Django REST framework

Lookup for vulnerable packages by Package URL.

Purl pkg:deb/debian/cairo@1.16.0-5

Type deb

Namespace debian

Name cairo

Version 1.16.0-5

Qualifiers

Subpath

Is_vulnerable true

Next_non_vulnerable_version 1.18.4-1

Latest_non_vulnerable_version 1.18.4-1

Affected_by_vulnerabilities

url VCID-2x1s-k411-sygp

vulnerability_id VCID-2x1s-k411-sygp

summary Multiple vulnerabilities have been discovered in Cairo, the worst of which a denial of service.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-6462.json

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-6462.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2019-6462

reference_id

reference_type

scores

value	0.00051
scoring_system	epss
scoring_elements	0.15737
published_at	2026-04-01T12:55:00Z

value	0.00051
scoring_system	epss
scoring_elements	0.15683
published_at	2026-04-24T12:55:00Z

value	0.00051
scoring_system	epss
scoring_elements	0.15712
published_at	2026-04-12T12:55:00Z

value	0.00051
scoring_system	epss
scoring_elements	0.15647
published_at	2026-04-13T12:55:00Z

value	0.00051
scoring_system	epss
scoring_elements	0.15579
published_at	2026-04-16T12:55:00Z

value	0.00051
scoring_system	epss
scoring_elements	0.15588
published_at	2026-04-18T12:55:00Z

value	0.00051
scoring_system	epss
scoring_elements	0.15764
published_at	2026-04-02T12:55:00Z

value	0.00051
scoring_system	epss
scoring_elements	0.1583
published_at	2026-04-04T12:55:00Z

value	0.00051
scoring_system	epss
scoring_elements	0.15634
published_at	2026-04-07T12:55:00Z

value	0.00051
scoring_system	epss
scoring_elements	0.15719
published_at	2026-04-08T12:55:00Z

value	0.00051
scoring_system	epss
scoring_elements	0.15779
published_at	2026-04-09T12:55:00Z

value	0.00051
scoring_system	epss
scoring_elements	0.15747
published_at	2026-04-11T12:55:00Z

value	0.00052
scoring_system	epss
scoring_elements	0.16273
published_at	2026-04-21T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2019-6462

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-6462
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-6462

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	3.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://github.com/TeamSeri0us/pocs/tree/master/gerbv
reference_id
reference_type
scores
url	https://github.com/TeamSeri0us/pocs/tree/master/gerbv

reference_url	https://gitlab.freedesktop.org/cairo/cairo/issues/353
reference_id
reference_type
scores
url	https://gitlab.freedesktop.org/cairo/cairo/issues/353

reference_url	https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772%40%3Cdev.mina.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772%40%3Cdev.mina.apache.org%3E

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1671399
reference_id	1671399
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1671399

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=929945
reference_id	929945
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=929945

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cairographics:cairo:1.16.0:::::::*
reference_id	cpe:2.3:a:cairographics:cairo:1.16.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cairographics:cairo:1.16.0:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2019-6462

reference_id

CVE-2019-6462

reference_type

scores

value	4.3
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:N/I:N/A:P

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

url

https://nvd.nist.gov/vuln/detail/CVE-2019-6462

reference_url	https://security.gentoo.org/glsa/202408-09
reference_id	GLSA-202408-09
reference_type
scores
url	https://security.gentoo.org/glsa/202408-09

reference_url	https://usn.ubuntu.com/5407-1/
reference_id	USN-5407-1
reference_type
scores
url	https://usn.ubuntu.com/5407-1/

reference_url	https://usn.ubuntu.com/8140-1/
reference_id	USN-8140-1
reference_type
scores
url	https://usn.ubuntu.com/8140-1/

fixed_packages

url	pkg:deb/debian/cairo@1.18.4-1
purl	pkg:deb/debian/cairo@1.18.4-1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/cairo@1.18.4-1

aliases CVE-2019-6462

risk_score 3.0

exploitability 0.5

weighted_severity 5.9

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-2x1s-k411-sygp

url VCID-xjzg-rhgm-nudn

vulnerability_id VCID-xjzg-rhgm-nudn

summary Multiple vulnerabilities have been discovered in Cairo, the worst of which a denial of service.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-6461.json

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-6461.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2019-6461

reference_id

reference_type

scores

value	0.00053
scoring_system	epss
scoring_elements	0.16638
published_at	2026-04-01T12:55:00Z

value	0.00053
scoring_system	epss
scoring_elements	0.16556
published_at	2026-04-24T12:55:00Z

value	0.00053
scoring_system	epss
scoring_elements	0.16728
published_at	2026-04-12T12:55:00Z

value	0.00053
scoring_system	epss
scoring_elements	0.1667
published_at	2026-04-13T12:55:00Z

value	0.00053
scoring_system	epss
scoring_elements	0.16607
published_at	2026-04-16T12:55:00Z

value	0.00053
scoring_system	epss
scoring_elements	0.16615
published_at	2026-04-18T12:55:00Z

value	0.00053
scoring_system	epss
scoring_elements	0.16811
published_at	2026-04-02T12:55:00Z

value	0.00053
scoring_system	epss
scoring_elements	0.16868
published_at	2026-04-04T12:55:00Z

value	0.00053
scoring_system	epss
scoring_elements	0.16653
published_at	2026-04-07T12:55:00Z

value	0.00053
scoring_system	epss
scoring_elements	0.16738
published_at	2026-04-08T12:55:00Z

value	0.00053
scoring_system	epss
scoring_elements	0.16792
published_at	2026-04-09T12:55:00Z

value	0.00053
scoring_system	epss
scoring_elements	0.16771
published_at	2026-04-11T12:55:00Z

value	0.00055
scoring_system	epss
scoring_elements	0.17124
published_at	2026-04-21T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2019-6461

