Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:nginx/nginx@0.1.0
Typenginx
Namespace
Namenginx
Version0.1.0
Qualifiers
Subpath
Is_vulnerabletrue
Next_non_vulnerable_version0.5.38
Latest_non_vulnerable_version1.31.1
Affected_by_vulnerabilities
0
url VCID-atus-ryef-17h1
vulnerability_id VCID-atus-ryef-17h1
summary 
Mozilla developers added support in the Network Security Services
module for preventing a type of man-in-the-middle attack against TLS
using forced renegotiation.Note that to benefit from the fix, Firefox 3.6 and
Firefox 3.5 users will need to set
their security.ssl.require_safe_negotiation preference to
true.  Firefox 3 does not contain the fix for this issue.
references
0
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4929
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4929
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3566
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3566
2
reference_url https://nginx.org/download/patch.cve-2009-3555.txt
reference_id
reference_type
scores
url https://nginx.org/download/patch.cve-2009-3555.txt
3
reference_url https://nginx.org/download/patch.cve-2009-3555.txt.asc
reference_id
reference_type
scores
url https://nginx.org/download/patch.cve-2009-3555.txt.asc
4
reference_url https://tomcat.apache.org/security-7.html
reference_id
reference_type
scores
url https://tomcat.apache.org/security-7.html
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3555
reference_id CVE-2009-3555
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3555
6
reference_url https://nvd.nist.gov/vuln/detail/CVE-2009-3555
reference_id CVE-2009-3555
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2009-3555
7
reference_url https://github.com/advisories/GHSA-f7w7-6pjc-wwm6
reference_id GHSA-f7w7-6pjc-wwm6
reference_type
scores
url https://github.com/advisories/GHSA-f7w7-6pjc-wwm6
8
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2010-22
reference_id mfsa2010-22
reference_type
scores
0
value low
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2010-22
fixed_packages
0
url pkg:nginx/nginx@0.7.64
purl pkg:nginx/nginx@0.7.64
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:nginx/nginx@0.7.64
1
url pkg:nginx/nginx@0.8.23
purl pkg:nginx/nginx@0.8.23
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:nginx/nginx@0.8.23
aliases CVE-2009-3555, GHSA-f7w7-6pjc-wwm6, VU#120541
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-atus-ryef-17h1
1
url VCID-cy8z-cstx-57a7
vulnerability_id VCID-cy8z-cstx-57a7
summary Memory disclosure with specially crafted backend responses
references
0
reference_url https://mailman.nginx.org/pipermail/nginx-announce/2012/000076.html
reference_id
reference_type
scores
url https://mailman.nginx.org/pipermail/nginx-announce/2012/000076.html
1
reference_url https://nginx.org/download/patch.2012.memory.txt
reference_id
reference_type
scores
url https://nginx.org/download/patch.2012.memory.txt
2
reference_url https://nginx.org/download/patch.2012.memory.txt.asc
reference_id
reference_type
scores
url https://nginx.org/download/patch.2012.memory.txt.asc
3
reference_url https://nvd.nist.gov/vuln/detail/CVE-2012-1180
reference_id CVE-2012-1180
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2012-1180
fixed_packages
0
url pkg:nginx/nginx@1.0.14
purl pkg:nginx/nginx@1.0.14
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-5k9f-43wt-vbbq
resource_url http://public2.vulnerablecode.io/packages/pkg:nginx/nginx@1.0.14
1
url pkg:nginx/nginx@1.1.17
purl pkg:nginx/nginx@1.1.17
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:nginx/nginx@1.1.17
aliases CVE-2012-1180
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-cy8z-cstx-57a7
2
url VCID-kear-xuqb-1udf
vulnerability_id VCID-kear-xuqb-1udf
summary Directory traversal vulnerability
references
0
reference_url https://nvd.nist.gov/vuln/detail/CVE-2009-3898
reference_id CVE-2009-3898
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2009-3898
fixed_packages
0
url pkg:nginx/nginx@0.7.63
purl pkg:nginx/nginx@0.7.63
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:nginx/nginx@0.7.63
1
url pkg:nginx/nginx@0.8.17
purl pkg:nginx/nginx@0.8.17
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:nginx/nginx@0.8.17
aliases CVE-2009-3898
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-kear-xuqb-1udf
3
url VCID-n9jn-7z6h-5bae
vulnerability_id VCID-n9jn-7z6h-5bae
summary Buffer underflow vulnerability
references
0
reference_url https://nginx.org/download/patch.180065.txt
reference_id
reference_type
scores
url https://nginx.org/download/patch.180065.txt
1
reference_url https://nginx.org/download/patch.180065.txt.asc
reference_id
reference_type
scores
url https://nginx.org/download/patch.180065.txt.asc
2
reference_url https://nvd.nist.gov/vuln/detail/CVE-2009-2629
reference_id CVE-2009-2629
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2009-2629
fixed_packages
0
url pkg:nginx/nginx@0.5.38
purl pkg:nginx/nginx@0.5.38
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:nginx/nginx@0.5.38
1
url pkg:nginx/nginx@0.6.39
purl pkg:nginx/nginx@0.6.39
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:nginx/nginx@0.6.39
2
url pkg:nginx/nginx@0.7.62
purl pkg:nginx/nginx@0.7.62
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:nginx/nginx@0.7.62
3
url pkg:nginx/nginx@0.8.15
purl pkg:nginx/nginx@0.8.15
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:nginx/nginx@0.8.15
aliases CVE-2009-2629, VU#180065
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-n9jn-7z6h-5bae
4
url VCID-xpfj-k7mn-8fce
vulnerability_id VCID-xpfj-k7mn-8fce
summary Null pointer dereference vulnerability
references
0
reference_url https://nginx.org/download/patch.null.pointer.txt
reference_id
reference_type
scores
url https://nginx.org/download/patch.null.pointer.txt
1
reference_url https://nginx.org/download/patch.null.pointer.txt.asc
reference_id
reference_type
scores
url https://nginx.org/download/patch.null.pointer.txt.asc
2
reference_url https://nvd.nist.gov/vuln/detail/CVE-2009-3896
reference_id CVE-2009-3896
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2009-3896
fixed_packages
0
url pkg:nginx/nginx@0.5.38
purl pkg:nginx/nginx@0.5.38
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:nginx/nginx@0.5.38
1
url pkg:nginx/nginx@0.6.39
purl pkg:nginx/nginx@0.6.39
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:nginx/nginx@0.6.39
2
url pkg:nginx/nginx@0.7.62
purl pkg:nginx/nginx@0.7.62
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:nginx/nginx@0.7.62
3
url pkg:nginx/nginx@0.8.14
purl pkg:nginx/nginx@0.8.14
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-n9jn-7z6h-5bae
resource_url http://public2.vulnerablecode.io/packages/pkg:nginx/nginx@0.8.14
aliases CVE-2009-3896
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-xpfj-k7mn-8fce
Fixing_vulnerabilities
Risk_scorenull
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:nginx/nginx@0.1.0