Django REST framework

Lookup for vulnerable packages by Package URL.

Purl pkg:deb/debian/bzip2@1.0.6-1?distro=trixie

Type deb

Namespace debian

Name bzip2

Version 1.0.6-1

Qualifiers

distro	trixie

Subpath

Is_vulnerable false

Next_non_vulnerable_version 1.0.6-8.1

Latest_non_vulnerable_version 1.0.8-6

Affected_by_vulnerabilities

Fixing_vulnerabilities

url VCID-569v-spq6-dbhv

vulnerability_id VCID-569v-spq6-dbhv

summary The bzexe command in bzip2 1.0.5 and earlier generates compressed executables that do not properly handle temporary files during extraction, which allows local users to execute arbitrary code by precreating a temporary directory.

references

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-4089.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-4089.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2011-4089

reference_id

reference_type

scores

value	0.00152
scoring_system	epss
scoring_elements	0.35722
published_at	2026-04-01T12:55:00Z

value	0.00152
scoring_system	epss
scoring_elements	0.3592
published_at	2026-04-02T12:55:00Z

value	0.00152
scoring_system	epss
scoring_elements	0.3595
published_at	2026-04-04T12:55:00Z

value	0.00152
scoring_system	epss
scoring_elements	0.35781
published_at	2026-04-07T12:55:00Z

value	0.00152
scoring_system	epss
scoring_elements	0.35831
published_at	2026-04-08T12:55:00Z

value	0.00152
scoring_system	epss
scoring_elements	0.35854
published_at	2026-04-09T12:55:00Z

value	0.00152
scoring_system	epss
scoring_elements	0.35861
published_at	2026-04-11T12:55:00Z

value	0.00152
scoring_system	epss
scoring_elements	0.3582
published_at	2026-04-12T12:55:00Z

value	0.00152
scoring_system	epss
scoring_elements	0.35797
published_at	2026-04-13T12:55:00Z

value	0.00152
scoring_system	epss
scoring_elements	0.35836
published_at	2026-04-16T12:55:00Z

value	0.00152
scoring_system	epss
scoring_elements	0.35824
published_at	2026-04-18T12:55:00Z

value	0.00152
scoring_system	epss
scoring_elements	0.35775
published_at	2026-04-21T12:55:00Z

value	0.00152
scoring_system	epss
scoring_elements	0.35543
published_at	2026-04-24T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2011-4089

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4089
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4089

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=632862
reference_id	632862
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=632862

reference_url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/local/18147.c
reference_id	CVE-2011-4089;OSVDB-77356
reference_type	exploit
scores
url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/local/18147.c

reference_url	https://usn.ubuntu.com/1308-1/
reference_id	USN-1308-1
reference_type
scores
url	https://usn.ubuntu.com/1308-1/

fixed_packages

url	pkg:deb/debian/bzip2@1.0.6-1?distro=trixie
purl	pkg:deb/debian/bzip2@1.0.6-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/bzip2@1.0.6-1%3Fdistro=trixie

url	pkg:deb/debian/bzip2@1.0.8-4?distro=trixie
purl	pkg:deb/debian/bzip2@1.0.8-4?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/bzip2@1.0.8-4%3Fdistro=trixie

url	pkg:deb/debian/bzip2@1.0.8-5?distro=trixie
purl	pkg:deb/debian/bzip2@1.0.8-5?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/bzip2@1.0.8-5%3Fdistro=trixie

url	pkg:deb/debian/bzip2@1.0.8-6?distro=trixie
purl	pkg:deb/debian/bzip2@1.0.8-6?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/bzip2@1.0.8-6%3Fdistro=trixie

aliases CVE-2011-4089

risk_score null

exploitability 2.0

weighted_severity 0.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-569v-spq6-dbhv

Risk_score null

Resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/bzip2@1.0.6-1%3Fdistro=trixie

Package Instance