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-6461
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-6461

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	3.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://github.com/TeamSeri0us/pocs/tree/master/gerbv
reference_id
reference_type
scores
url	https://github.com/TeamSeri0us/pocs/tree/master/gerbv

reference_url	https://gitlab.freedesktop.org/cairo/cairo/issues/352
reference_id
reference_type
scores
url	https://gitlab.freedesktop.org/cairo/cairo/issues/352

reference_url	https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772%40%3Cdev.mina.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772%40%3Cdev.mina.apache.org%3E

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1669629
reference_id	1669629
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1669629

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=929944
reference_id	929944
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=929944

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cairographics:cairo:1.16.0:::::::*
reference_id	cpe:2.3:a:cairographics:cairo:1.16.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cairographics:cairo:1.16.0:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2019-6461

reference_id

CVE-2019-6461

reference_type

scores

value	4.3
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:N/I:N/A:P

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

url

https://nvd.nist.gov/vuln/detail/CVE-2019-6461

reference_url	https://security.gentoo.org/glsa/202408-09
reference_id	GLSA-202408-09
reference_type
scores
url	https://security.gentoo.org/glsa/202408-09

reference_url	https://usn.ubuntu.com/8140-1/
reference_id	USN-8140-1
reference_type
scores
url	https://usn.ubuntu.com/8140-1/

fixed_packages

url	pkg:deb/debian/cairo@1.18.4-1
purl	pkg:deb/debian/cairo@1.18.4-1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/cairo@1.18.4-1

aliases CVE-2019-6461

risk_score 3.0

exploitability 0.5

weighted_severity 5.9

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-xjzg-rhgm-nudn

Fixing_vulnerabilities

url VCID-rzf2-bp8j-27fq

vulnerability_id VCID-rzf2-bp8j-27fq

summary A buffer overflow vulnerability has been discovered in Cairo which could result in denial of service.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-35492.json

reference_id

reference_type

scores

value	7.8
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-35492.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2020-35492

reference_id

reference_type

scores

value	0.00098
scoring_system	epss
scoring_elements	0.26976
published_at	2026-04-01T12:55:00Z

value	0.00098
scoring_system	epss
scoring_elements	0.26746
published_at	2026-04-24T12:55:00Z

value	0.00098
scoring_system	epss
scoring_elements	0.26961
published_at	2026-04-11T12:55:00Z

value	0.00098
scoring_system	epss
scoring_elements	0.26917
published_at	2026-04-12T12:55:00Z

value	0.00098
scoring_system	epss
scoring_elements	0.2686
published_at	2026-04-13T12:55:00Z

value	0.00098
scoring_system	epss
scoring_elements	0.26872
published_at	2026-04-16T12:55:00Z

value	0.00098
scoring_system	epss
scoring_elements	0.27016
published_at	2026-04-02T12:55:00Z

value	0.00098
scoring_system	epss
scoring_elements	0.27053
published_at	2026-04-04T12:55:00Z

value	0.00098
scoring_system	epss
scoring_elements	0.26843
published_at	2026-04-18T12:55:00Z

value	0.00098
scoring_system	epss
scoring_elements	0.26911
published_at	2026-04-08T12:55:00Z

value	0.00098
scoring_system	epss
scoring_elements	0.26957
published_at	2026-04-09T12:55:00Z

value	0.00106
scoring_system	epss
scoring_elements	0.28701
published_at	2026-04-21T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2020-35492

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-35492
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-35492

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	7.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1898396
reference_id	1898396
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1898396

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=978658
reference_id	978658
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=978658

reference_url

https://security.archlinux.org/AVG-1391

reference_id

AVG-1391

reference_type

scores

value	Medium
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-1391

reference_url

https://security.archlinux.org/AVG-1392

reference_id

AVG-1392

reference_type

scores

value	Medium
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-1392

reference_url	https://nvd.nist.gov/vuln/detail/CVE-2020-35492
reference_id	CVE-2020-35492
reference_type
scores
url	https://nvd.nist.gov/vuln/detail/CVE-2020-35492

reference_url	https://security.gentoo.org/glsa/202305-21
reference_id	GLSA-202305-21
reference_type
scores
url	https://security.gentoo.org/glsa/202305-21

reference_url	https://access.redhat.com/errata/RHSA-2022:1961
reference_id	RHSA-2022:1961
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:1961

reference_url	https://usn.ubuntu.com/5407-1/
reference_id	USN-5407-1
reference_type
scores
url	https://usn.ubuntu.com/5407-1/

reference_url	https://usn.ubuntu.com/8140-1/
reference_id	USN-8140-1
reference_type
scores
url	https://usn.ubuntu.com/8140-1/

fixed_packages

url pkg:deb/debian/cairo@1.16.0-5

purl pkg:deb/debian/cairo@1.16.0-5

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2x1s-k411-sygp

vulnerability	VCID-xjzg-rhgm-nudn

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/cairo@1.16.0-5

aliases CVE-2020-35492

risk_score 3.5

exploitability 0.5

weighted_severity 7.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-rzf2-bp8j-27fq

Risk_score 3.0

Resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/cairo@1.16.0-5

Package Instance