Django REST framework

Lookup for vulnerable packages by Package URL.

Purl pkg:deb/debian/expat@2.2.10-2%2Bdeb11u5

Type deb

Namespace debian

Name expat

Version 2.2.10-2+deb11u5

Qualifiers

Subpath

Is_vulnerable false

Next_non_vulnerable_version 2.2.10-2+deb11u5

Latest_non_vulnerable_version 2.2.10-2+deb11u5

Affected_by_vulnerabilities

Fixing_vulnerabilities

url VCID-cvna-73ya-gbg5

vulnerability_id VCID-cvna-73ya-gbg5

summary In libexpat before 2.2.8, crafted XML input could fool the parser into changing from DTD parsing to document parsing too early. A subsequent call to XML_GetCurrentLineNumber or XML_GetCurrentColumnNumber then resulted in a heap-based buffer over-read.

references

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11755
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11755

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11757
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11757

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11759
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11759

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11760
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11760

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11761
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11761

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11762
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11762

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11763
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11763

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11764
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11764

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15903
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15903

reference_url	https://security.archlinux.org/ASA-201910-15
reference_id	ASA-201910-15
reference_type
scores
url	https://security.archlinux.org/ASA-201910-15

reference_url	https://security.archlinux.org/ASA-201910-16
reference_id	ASA-201910-16
reference_type
scores
url	https://security.archlinux.org/ASA-201910-16

reference_url	https://security.archlinux.org/ASA-201910-17
reference_id	ASA-201910-17
reference_type
scores
url	https://security.archlinux.org/ASA-201910-17

reference_url

https://security.archlinux.org/AVG-1053

reference_id

AVG-1053

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-1053

reference_url

https://security.archlinux.org/AVG-1054

reference_id

AVG-1054

reference_type

scores

value	Critical
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-1054

reference_url

https://security.archlinux.org/AVG-1055

reference_id

AVG-1055

reference_type

scores

value	Critical
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-1055

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2019-33

reference_id

mfsa2019-33

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2019-33

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2019-34

reference_id

mfsa2019-34

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2019-34

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2019-35

reference_id

mfsa2019-35

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2019-35

fixed_packages

url pkg:deb/debian/expat@2.2.0-2%2Bdeb9u3

purl pkg:deb/debian/expat@2.2.0-2%2Bdeb9u3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-cvna-73ya-gbg5

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/expat@2.2.0-2%252Bdeb9u3

url pkg:deb/debian/expat@2.2.6-2%2Bdeb10u4

purl pkg:deb/debian/expat@2.2.6-2%2Bdeb10u4

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-cvna-73ya-gbg5

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/expat@2.2.6-2%252Bdeb10u4

url	pkg:deb/debian/expat@2.2.10-2%2Bdeb11u5
purl	pkg:deb/debian/expat@2.2.10-2%2Bdeb11u5
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/expat@2.2.10-2%252Bdeb11u5

aliases CVE-2019-15903

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-cvna-73ya-gbg5

Risk_score null

Resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/expat@2.2.10-2%252Bdeb11u5

Package Instance