Django REST framework

Lookup for vulnerable packages by Package URL.

Purl pkg:deb/debian/freetype@2.6.1-0.1?distro=trixie

Type deb

Namespace debian

Name freetype

Version 2.6.1-0.1

Qualifiers

distro	trixie

Subpath

Is_vulnerable false

Next_non_vulnerable_version 2.6.3-1

Latest_non_vulnerable_version 2.14.3+dfsg-1

Affected_by_vulnerabilities

Fixing_vulnerabilities

url VCID-nn4w-gq71-kfgd

vulnerability_id VCID-nn4w-gq71-kfgd

summary freetype: buffer over-read in function T1_Get_Private_Dict in type1/t1parse.c

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-9290.json

reference_id

reference_type

scores

value	6.2
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-9290.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2015-9290

reference_id

reference_type

scores

value	0.005
scoring_system	epss
scoring_elements	0.65886
published_at	2026-04-01T12:55:00Z

value	0.005
scoring_system	epss
scoring_elements	0.65927
published_at	2026-04-02T12:55:00Z

value	0.005
scoring_system	epss
scoring_elements	0.65958
published_at	2026-04-04T12:55:00Z

value	0.005
scoring_system	epss
scoring_elements	0.65924
published_at	2026-04-07T12:55:00Z

value	0.005
scoring_system	epss
scoring_elements	0.65975
published_at	2026-04-08T12:55:00Z

value	0.005
scoring_system	epss
scoring_elements	0.65987
published_at	2026-04-09T12:55:00Z

value	0.005
scoring_system	epss
scoring_elements	0.66006
published_at	2026-04-11T12:55:00Z

value	0.005
scoring_system	epss
scoring_elements	0.65993
published_at	2026-04-12T12:55:00Z

value	0.005
scoring_system	epss
scoring_elements	0.65962
published_at	2026-04-13T12:55:00Z

value	0.005
scoring_system	epss
scoring_elements	0.65997
published_at	2026-04-16T12:55:00Z

value	0.005
scoring_system	epss
scoring_elements	0.66011
published_at	2026-04-18T12:55:00Z

value	0.005
scoring_system	epss
scoring_elements	0.65999
published_at	2026-04-21T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2015-9290

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-9290
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-9290

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	3.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1741802
reference_id	1741802
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1741802

fixed_packages

url	pkg:deb/debian/freetype@2.6.1-0.1?distro=trixie
purl	pkg:deb/debian/freetype@2.6.1-0.1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/freetype@2.6.1-0.1%3Fdistro=trixie

url pkg:deb/debian/freetype@2.10.4%2Bdfsg-1%2Bdeb11u1?distro=trixie

purl pkg:deb/debian/freetype@2.10.4%2Bdfsg-1%2Bdeb11u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-hgm7-qrp2-c3g8

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/freetype@2.10.4%252Bdfsg-1%252Bdeb11u1%3Fdistro=trixie

url	pkg:deb/debian/freetype@2.12.1%2Bdfsg-5%2Bdeb12u4?distro=trixie
purl	pkg:deb/debian/freetype@2.12.1%2Bdfsg-5%2Bdeb12u4?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/freetype@2.12.1%252Bdfsg-5%252Bdeb12u4%3Fdistro=trixie

url	pkg:deb/debian/freetype@2.13.3%2Bdfsg-1?distro=trixie
purl	pkg:deb/debian/freetype@2.13.3%2Bdfsg-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/freetype@2.13.3%252Bdfsg-1%3Fdistro=trixie

url	pkg:deb/debian/freetype@2.14.2%2Bdfsg-1?distro=trixie
purl	pkg:deb/debian/freetype@2.14.2%2Bdfsg-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/freetype@2.14.2%252Bdfsg-1%3Fdistro=trixie

url	pkg:deb/debian/freetype@2.14.3%2Bdfsg-1?distro=trixie
purl	pkg:deb/debian/freetype@2.14.3%2Bdfsg-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/freetype@2.14.3%252Bdfsg-1%3Fdistro=trixie

aliases CVE-2015-9290

risk_score 2.8

exploitability 0.5

weighted_severity 5.6

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-nn4w-gq71-kfgd

url VCID-tsw4-kqbc-kqf1

vulnerability_id VCID-tsw4-kqbc-kqf1

summary freetype: a heap-based buffer over-read in T1_Get_Private_Dict in type1/t1parse.c leading to crash

references

reference_url	http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/src/type1/t1parse.c?id=7962a15d64c876870ca0ae435ea2467d9be268d9
reference_id
reference_type
scores
url	http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/src/type1/t1parse.c?id=7962a15d64c876870ca0ae435ea2467d9be268d9

