Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:pypi/anki@2.1.41b2
Typepypi
Namespace
Nameanki
Version2.1.41b2
Qualifiers
Subpath
Is_vulnerabletrue
Next_non_vulnerable_version24.6
Latest_non_vulnerable_version24.6
Affected_by_vulnerabilities
0
url VCID-fcgs-stm7-skfc
vulnerability_id VCID-fcgs-stm7-skfc
summary An vulnerability in the handling of Latex exists in Ankitects Anki 24.04. When Latex is sanitized to prevent unsafe commands, the verbatim package, which comes installed by default in many Latex distributions, has been overlooked. A specially crafted flashcard can lead to an arbitrary file read. An attacker can share a flashcard to trigger this vulnerability.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2024-29073
reference_id
reference_type
scores
0
value 0.02641
scoring_system epss
scoring_elements 0.86098
published_at 2026-06-12T12:55:00Z
1
value 0.02641
scoring_system epss
scoring_elements 0.86049
published_at 2026-06-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2024-29073
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-29073
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-29073
2
reference_url https://github.com/ankitects/anki
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N
1
value 6.0
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:P/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/ankitects/anki
3
reference_url https://github.com/ankitects/anki/commit/06f7aa393d21d7d5dd8039e15d543b73c3346932
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N
1
value 6.0
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:P/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/ankitects/anki/commit/06f7aa393d21d7d5dd8039e15d543b73c3346932
4
reference_url https://github.com/ankitects/anki/pull/3218
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N
1
value 6.0
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:P/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/ankitects/anki/pull/3218
5
reference_url https://skerritt.blog/anki-0day
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N
1
value 6.0
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:P/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://skerritt.blog/anki-0day
6
reference_url https://skii.dev/anki-0day
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N
1
value 6.0
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:P/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://skii.dev/anki-0day
7
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1077548
reference_id 1077548
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1077548
8
reference_url https://nvd.nist.gov/vuln/detail/CVE-2024-29073
reference_id CVE-2024-29073
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N
1
value 6.0
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:P/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2024-29073
9
reference_url https://github.com/advisories/GHSA-x3r6-ccvq-cf5v
reference_id GHSA-x3r6-ccvq-cf5v
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-x3r6-ccvq-cf5v
10
reference_url https://talosintelligence.com/vulnerability_reports/TALOS-2024-1992
reference_id TALOS-2024-1992
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N
1
value 6.0
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:P/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-22T16:41:21Z/
url https://talosintelligence.com/vulnerability_reports/TALOS-2024-1992
fixed_packages
0
url pkg:pypi/anki@24.4.1
purl pkg:pypi/anki@24.4.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-p56r-6d22-sbb7
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/anki@24.4.1
1
url pkg:pypi/anki@24.6
purl pkg:pypi/anki@24.6
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/anki@24.6
aliases CVE-2024-29073, GHSA-x3r6-ccvq-cf5v
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-fcgs-stm7-skfc
1
url VCID-p56r-6d22-sbb7
vulnerability_id VCID-p56r-6d22-sbb7
summary An arbitrary script execution vulnerability exists in the MPV functionality of Ankitects Anki 24.04. A specially crafted flashcard can lead to a arbitrary code execution. An attacker can send malicious flashcard to trigger this vulnerability.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2024-26020
reference_id
reference_type
scores
0
value 0.03111
scoring_system epss
scoring_elements 0.87161
published_at 2026-06-12T12:55:00Z
1
value 0.03111
scoring_system epss
scoring_elements 0.87115
published_at 2026-06-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2024-26020
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-26020
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-26020
2
reference_url https://github.com/ankitects/anki
reference_id
reference_type
scores
0
value 9.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
1
value 8.6
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/ankitects/anki
3
reference_url https://github.com/ankitects/anki/commit/8d2e8b1e4fa3757581f224b1a57057d0455352ce
reference_id
reference_type
scores
0
value 9.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
1
value 8.6
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/ankitects/anki/commit/8d2e8b1e4fa3757581f224b1a57057d0455352ce
4
reference_url https://skerritt.blog/anki-0day
reference_id
reference_type
scores
0
value 9.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
1
value 8.6
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://skerritt.blog/anki-0day
5
reference_url https://skii.dev/anki-0day
reference_id
