Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:deb/debian/patch@2.5.9-5
Typedeb
Namespacedebian
Namepatch
Version2.5.9-5
Qualifiers
Subpath
Is_vulnerabletrue
Next_non_vulnerable_version2.7.6-7
Latest_non_vulnerable_version2.7.6-7
Affected_by_vulnerabilities
0
url VCID-1pm2-zhtr-yqda
vulnerability_id VCID-1pm2-zhtr-yqda
summary A Directory Traversal vulnerability exists in the GNU patch before 2.7.4. A remote attacker can write to arbitrary files via a symlink attack in a patch file. NOTE: this issue exists because of an incomplete fix for CVE-2015-1196.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-1396.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-1396.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2015-1396
reference_id
reference_type
scores
0
value 0.03663
scoring_system epss
scoring_elements 0.88096
published_at 2026-06-04T12:55:00Z
1
value 0.03663
scoring_system epss
scoring_elements 0.88117
published_at 2026-06-05T12:55:00Z
2
value 0.03663
scoring_system epss
scoring_elements 0.8812
published_at 2026-06-06T12:55:00Z
3
value 0.03663
scoring_system epss
scoring_elements 0.88119
published_at 2026-06-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2015-1396
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1396
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1396
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1186764
reference_id 1186764
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1186764
4
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=775901
reference_id 775901
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=775901
5
reference_url https://usn.ubuntu.com/2651-1/
reference_id USN-2651-1
reference_type
scores
url https://usn.ubuntu.com/2651-1/
fixed_packages
0
url pkg:deb/debian/patch@2.7.5-1
purl pkg:deb/debian/patch@2.7.5-1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-fuan-yz1a-jbej
1
vulnerability VCID-kxps-vxqz-wqfq
2
vulnerability VCID-mfsr-c5z2-hfh4
3
vulnerability VCID-t9q9-5hw4-73cs
4
vulnerability VCID-ycqe-xdf8-x3du
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/patch@2.7.5-1
aliases CVE-2015-1396
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-1pm2-zhtr-yqda
1
url VCID-8q8b-ycpu-e3ea
vulnerability_id VCID-8q8b-ycpu-e3ea
summary Directory traversal vulnerability in GNU patch versions which support Git-style patching before 2.7.3 allows remote attackers to write to arbitrary files with the permissions of the target user via a .. (dot dot) in a diff file name.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-1395.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-1395.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2015-1395
reference_id
reference_type
scores
0
value 0.04141
scoring_system epss
scoring_elements 0.88847
published_at 2026-06-04T12:55:00Z
1
value 0.04141
scoring_system epss
scoring_elements 0.88864
published_at 2026-06-06T12:55:00Z
2
value 0.04141
scoring_system epss
scoring_elements 0.88862
published_at 2026-06-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2015-1395
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1395
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1395
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1184490
reference_id 1184490
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1184490
4
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=775873
reference_id 775873
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=775873
5
reference_url https://usn.ubuntu.com/2651-1/
reference_id USN-2651-1
reference_type
scores
url https://usn.ubuntu.com/2651-1/
fixed_packages
0
url pkg:deb/debian/patch@2.7.5-1
purl pkg:deb/debian/patch@2.7.5-1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-fuan-yz1a-jbej
1
vulnerability VCID-kxps-vxqz-wqfq
2
vulnerability VCID-mfsr-c5z2-hfh4
3
vulnerability VCID-t9q9-5hw4-73cs
4
vulnerability VCID-ycqe-xdf8-x3du
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/patch@2.7.5-1
aliases CVE-2015-1395
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-8q8b-ycpu-e3ea
2
url VCID-fuan-yz1a-jbej
vulnerability_id VCID-fuan-yz1a-jbej
summary multiple issues
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-1000156.json
reference_id
reference_type
scores
0
value 7.8
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-1000156.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2018-1000156
reference_id
reference_type
scores
0
value 0.36762
scoring_system epss
scoring_elements 0.97233
published_at 2026-06-05T12:55:00Z
1
value 0.36762
scoring_system epss
scoring_elements 0.97236
published_at 2026-06-07T12:55:00Z
2
value 0.36762
scoring_system epss
scoring_elements 0.97229
published_at 2026-06-04T12:55:00Z
3
value 0.36762
scoring_system epss
scoring_elements 0.97235
published_at 2026-06-06T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2018-1000156