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-9381.json

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-9381.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2015-9381

reference_id

reference_type

scores

value	0.00711
scoring_system	epss
scoring_elements	0.722
published_at	2026-04-01T12:55:00Z

value	0.00711
scoring_system	epss
scoring_elements	0.72282
published_at	2026-04-21T12:55:00Z

value	0.00711
scoring_system	epss
scoring_elements	0.72242
published_at	2026-04-13T12:55:00Z

value	0.00711
scoring_system	epss
scoring_elements	0.72285
published_at	2026-04-16T12:55:00Z

value	0.00711
scoring_system	epss
scoring_elements	0.72294
published_at	2026-04-18T12:55:00Z

value	0.00711
scoring_system	epss
scoring_elements	0.72205
published_at	2026-04-02T12:55:00Z

value	0.00711
scoring_system	epss
scoring_elements	0.72225
published_at	2026-04-04T12:55:00Z

value	0.00711
scoring_system	epss
scoring_elements	0.72201
published_at	2026-04-07T12:55:00Z

value	0.00711
scoring_system	epss
scoring_elements	0.72237
published_at	2026-04-08T12:55:00Z

value	0.00711
scoring_system	epss
scoring_elements	0.72249
published_at	2026-04-09T12:55:00Z

value	0.00711
scoring_system	epss
scoring_elements	0.72272
published_at	2026-04-11T12:55:00Z

value	0.00711
scoring_system	epss
scoring_elements	0.72256
published_at	2026-04-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2015-9381

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-9381
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-9381

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	4.4
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://lists.debian.org/debian-lts-announce/2019/09/msg00002.html
reference_id
reference_type
scores
url	https://lists.debian.org/debian-lts-announce/2019/09/msg00002.html

reference_url	https://savannah.nongnu.org/bugs/?45955
reference_id
reference_type
scores
url	https://savannah.nongnu.org/bugs/?45955

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1752788
reference_id	1752788
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1752788

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:freetype:freetype::::::::
reference_id	cpe:2.3:a:freetype:freetype::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:freetype:freetype::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2015-9381

reference_id

CVE-2015-9381

reference_type

scores

value	6.8
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:P/I:P/A:P

value	8.8
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://nvd.nist.gov/vuln/detail/CVE-2015-9381

reference_url	https://access.redhat.com/errata/RHSA-2018:3140
reference_id	RHSA-2018:3140
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2018:3140

reference_url	https://access.redhat.com/errata/RHSA-2019:4254
reference_id	RHSA-2019:4254
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2019:4254

reference_url	https://usn.ubuntu.com/4126-2/
reference_id	USN-4126-2
reference_type
scores
url	https://usn.ubuntu.com/4126-2/

fixed_packages

url	pkg:deb/debian/freetype@2.6.1-0.1?distro=trixie
purl	pkg:deb/debian/freetype@2.6.1-0.1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/freetype@2.6.1-0.1%3Fdistro=trixie

url pkg:deb/debian/freetype@2.10.4%2Bdfsg-1%2Bdeb11u1?distro=trixie

purl pkg:deb/debian/freetype@2.10.4%2Bdfsg-1%2Bdeb11u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-hgm7-qrp2-c3g8

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/freetype@2.10.4%252Bdfsg-1%252Bdeb11u1%3Fdistro=trixie

url	pkg:deb/debian/freetype@2.12.1%2Bdfsg-5%2Bdeb12u4?distro=trixie
purl	pkg:deb/debian/freetype@2.12.1%2Bdfsg-5%2Bdeb12u4?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/freetype@2.12.1%252Bdfsg-5%252Bdeb12u4%3Fdistro=trixie

url	pkg:deb/debian/freetype@2.13.3%2Bdfsg-1?distro=trixie
purl	pkg:deb/debian/freetype@2.13.3%2Bdfsg-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/freetype@2.13.3%252Bdfsg-1%3Fdistro=trixie

url	pkg:deb/debian/freetype@2.14.2%2Bdfsg-1?distro=trixie
purl	pkg:deb/debian/freetype@2.14.2%2Bdfsg-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/freetype@2.14.2%252Bdfsg-1%3Fdistro=trixie

url	pkg:deb/debian/freetype@2.14.3%2Bdfsg-1?distro=trixie
purl	pkg:deb/debian/freetype@2.14.3%2Bdfsg-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/freetype@2.14.3%252Bdfsg-1%3Fdistro=trixie

aliases CVE-2015-9381

risk_score 4.0

exploitability 0.5

weighted_severity 7.9

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-tsw4-kqbc-kqf1

url VCID-ysfs-xxjz-vbep

vulnerability_id VCID-ysfs-xxjz-vbep

summary freetype: mishandling ps_parser_skip_PS_token in an FT_New_Memory_Face operation in skip_comment, psaux/psobjs.c, leads to a buffer over-read

references

reference_url	http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/src/psaux/psobjs.c?id=db5a4a9ae7b0048f033361744421da8569642f73
reference_id
reference_type
scores
url	http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/src/psaux/psobjs.c?id=db5a4a9ae7b0048f033361744421da8569642f73

