182
scoring_system	epss
scoring_elements	0.39879
published_at	2026-04-01T12:55:00Z

value	0.00182
scoring_system	epss
scoring_elements	0.39764
published_at	2026-04-24T12:55:00Z

value	0.00182
scoring_system	epss
scoring_elements	0.40045
published_at	2026-04-16T12:55:00Z

value	0.00182
scoring_system	epss
scoring_elements	0.39937
published_at	2026-04-21T12:55:00Z

value	0.00182
scoring_system	epss
scoring_elements	0.40027
published_at	2026-04-08T12:55:00Z

value	0.00182
scoring_system	epss
scoring_elements	0.40053
published_at	2026-04-04T12:55:00Z

value	0.00182
scoring_system	epss
scoring_elements	0.39974
published_at	2026-04-07T12:55:00Z

value	0.00182
scoring_system	epss
scoring_elements	0.40041
published_at	2026-04-09T12:55:00Z

value	0.00182
scoring_system	epss
scoring_elements	0.40052
published_at	2026-04-11T12:55:00Z

value	0.00182
scoring_system	epss
scoring_elements	0.40015
published_at	2026-04-18T12:55:00Z

value	0.00182
scoring_system	epss
scoring_elements	0.39995
published_at	2026-04-13T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2021-39272

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-39272
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-39272

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1999190
reference_id	1999190
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1999190

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=993163
reference_id	993163
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=993163

reference_url

https://security.archlinux.org/AVG-2326

reference_id

AVG-2326

reference_type

scores

value	Medium
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-2326

reference_url	https://security.gentoo.org/glsa/202209-14
reference_id	GLSA-202209-14
reference_type
scores
url	https://security.gentoo.org/glsa/202209-14

reference_url	https://access.redhat.com/errata/RHSA-2022:1964
reference_id	RHSA-2022:1964
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:1964

fixed_packages

url pkg:deb/debian/fetchmail@6.4.37-1

purl pkg:deb/debian/fetchmail@6.4.37-1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-9jz6-rpya-pugm

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/fetchmail@6.4.37-1

aliases CVE-2021-39272

risk_score 3.1

exploitability 0.5

weighted_severity 6.2

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-qdy8-1c8c-jbcs

Fixing_vulnerabilities

url VCID-97ss-zfpr-y3ay

vulnerability_id VCID-97ss-zfpr-y3ay

summary Multiple vulnerabilities have been discovered in Fetchmail, the worst of which could result in email disclosure to third parties.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-36386.json

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-36386.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2021-36386

reference_id

reference_type

scores

value	0.0026
scoring_system	epss
scoring_elements	0.49302
published_at	2026-04-01T12:55:00Z

value	0.0026
scoring_system	epss
scoring_elements	0.49356
published_at	2026-04-24T12:55:00Z

value	0.0026
scoring_system	epss
scoring_elements	0.49399
published_at	2026-04-18T12:55:00Z

value	0.0026
scoring_system	epss
scoring_elements	0.4937
published_at	2026-04-21T12:55:00Z

value	0.0026
scoring_system	epss
scoring_elements	0.49332
published_at	2026-04-02T12:55:00Z

value	0.0026
scoring_system	epss
scoring_elements	0.49359
published_at	2026-04-04T12:55:00Z

value	0.0026
scoring_system	epss
scoring_elements	0.49313
published_at	2026-04-07T12:55:00Z

value	0.0026
scoring_system	epss
scoring_elements	0.49367
published_at	2026-04-08T12:55:00Z

value	0.0026
scoring_system	epss
scoring_elements	0.49363
published_at	2026-04-09T12:55:00Z

value	0.0026
scoring_system	epss
scoring_elements	0.49382
published_at	2026-04-11T12:55:00Z

value	0.0026
scoring_system	epss
scoring_elements	0.49354
published_at	2026-04-12T12:55:00Z

value	0.0026
scoring_system	epss
scoring_elements	0.49357
published_at	2026-04-13T12:55:00Z

value	0.0026
scoring_system	epss
scoring_elements	0.49403
published_at	2026-04-16T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2021-36386

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36386
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36386

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	5.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1987766
reference_id	1987766
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1987766

reference_url

https://security.archlinux.org/AVG-2238

reference_id

AVG-2238

reference_type

scores

value	Low
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-2238

reference_url	https://security.gentoo.org/glsa/202209-14
reference_id	GLSA-202209-14
reference_type
scores
url	https://security.gentoo.org/glsa/202209-14

reference_url	https://access.redhat.com/errata/RHSA-2022:1964
reference_id	RHSA-2022:1964
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:1964

fixed_packages

url pkg:deb/debian/fetchmail@6.4.16-4%2Bdeb11u1

purl pkg:deb/debian/fetchmail@6.4.16-4%2Bdeb11u1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-9jz6-rpya-pugm

vulnerability	VCID-qdy8-1c8c-jbcs

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/fetchmail@6.4.16-4%252Bdeb11u1

aliases CVE-2021-36386

risk_score 3.4

exploitability 0.5

weighted_severity 6.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-97ss-zfpr-y3ay

Risk_score 3.1

Resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/fetchmail@6.4.16-4%252Bdeb11u1

Package Instance