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000156
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000156
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.8
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1564326
reference_id 1564326
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1564326
5
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=894993
reference_id 894993
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=894993
6
reference_url https://security.archlinux.org/ASA-201810-8
reference_id ASA-201810-8
reference_type
scores
url https://security.archlinux.org/ASA-201810-8
7
reference_url https://security.archlinux.org/ASA-201811-14
reference_id ASA-201811-14
reference_type
scores
url https://security.archlinux.org/ASA-201811-14
8
reference_url https://security.archlinux.org/AVG-619
reference_id AVG-619
reference_type
scores
0
value High
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-619
9
reference_url https://security.archlinux.org/AVG-808
reference_id AVG-808
reference_type
scores
0
value High
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-808
10
reference_url https://security.gentoo.org/glsa/201904-17
reference_id GLSA-201904-17
reference_type
scores
url https://security.gentoo.org/glsa/201904-17
11
reference_url https://access.redhat.com/errata/RHSA-2018:1199
reference_id RHSA-2018:1199
reference_type
scores
url https://access.redhat.com/errata/RHSA-2018:1199
12
reference_url https://access.redhat.com/errata/RHSA-2018:1200
reference_id RHSA-2018:1200
reference_type
scores
url https://access.redhat.com/errata/RHSA-2018:1200
13
reference_url https://access.redhat.com/errata/RHSA-2018:2091
reference_id RHSA-2018:2091
reference_type
scores
url https://access.redhat.com/errata/RHSA-2018:2091
14
reference_url https://access.redhat.com/errata/RHSA-2018:2092
reference_id RHSA-2018:2092
reference_type
scores
url https://access.redhat.com/errata/RHSA-2018:2092
15
reference_url https://access.redhat.com/errata/RHSA-2018:2093
reference_id RHSA-2018:2093
reference_type
scores
url https://access.redhat.com/errata/RHSA-2018:2093
16
reference_url https://access.redhat.com/errata/RHSA-2018:2094
reference_id RHSA-2018:2094
reference_type
scores
url https://access.redhat.com/errata/RHSA-2018:2094
17
reference_url https://access.redhat.com/errata/RHSA-2018:2095
reference_id RHSA-2018:2095
reference_type
scores
url https://access.redhat.com/errata/RHSA-2018:2095
18
reference_url https://access.redhat.com/errata/RHSA-2018:2096
reference_id RHSA-2018:2096
reference_type
scores
url https://access.redhat.com/errata/RHSA-2018:2096
19
reference_url https://access.redhat.com/errata/RHSA-2018:2097
reference_id RHSA-2018:2097
reference_type
scores
url https://access.redhat.com/errata/RHSA-2018:2097
20
reference_url https://usn.ubuntu.com/3624-1/
reference_id USN-3624-1
reference_type
scores
url https://usn.ubuntu.com/3624-1/
21
reference_url https://usn.ubuntu.com/3624-2/
reference_id USN-3624-2
reference_type
scores
url https://usn.ubuntu.com/3624-2/
fixed_packages
0
url pkg:deb/debian/patch@2.7.6-3%2Bdeb10u1
purl pkg:deb/debian/patch@2.7.6-3%2Bdeb10u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-kxps-vxqz-wqfq
1
vulnerability VCID-mfsr-c5z2-hfh4
2
vulnerability VCID-ycqe-xdf8-x3du
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/patch@2.7.6-3%252Bdeb10u1
aliases CVE-2018-1000156
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-fuan-yz1a-jbej
3
url VCID-kxps-vxqz-wqfq
vulnerability_id VCID-kxps-vxqz-wqfq
summary In GNU patch through 2.7.6, the following of symlinks is mishandled in certain cases other than input files. This affects inp.c and util.c.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-13636.json
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-13636.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2019-13636
reference_id
reference_type
scores
0
value 0.04327
scoring_system epss
scoring_elements 0.89094
published_at 2026-06-04T12:55:00Z
1
value 0.04327
scoring_system epss
scoring_elements 0.89111
published_at 2026-06-07T12:55:00Z
2
value 0.04327
scoring_system epss
scoring_elements 0.89112
published_at 2026-06-06T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2019-13636
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20969
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20969
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13636
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13636
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13638
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13638
5
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
6
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1732781
reference_id 1732781
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1732781
7
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=932401
reference_id 932401
