Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:deb/debian/7zip@23.01%2Bdfsg-1?distro=trixie
Typedeb
Namespacedebian
Name7zip
Version23.01+dfsg-1
Qualifiers
distro trixie
Subpath
Is_vulnerablefalse
Next_non_vulnerable_version24.05+dfsg-1
Latest_non_vulnerable_version26.00+dfsg1-3
Affected_by_vulnerabilities
Fixing_vulnerabilities
0
url VCID-6xnz-5ctc-fkbk
vulnerability_id VCID-6xnz-5ctc-fkbk
summary 7-Zip SquashFS File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of 7-Zip. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of SQFS files. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-18589.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2023-40481
reference_id
reference_type
scores
0
value 0.0431
scoring_system epss
scoring_elements 0.88899
published_at 2026-04-21T12:55:00Z
1
value 0.0431
scoring_system epss
scoring_elements 0.88845
published_at 2026-04-02T12:55:00Z
2
value 0.0431
scoring_system epss
scoring_elements 0.88885
published_at 2026-04-09T12:55:00Z
3
value 0.0431
scoring_system epss
scoring_elements 0.88897
published_at 2026-04-11T12:55:00Z
4
value 0.0431
scoring_system epss
scoring_elements 0.88891
published_at 2026-04-13T12:55:00Z
5
value 0.0431
scoring_system epss
scoring_elements 0.88904
published_at 2026-04-16T12:55:00Z
6
value 0.0431
scoring_system epss
scoring_elements 0.88903
published_at 2026-04-18T12:55:00Z
7
value 0.0431
scoring_system epss
scoring_elements 0.8886
published_at 2026-04-04T12:55:00Z
8
value 0.0431
scoring_system epss
scoring_elements 0.88862
published_at 2026-04-07T12:55:00Z
9
value 0.0431
scoring_system epss
scoring_elements 0.8888
published_at 2026-04-08T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2023-40481
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-40481
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-40481
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://sourceforge.net/p/sevenzip/discussion/45797/thread/713c8a8269/
reference_id 713c8a8269
reference_type
scores
0
value 7.8
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-06-05T19:54:59Z/
url https://sourceforge.net/p/sevenzip/discussion/45797/thread/713c8a8269/
4
reference_url https://www.zerodayinitiative.com/advisories/ZDI-23-1164/
reference_id ZDI-23-1164
reference_type
scores
0
value 7.8
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-06-05T19:54:59Z/
url https://www.zerodayinitiative.com/advisories/ZDI-23-1164/
fixed_packages
0
url pkg:deb/debian/7zip@23.01%2Bdfsg-1?distro=trixie
purl pkg:deb/debian/7zip@23.01%2Bdfsg-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/7zip@23.01%252Bdfsg-1%3Fdistro=trixie
1
url pkg:deb/debian/7zip@25.01%2Bdfsg-1~deb13u1?distro=trixie
purl pkg:deb/debian/7zip@25.01%2Bdfsg-1~deb13u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/7zip@25.01%252Bdfsg-1~deb13u1%3Fdistro=trixie
2
url pkg:deb/debian/7zip@26.00%2Bdfsg1-2?distro=trixie
purl pkg:deb/debian/7zip@26.00%2Bdfsg1-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/7zip@26.00%252Bdfsg1-2%3Fdistro=trixie
3
url pkg:deb/debian/7zip@26.00%2Bdfsg1-3?distro=trixie
purl pkg:deb/debian/7zip@26.00%2Bdfsg1-3?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/7zip@26.00%252Bdfsg1-3%3Fdistro=trixie
aliases CVE-2023-40481
risk_score 2.8
exploitability 0.5
weighted_severity 5.5
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-6xnz-5ctc-fkbk
1
url VCID-q99c-7ggg-wyep
vulnerability_id VCID-q99c-7ggg-wyep
summary Ppmd7.c in 7-Zip before 23.00 allows an integer underflow and invalid read operation via a crafted 7Z archive.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2023-31102
reference_id
reference_type
scores
0
value 0.38378