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-9382.json

reference_id

reference_type

scores

value	4.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-9382.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2015-9382

reference_id

reference_type

scores

value	0.00798
scoring_system	epss
scoring_elements	0.73965
published_at	2026-04-01T12:55:00Z

value	0.00798
scoring_system	epss
scoring_elements	0.74063
published_at	2026-04-18T12:55:00Z

value	0.00798
scoring_system	epss
scoring_elements	0.74021
published_at	2026-04-12T12:55:00Z

value	0.00798
scoring_system	epss
scoring_elements	0.74014
published_at	2026-04-13T12:55:00Z

value	0.00798
scoring_system	epss
scoring_elements	0.74054
published_at	2026-04-21T12:55:00Z

value	0.00798
scoring_system	epss
scoring_elements	0.73972
published_at	2026-04-02T12:55:00Z

value	0.00798
scoring_system	epss
scoring_elements	0.73998
published_at	2026-04-04T12:55:00Z

value	0.00798
scoring_system	epss
scoring_elements	0.73969
published_at	2026-04-07T12:55:00Z

value	0.00798
scoring_system	epss
scoring_elements	0.74003
published_at	2026-04-08T12:55:00Z

value	0.00798
scoring_system	epss
scoring_elements	0.74017
published_at	2026-04-09T12:55:00Z

value	0.00798
scoring_system	epss
scoring_elements	0.74039
published_at	2026-04-11T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2015-9382

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-9382
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-9382

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	4.4
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://lists.debian.org/debian-lts-announce/2019/09/msg00002.html
reference_id
reference_type
scores
url	https://lists.debian.org/debian-lts-announce/2019/09/msg00002.html

reference_url	https://savannah.nongnu.org/bugs/?45922
reference_id
reference_type
scores
url	https://savannah.nongnu.org/bugs/?45922

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1763609
reference_id	1763609
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1763609

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:freetype:freetype::::::::
reference_id	cpe:2.3:a:freetype:freetype::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:freetype:freetype::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2015-9382

reference_id

CVE-2015-9382

reference_type

scores

value	4.3
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:N/I:N/A:P

value	6.5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

url

https://nvd.nist.gov/vuln/detail/CVE-2015-9382

reference_url	https://access.redhat.com/errata/RHSA-2018:3140
reference_id	RHSA-2018:3140
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2018:3140

reference_url	https://access.redhat.com/errata/RHSA-2019:4254
reference_id	RHSA-2019:4254
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2019:4254

reference_url	https://usn.ubuntu.com/4126-2/
reference_id	USN-4126-2
reference_type
scores
url	https://usn.ubuntu.com/4126-2/

fixed_packages

url	pkg:deb/debian/freetype@2.6.1-0.1?distro=trixie
purl	pkg:deb/debian/freetype@2.6.1-0.1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/freetype@2.6.1-0.1%3Fdistro=trixie

url pkg:deb/debian/freetype@2.10.4%2Bdfsg-1%2Bdeb11u1?distro=trixie

purl pkg:deb/debian/freetype@2.10.4%2Bdfsg-1%2Bdeb11u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-hgm7-qrp2-c3g8

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/freetype@2.10.4%252Bdfsg-1%252Bdeb11u1%3Fdistro=trixie

url	pkg:deb/debian/freetype@2.12.1%2Bdfsg-5%2Bdeb12u4?distro=trixie
purl	pkg:deb/debian/freetype@2.12.1%2Bdfsg-5%2Bdeb12u4?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/freetype@2.12.1%252Bdfsg-5%252Bdeb12u4%3Fdistro=trixie

url	pkg:deb/debian/freetype@2.13.3%2Bdfsg-1?distro=trixie
purl	pkg:deb/debian/freetype@2.13.3%2Bdfsg-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/freetype@2.13.3%252Bdfsg-1%3Fdistro=trixie

url	pkg:deb/debian/freetype@2.14.2%2Bdfsg-1?distro=trixie
purl	pkg:deb/debian/freetype@2.14.2%2Bdfsg-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/freetype@2.14.2%252Bdfsg-1%3Fdistro=trixie

url	pkg:deb/debian/freetype@2.14.3%2Bdfsg-1?distro=trixie
purl	pkg:deb/debian/freetype@2.14.3%2Bdfsg-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/freetype@2.14.3%252Bdfsg-1%3Fdistro=trixie

aliases CVE-2015-9382

risk_score 3.0

exploitability 0.5

weighted_severity 5.9

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ysfs-xxjz-vbep

Risk_score null

Resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/freetype@2.6.1-0.1%3Fdistro=trixie

Package Instance