Django REST framework

Lookup for vulnerable packages by Package URL.

Purl pkg:deb/debian/ffmpeg@7:7.0.2-1?distro=trixie

Type deb

Namespace debian

Name ffmpeg

Version 7:7.0.2-1

Qualifiers

distro	trixie

Subpath

Is_vulnerable false

Next_non_vulnerable_version 7:7.1-3

Latest_non_vulnerable_version 7:8.1-3

Affected_by_vulnerabilities

Fixing_vulnerabilities

url VCID-fqzc-ggz9-gbd5

vulnerability_id VCID-fqzc-ggz9-gbd5

summary A vulnerability was found in FFmpeg up to 7.0.1. It has been classified as critical. This affects the function pnm_decode_frame in the library /libavcodec/pnmdec.c. The manipulation leads to heap-based buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. Upgrading to version 7.0.2 is able to address this issue. It is recommended to upgrade the affected component. The associated identifier of this vulnerability is VDB-273651.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2024-7055

reference_id

reference_type

scores

value	0.00122
scoring_system	epss
scoring_elements	0.31462
published_at	2026-04-02T12:55:00Z

value	0.00122
scoring_system	epss
scoring_elements	0.31312
published_at	2026-04-21T12:55:00Z

value	0.00122
scoring_system	epss
scoring_elements	0.31341
published_at	2026-04-18T12:55:00Z

value	0.00122
scoring_system	epss
scoring_elements	0.31361
published_at	2026-04-16T12:55:00Z

value	0.00122
scoring_system	epss
scoring_elements	0.31328
published_at	2026-04-13T12:55:00Z

value	0.00122
scoring_system	epss
scoring_elements	0.31367
published_at	2026-04-12T12:55:00Z

value	0.00122
scoring_system	epss
scoring_elements	0.3141
published_at	2026-04-11T12:55:00Z

value	0.00122
scoring_system	epss
scoring_elements	0.31407
published_at	2026-04-09T12:55:00Z

value	0.00122
scoring_system	epss
scoring_elements	0.31376
published_at	2026-04-08T12:55:00Z

value	0.00122
scoring_system	epss
scoring_elements	0.31322
published_at	2026-04-07T12:55:00Z

value	0.00122
scoring_system	epss
scoring_elements	0.31504
published_at	2026-04-04T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2024-7055

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7055
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7055

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

https://vuldb.com/?ctiid.273651

reference_id

?ctiid.273651

reference_type

scores

value	7.5
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:P/I:P/A:P

value	6.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L

value	6.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L

value	6.9
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-08T15:41:29Z/

url

https://vuldb.com/?ctiid.273651

reference_url

https://ffmpeg.org/download.html

reference_id

download.html

reference_type

scores

value	7.5
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:P/I:P/A:P

value	6.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L

value	6.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L

value	6.9
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-08T15:41:29Z/

url

https://ffmpeg.org/download.html

reference_url

https://ffmpeg.org/

reference_id

ffmpeg.org

reference_type

scores

value	7.5
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:P/I:P/A:P

value	6.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L

value	6.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L

value	6.9
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-08T15:41:29Z/

url

https://ffmpeg.org/

reference_url

https://vuldb.com/?id.273651

reference_id

?id.273651

reference_type

scores

value	7.5
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:P/I:P/A:P

value	6.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L

value	6.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L

value	6.9
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-08T15:41:29Z/

url

https://vuldb.com/?id.273651

reference_url

https://github.com/CookedMelon/ReportCVE/tree/main/FFmpeg/poc3

reference_id

poc3

reference_type

scores

value	7.5
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:P/I:P/A:P

value	6.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L

value	6.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L

value	6.9
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-08T15:41:29Z/

url

https://github.com/CookedMelon/ReportCVE/tree/main/FFmpeg/poc3

reference_url

https://vuldb.com/?submit.376532

reference_id

?submit.376532

reference_type

scores

value	7.5
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:P/I:P/A:P

value	6.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L

value	6.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L

value	6.9
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-08T15:41:29Z/

url

https://vuldb.com/?submit.376532

reference_url	https://usn.ubuntu.com/7823-1/
reference_id	USN-7823-1
reference_type
scores
url	https://usn.ubuntu.com/7823-1/

fixed_packages

url pkg:deb/debian/ffmpeg@7:4.3.7-0%2Bdeb11u1?distro=trixie

purl pkg:deb/debian/ffmpeg@7:4.3.7-0%2Bdeb11u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2qje-t52h-fyfk

vulnerability	VCID-mun9-fyvn-8kfs

vulnerability	VCID-ujjc-ays1-gfc2

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/ffmpeg@7:4.3.7-0%252Bdeb11u1%3Fdistro=trixie

url	pkg:deb/debian/ffmpeg@7:4.3.8-0%2Bdeb11u1?distro=trixie
purl	pkg:deb/debian/ffmpeg@7:4.3.8-0%2Bdeb11u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/ffmpeg@7:4.3.8-0%252Bdeb11u1%3Fdistro=trixie

url	pkg:deb/debian/ffmpeg@7:5.1.6-0%2Bdeb12u1?distro=trixie
purl	pkg:deb/debian/ffmpeg@7:5.1.6-0%2Bdeb12u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/ffmpeg@7:5.1.6-0%252Bdeb12u1%3Fdistro=trixie

url pkg:deb/debian/ffmpeg@7:5.1.8-0%2Bdeb12u1?distro=trixie

purl pkg:deb/debian/ffmpeg@7:5.1.8-0%2Bdeb12u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2qje-t52h-fyfk

vulnerability	VCID-352p-mxyy-k3bu

vulnerability	VCID-e9kf-tzg8-9bht

vulnerability	VCID-grh1-jxmf-dqdv

vulnerability	VCID-mun9-fyvn-8kfs

vulnerability	VCID-ns98-tu4j-sfd5

vulnerability	VCID-uakc-kpg5-2ug5

vulnerability	VCID-wrb6-w8ps-uuge

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/ffmpeg@7:5.1.8-0%252Bdeb12u1%3Fdistro=trixie

url	pkg:deb/debian/ffmpeg@7:7.0.2-1?distro=trixie
purl	pkg:deb/debian/ffmpeg@7:7.0.2-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/ffmpeg@7:7.0.2-1%3Fdistro=trixie

url pkg:deb/debian/ffmpeg@7:7.1.3-0%2Bdeb13u1?distro=trixie

purl pkg:deb/debian/ffmpeg@7:7.1.3-0%2Bdeb13u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2qje-t52h-fyfk

vulnerability	VCID-352p-mxyy-k3bu

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/ffmpeg@7:7.1.3-0%252Bdeb13u1%3Fdistro=trixie

url	pkg:deb/debian/ffmpeg@7:8.1-3?distro=trixie
purl	pkg:deb/debian/ffmpeg@7:8.1-3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/ffmpeg@7:8.1-3%3Fdistro=trixie

aliases CVE-2024-7055

risk_score 3.4

exploitability 0.5

weighted_severity 6.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-fqzc-ggz9-gbd5

Risk_score null

Resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/ffmpeg@7:7.0.2-1%3Fdistro=trixie

Package Instance