scoring_system epss
scoring_elements 0.97219
published_at 2026-04-07T12:55:00Z
1
value 0.38378
scoring_system epss
scoring_elements 0.97213
published_at 2026-04-02T12:55:00Z
2
value 0.38378
scoring_system epss
scoring_elements 0.97248
published_at 2026-04-21T12:55:00Z
3
value 0.38378
scoring_system epss
scoring_elements 0.97245
published_at 2026-04-18T12:55:00Z
4
value 0.38378
scoring_system epss
scoring_elements 0.97243
published_at 2026-04-16T12:55:00Z
5
value 0.38378
scoring_system epss
scoring_elements 0.97235
published_at 2026-04-13T12:55:00Z
6
value 0.38378
scoring_system epss
scoring_elements 0.97234
published_at 2026-04-12T12:55:00Z
7
value 0.38378
scoring_system epss
scoring_elements 0.97233
published_at 2026-04-11T12:55:00Z
8
value 0.38378
scoring_system epss
scoring_elements 0.9723
published_at 2026-04-09T12:55:00Z
9
value 0.38378
scoring_system epss
scoring_elements 0.97229
published_at 2026-04-08T12:55:00Z
10
value 0.38378
scoring_system epss
scoring_elements 0.97218
published_at 2026-04-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2023-31102
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-31102
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-31102
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://sourceforge.net/p/sevenzip/discussion/45797/thread/713c8a8269/
reference_id 713c8a8269
reference_type
scores
0
value 7.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-09-06T13:42:37Z/
url https://sourceforge.net/p/sevenzip/discussion/45797/thread/713c8a8269/
4
reference_url https://www.7-zip.org/download.html
reference_id download.html
reference_type
scores
0
value 7.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-09-06T13:42:37Z/
url https://www.7-zip.org/download.html
5
reference_url https://ds-security.com/post/integer-overflow-in-7-zip-cve-2023-31102/
reference_id integer-overflow-in-7-zip-cve-2023-31102
reference_type
scores
0
value 7.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-09-06T13:42:37Z/
url https://ds-security.com/post/integer-overflow-in-7-zip-cve-2023-31102/
6
reference_url https://security.netapp.com/advisory/ntap-20231110-0007/
reference_id ntap-20231110-0007
reference_type
scores
0
value 7.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-09-06T13:42:37Z/
url https://security.netapp.com/advisory/ntap-20231110-0007/
7
reference_url https://www.zerodayinitiative.com/advisories/ZDI-23-1165/
reference_id ZDI-23-1165
reference_type
scores
0
value 7.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-09-06T13:42:37Z/
url https://www.zerodayinitiative.com/advisories/ZDI-23-1165/
fixed_packages
0
url pkg:deb/debian/7zip@23.01%2Bdfsg-1?distro=trixie
purl pkg:deb/debian/7zip@23.01%2Bdfsg-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/7zip@23.01%252Bdfsg-1%3Fdistro=trixie
1
url pkg:deb/debian/7zip@25.01%2Bdfsg-1~deb13u1?distro=trixie
purl pkg:deb/debian/7zip@25.01%2Bdfsg-1~deb13u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/7zip@25.01%252Bdfsg-1~deb13u1%3Fdistro=trixie
2
url pkg:deb/debian/7zip@26.00%2Bdfsg1-2?distro=trixie
purl pkg:deb/debian/7zip@26.00%2Bdfsg1-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/7zip@26.00%252Bdfsg1-2%3Fdistro=trixie
3
url pkg:deb/debian/7zip@26.00%2Bdfsg1-3?distro=trixie
purl pkg:deb/debian/7zip@26.00%2Bdfsg1-3?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/7zip@26.00%252Bdfsg1-3%3Fdistro=trixie
aliases CVE-2023-31102
risk_score 3.5
exploitability 0.5
weighted_severity 7.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-q99c-7ggg-wyep
Risk_scorenull
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:deb/debian/7zip@23.01%252Bdfsg-1%3Fdistro=trixie