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=932401
8
reference_url https://security.gentoo.org/glsa/201908-22
reference_id GLSA-201908-22
reference_type
scores
url https://security.gentoo.org/glsa/201908-22
9
reference_url https://access.redhat.com/errata/RHSA-2020:1852
reference_id RHSA-2020:1852
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:1852
10
reference_url https://usn.ubuntu.com/4071-1/
reference_id USN-4071-1
reference_type
scores
url https://usn.ubuntu.com/4071-1/
11
reference_url https://usn.ubuntu.com/4071-2/
reference_id USN-4071-2
reference_type
scores
url https://usn.ubuntu.com/4071-2/
fixed_packages
0
url pkg:deb/debian/patch@2.7.5-1%2Bdeb9u2
purl pkg:deb/debian/patch@2.7.5-1%2Bdeb9u2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-fuan-yz1a-jbej
1
vulnerability VCID-kxps-vxqz-wqfq
2
vulnerability VCID-mfsr-c5z2-hfh4
3
vulnerability VCID-t9q9-5hw4-73cs
4
vulnerability VCID-ycqe-xdf8-x3du
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/patch@2.7.5-1%252Bdeb9u2
1
url pkg:deb/debian/patch@2.7.6-3%2Bdeb10u1
purl pkg:deb/debian/patch@2.7.6-3%2Bdeb10u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-kxps-vxqz-wqfq
1
vulnerability VCID-mfsr-c5z2-hfh4
2
vulnerability VCID-ycqe-xdf8-x3du
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/patch@2.7.6-3%252Bdeb10u1
2
url pkg:deb/debian/patch@2.7.6-7
purl pkg:deb/debian/patch@2.7.6-7
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/patch@2.7.6-7
aliases CVE-2019-13636
risk_score 2.6
exploitability 0.5
weighted_severity 5.3
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-kxps-vxqz-wqfq
4
url VCID-mfsr-c5z2-hfh4
vulnerability_id VCID-mfsr-c5z2-hfh4
summary GNU patch through 2.7.6 is vulnerable to OS shell command injection that can be exploited by opening a crafted patch file that contains an ed style diff payload with shell metacharacters. The ed editor does not need to be present on the vulnerable system. This is different from CVE-2018-1000156.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-13638.json
reference_id
reference_type
scores
0
value 7.8
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-13638.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2019-13638
reference_id
reference_type
scores
0
value 0.0205
scoring_system epss
scoring_elements 0.84188
published_at 2026-06-04T12:55:00Z
1
value 0.0205
scoring_system epss
scoring_elements 0.84212
published_at 2026-06-05T12:55:00Z
2
value 0.0205
scoring_system epss
scoring_elements 0.84215
published_at 2026-06-06T12:55:00Z
3
value 0.0205
scoring_system epss
scoring_elements 0.84209
published_at 2026-06-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2019-13638
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20969
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20969
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13636
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13636
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13638
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13638
5
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.3
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
6
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1733916
reference_id 1733916
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1733916
7
reference_url https://security.gentoo.org/glsa/201908-22
reference_id GLSA-201908-22
reference_type
scores
url https://security.gentoo.org/glsa/201908-22
8
reference_url https://access.redhat.com/errata/RHSA-2019:2798
reference_id RHSA-2019:2798
reference_type
scores
url https://access.redhat.com/errata/RHSA-2019:2798
9
reference_url https://access.redhat.com/errata/RHSA-2019:2964
reference_id RHSA-2019:2964
reference_type
scores
url https://access.redhat.com/errata/RHSA-2019:2964
10
reference_url https://access.redhat.com/errata/RHSA-2019:3757
reference_id RHSA-2019:3757
reference_type
scores
url https://access.redhat.com/errata/RHSA-2019:3757
11
reference_url https://access.redhat.com/errata/RHSA-2019:3758
reference_id RHSA-2019:3758
reference_type
scores
url https://access.redhat.com/errata/RHSA-2019:3758
12
reference_url https://access.redhat.com/errata/RHSA-2019:4061
reference_id RHSA-2019:4061
reference_type
scores
url https://access.redhat.com/errata/RHSA-2019:4061
13
reference_url https://usn.ubuntu.com/4071-1/
reference_id USN-4071-1
reference_type
scores
url https://usn.ubuntu.com/4071-1/
14
reference_url https://usn.ubuntu.com/4071-2/
reference_id USN-4071-2
reference_type
scores
url https://usn.ubuntu.com/4071-2/
fixed_packages
0
url pkg:deb/debian/patch@2.7.5-1%2Bdeb9u2
purl pkg:deb/debian/patch@2.7.5-1%2Bdeb9u2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-fuan-yz1a-jbej
1
vulnerability VCID-kxps-vxqz-wqfq
2
vulnerability VCID-mfsr-c5z2-hfh4
3
vulnerability VCID-t9q9-5hw4-73cs
4
vulnerability VCID-ycqe-xdf8-x3du
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/patch@2.7.5-1%252Bdeb9u2