reference_type
scores
0
value 9.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
1
value 8.6
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://skii.dev/anki-0day
6
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1077548
reference_id 1077548
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1077548
7
reference_url https://nvd.nist.gov/vuln/detail/CVE-2024-26020
reference_id CVE-2024-26020
reference_type
scores
0
value 9.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
1
value 8.6
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2024-26020
8
reference_url https://github.com/advisories/GHSA-9gq7-p5w9-w899
reference_id GHSA-9gq7-p5w9-w899
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-9gq7-p5w9-w899
9
reference_url https://talosintelligence.com/vulnerability_reports/TALOS-2024-1993
reference_id TALOS-2024-1993
reference_type
scores
0
value 9.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
1
value 8.6
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
3
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-07-22T18:23:20Z/
url https://talosintelligence.com/vulnerability_reports/TALOS-2024-1993
fixed_packages
0
url pkg:pypi/anki@24.6
purl pkg:pypi/anki@24.6
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/anki@24.6
aliases CVE-2024-26020, GHSA-9gq7-p5w9-w899
risk_score 4.3
exploitability 0.5
weighted_severity 8.6
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-p56r-6d22-sbb7
2
url VCID-x55b-1sfm-ckd7
vulnerability_id VCID-x55b-1sfm-ckd7
summary A blocklist bypass vulnerability exists in the LaTeX functionality of Ankitects Anki 24.04. A specially crafted malicious flashcard can lead to an arbitrary file creation at a fixed path. An attacker can share a malicious flashcard to trigger this vulnerability.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2024-32152
reference_id
reference_type
scores
0
value 0.00261
scoring_system epss
scoring_elements 0.49949
published_at 2026-06-12T12:55:00Z
1
value 0.00261
scoring_system epss
scoring_elements 0.49814
published_at 2026-06-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2024-32152
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-32152
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-32152
2
reference_url https://github.com/ankitects/anki
reference_id
reference_type
scores
0
value 3.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:N
1
value 2.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N
2
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/ankitects/anki
3
reference_url https://github.com/ankitects/anki/commit/06f7aa393d21d7d5dd8039e15d543b73c3346932
reference_id
reference_type
scores
0
value 3.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:N
1
value 2.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N
2
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/ankitects/anki/commit/06f7aa393d21d7d5dd8039e15d543b73c3346932
4
reference_url https://github.com/ankitects/anki/pull/3218
reference_id
reference_type
scores
0
value 3.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:N
1
value 2.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N
2
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/ankitects/anki/pull/3218
5
reference_url https://skerritt.blog/anki-0day
reference_id
reference_type
scores
0
value 3.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:N
1
value 2.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N
2
value LOW
scoring_system generic_textual
scoring_elements
url https://skerritt.blog/anki-0day
6
reference_url https://skii.dev/anki-0day
reference_id
reference_type
scores
0
value 3.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:N
1
value 2.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N
2
value LOW
scoring_system generic_textual
scoring_elements
url https://skii.dev/anki-0day
7
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1077548
reference_id 1077548
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1077548
8
reference_url https://nvd.nist.gov/vuln/detail/CVE-2024-32152
reference_id CVE-2024-32152
reference_type
scores
0
value 3.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:N
1
value 2.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N
2
value LOW
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2024-32152
9
reference_url https://github.com/advisories/GHSA-q47p-v5rw-v574
reference_id GHSA-q47p-v5rw-v574
reference_type
scores
0
value LOW
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-q47p-v5rw-v574
10
reference_url https://talosintelligence.com/vulnerability_reports/TALOS-2024-1994
reference_id TALOS-2024-1994
reference_type
scores
0
value 3.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:N
1
value 2.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N
2
value LOW
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-22T14:44:22Z/
url https://talosintelligence.com/vulnerability_reports/TALOS-2024-1994
fixed_packages
0
url pkg:pypi/anki@24.4.1
purl pkg:pypi/anki@24.4.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-p56r-6d22-sbb7
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/anki@24.4.1
1
url pkg:pypi/anki@24.6
purl pkg:pypi/anki@24.6
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/anki@24.6
aliases CVE-2024-32152, GHSA-q47p-v5rw-v574
risk_score 1.4
exploitability 0.5
weighted_severity 2.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-x55b-1sfm-ckd7
Fixing_vulnerabilities
Risk_score4.3
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:pypi/anki@2.1.41b2