1
url pkg:deb/debian/patch@2.7.6-3%2Bdeb10u1
purl pkg:deb/debian/patch@2.7.6-3%2Bdeb10u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-kxps-vxqz-wqfq
1
vulnerability VCID-mfsr-c5z2-hfh4
2
vulnerability VCID-ycqe-xdf8-x3du
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/patch@2.7.6-3%252Bdeb10u1
2
url pkg:deb/debian/patch@2.7.6-7
purl pkg:deb/debian/patch@2.7.6-7
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/patch@2.7.6-7
aliases CVE-2019-13638
risk_score 3.5
exploitability 0.5
weighted_severity 7.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-mfsr-c5z2-hfh4
5
url VCID-qp3r-313a-juev
vulnerability_id VCID-qp3r-313a-juev
summary GNU patch 2.7.1 allows remote attackers to write to arbitrary files via a symlink attack in a patch file.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-1196.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-1196.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2015-1196
reference_id
reference_type
scores
0
value 0.00853
scoring_system epss
scoring_elements 0.75278
published_at 2026-06-04T12:55:00Z
1
value 0.00853
scoring_system epss
scoring_elements 0.75308
published_at 2026-06-05T12:55:00Z
2
value 0.00853
scoring_system epss
scoring_elements 0.75311
published_at 2026-06-06T12:55:00Z
3
value 0.00853
scoring_system epss
scoring_elements 0.75303
published_at 2026-06-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2015-1196
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1196
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1196
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1182154
reference_id 1182154
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1182154
4
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=775227
reference_id 775227
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=775227
5
reference_url https://usn.ubuntu.com/2651-1/
reference_id USN-2651-1
reference_type
scores
url https://usn.ubuntu.com/2651-1/
fixed_packages
0
url pkg:deb/debian/patch@2.7.5-1
purl pkg:deb/debian/patch@2.7.5-1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-fuan-yz1a-jbej
1
vulnerability VCID-kxps-vxqz-wqfq
2
vulnerability VCID-mfsr-c5z2-hfh4
3
vulnerability VCID-t9q9-5hw4-73cs
4
vulnerability VCID-ycqe-xdf8-x3du
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/patch@2.7.5-1
aliases CVE-2015-1196
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-qp3r-313a-juev
6
url VCID-t9q9-5hw4-73cs
vulnerability_id VCID-t9q9-5hw4-73cs
summary An issue was discovered in GNU patch before 2.7.6. Out-of-bounds access within pch_write_line() in pch.c can possibly lead to DoS via a crafted input file.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-10713.json
reference_id
reference_type
scores
0
value 3.3
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-10713.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-10713
reference_id
reference_type
scores
0
value 0.00526
scoring_system epss
scoring_elements 0.67425
published_at 2026-06-06T12:55:00Z
1
value 0.00526
scoring_system epss
scoring_elements 0.67414
published_at 2026-06-07T12:55:00Z
2
value 0.00526
scoring_system epss
scoring_elements 0.67377
published_at 2026-06-04T12:55:00Z
3
value 0.00526
scoring_system epss
scoring_elements 0.67418
published_at 2026-06-05T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-10713
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10713
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10713
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1545405
reference_id 1545405
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1545405
5
reference_url https://security.archlinux.org/AVG-618
reference_id AVG-618
reference_type
scores
0
value Low
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-618
6
reference_url https://access.redhat.com/errata/RHSA-2019:2033
reference_id RHSA-2019:2033
reference_type
scores
url https://access.redhat.com/errata/RHSA-2019:2033
7
reference_url https://usn.ubuntu.com/3624-1/
reference_id USN-3624-1
reference_type
scores
url https://usn.ubuntu.com/3624-1/
8
reference_url https://usn.ubuntu.com/3624-2/
reference_id USN-3624-2
reference_type
scores
url https://usn.ubuntu.com/3624-2/
fixed_packages
0
url pkg:deb/debian/patch@2.7.6-3%2Bdeb10u1
purl pkg:deb/debian/patch@2.7.6-3%2Bdeb10u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-kxps-vxqz-wqfq
1
vulnerability VCID-mfsr-c5z2-hfh4
2
vulnerability VCID-ycqe-xdf8-x3du
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/patch@2.7.6-3%252Bdeb10u1
aliases CVE-2016-10713
risk_score 1.5
exploitability 0.5
weighted_severity 3.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-t9q9-5hw4-73cs
7
url VCID-uqw2-mt6f-quc1
vulnerability_id VCID-uqw2-mt6f-quc1
summary GNU patch 2.7.2 and earlier allows remote attackers to cause a denial of service (memory consumption and segmentation fault) via a crafted diff file.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-9637.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-9637.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2014-9637
reference_id
reference_type
scores
0
value 0.00319
scoring_system epss
scoring_elements 0.55292
published_at 2026-06-04T12:55:00Z
1
value 0.00362
scoring_system epss
scoring_elements 0.58627
published_at 2026-06-07T12:55:00Z
2
value 0.00362
scoring_system epss
scoring_elements 0.58634
published_at 2026-06-06T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2014-9637
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9637
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9637
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1185262
reference_id 1185262
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1185262
4
reference_url https://usn.ubuntu.com/2651-1/
reference_id USN-2651-1
reference_type
scores
url https://usn.ubuntu.com/2651-1/
fixed_packages
0
url pkg:deb/debian/patch@2.7.5-1
purl pkg:deb/debian/patch@2.7.5-1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-fuan-yz1a-jbej
1
vulnerability VCID-kxps-vxqz-wqfq
2
vulnerability VCID-mfsr-c5z2-hfh4
3
vulnerability VCID-t9q9-5hw4-73cs
4
vulnerability VCID-ycqe-xdf8-x3du
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/patch@2.7.5-1
aliases CVE-2014-9637
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-uqw2-mt6f-quc1
8
url VCID-ycqe-xdf8-x3du
vulnerability_id VCID-ycqe-xdf8-x3du
summary do_ed_script in pch.c in GNU patch through 2.7.6 does not block strings beginning with a ! character. NOTE: this is the same commit as for CVE-2019-13638, but the ! syntax is specific to ed, and is unrelated to a shell metacharacter.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-20969.json
reference_id
reference_type
scores
0
value 7.8
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-20969.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2018-20969
reference_id
reference_type
scores
0
value 0.00364
scoring_system epss
scoring_elements 0.58773
published_at 2026-06-04T12:55:00Z
1
value 0.00364
scoring_system epss
scoring_elements 0.5882
published_at 2026-06-05T12:55:00Z
2
value 0.00364
scoring_system epss
scoring_elements 0.58825
published_at 2026-06-06T12:55:00Z
3
value 0.00364
scoring_system epss
scoring_elements 0.58817
published_at 2026-06-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2018-20969
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20969
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20969
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13636
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13636
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13638
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13638
5
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1746672
reference_id 1746672
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1746672
6
reference_url https://access.redhat.com/errata/RHSA-2019:2798
reference_id RHSA-2019:2798
reference_type
scores
url https://access.redhat.com/errata/RHSA-2019:2798
7
reference_url https://access.redhat.com/errata/RHSA-2019:2964
reference_id RHSA-2019:2964
reference_type
scores
url https://access.redhat.com/errata/RHSA-2019:2964
8
reference_url https://access.redhat.com/errata/RHSA-2019:3757
reference_id RHSA-2019:3757
reference_type
scores
url https://access.redhat.com/errata/RHSA-2019:3757
9
reference_url https://access.redhat.com/errata/RHSA-2019:3758
reference_id RHSA-2019:3758
reference_type
scores
url https://access.redhat.com/errata/RHSA-2019:3758
10
reference_url https://access.redhat.com/errata/RHSA-2019:4061
reference_id RHSA-2019:4061
reference_type
scores
url https://access.redhat.com/errata/RHSA-2019:4061
fixed_packages
0
url pkg:deb/debian/patch@2.7.5-1%2Bdeb9u2
purl pkg:deb/debian/patch@2.7.5-1%2Bdeb9u2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-fuan-yz1a-jbej
1
vulnerability VCID-kxps-vxqz-wqfq
2
vulnerability VCID-mfsr-c5z2-hfh4
3
vulnerability VCID-t9q9-5hw4-73cs
4
vulnerability VCID-ycqe-xdf8-x3du
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/patch@2.7.5-1%252Bdeb9u2
1
url pkg:deb/debian/patch@2.7.6-3%2Bdeb10u1
purl pkg:deb/debian/patch@2.7.6-3%2Bdeb10u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-kxps-vxqz-wqfq
1
vulnerability VCID-mfsr-c5z2-hfh4
2
vulnerability VCID-ycqe-xdf8-x3du
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/patch@2.7.6-3%252Bdeb10u1
2
url pkg:deb/debian/patch@2.7.6-7
purl pkg:deb/debian/patch@2.7.6-7
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/patch@2.7.6-7
aliases CVE-2018-20969
risk_score 3.5
exploitability 0.5
weighted_severity 7.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ycqe-xdf8-x3du
Fixing_vulnerabilities
Risk_score4.0
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:deb/debian/patch@2.5.9-5