Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:deb/debian/modsecurity@3.0.4-1?distro=trixie
Typedeb
Namespacedebian
Namemodsecurity
Version3.0.4-1
Qualifiers
distro trixie
Subpath
Is_vulnerablefalse
Next_non_vulnerable_version3.0.6-1
Latest_non_vulnerable_version3.0.14-1
Affected_by_vulnerabilities
Fixing_vulnerabilities
0
url VCID-cq83-mkc9-g3e2
vulnerability_id VCID-cq83-mkc9-g3e2
summary Trustwave ModSecurity 3.0.0 through 3.0.3 allows an attacker to send crafted requests that may, when sent quickly in large volumes, lead to the server becoming slow or unresponsive (Denial of Service) because of a flaw in Transaction::addRequestHeader in transaction.cc.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2019-19886
reference_id
reference_type
scores
0
value 0.04013
scoring_system epss
scoring_elements 0.88399
published_at 2026-04-01T12:55:00Z
1
value 0.04013
scoring_system epss
scoring_elements 0.88407
published_at 2026-04-02T12:55:00Z
2
value 0.04013
scoring_system epss
scoring_elements 0.88416
published_at 2026-04-04T12:55:00Z
3
value 0.04013
scoring_system epss
scoring_elements 0.8842
published_at 2026-04-07T12:55:00Z
4
value 0.04013
scoring_system epss
scoring_elements 0.88439
published_at 2026-04-08T12:55:00Z
5
value 0.04013
scoring_system epss
scoring_elements 0.88445
published_at 2026-04-09T12:55:00Z
6
value 0.04013
scoring_system epss
scoring_elements 0.88456
published_at 2026-04-11T12:55:00Z
7
value 0.04013
scoring_system epss
scoring_elements 0.88448
published_at 2026-04-12T12:55:00Z
8
value 0.04013
scoring_system epss
scoring_elements 0.88447
published_at 2026-04-13T12:55:00Z
9
value 0.04013
scoring_system epss
scoring_elements 0.88462
published_at 2026-04-16T12:55:00Z
10
value 0.04013
scoring_system epss
scoring_elements 0.88459
published_at 2026-04-18T12:55:00Z
11
value 0.04013
scoring_system epss
scoring_elements 0.88457
published_at 2026-04-21T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2019-19886
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19886
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19886
2
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=949682
reference_id 949682
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=949682
fixed_packages
0
url pkg:deb/debian/modsecurity@3.0.4-1?distro=trixie
purl pkg:deb/debian/modsecurity@3.0.4-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/modsecurity@3.0.4-1%3Fdistro=trixie
1
url pkg:deb/debian/modsecurity@3.0.4-2?distro=trixie
purl pkg:deb/debian/modsecurity@3.0.4-2?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-93qw-yjha-tyce
1
vulnerability VCID-azf2-ue64-y7eb
2
vulnerability VCID-kg7a-8fqh-mffc
3
vulnerability VCID-y8ty-2cp5-y3gm
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/modsecurity@3.0.4-2%3Fdistro=trixie
2
url pkg:deb/debian/modsecurity@3.0.9-1%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/modsecurity@3.0.9-1%2Bdeb12u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-93qw-yjha-tyce
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/modsecurity@3.0.9-1%252Bdeb12u1%3Fdistro=trixie
3
url pkg:deb/debian/modsecurity@3.0.14-1?distro=trixie
purl pkg:deb/debian/modsecurity@3.0.14-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/modsecurity@3.0.14-1%3Fdistro=trixie
aliases CVE-2019-19886
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-cq83-mkc9-g3e2
1
url VCID-m634-5nyb-skeu
vulnerability_id VCID-m634-5nyb-skeu
summary ModSecurity 3.x before 3.0.4 mishandles key-value pair parsing, as demonstrated by a "string index out of range" error and worker-process crash for a "Cookie: =abc" header.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2019-25043
reference_id
reference_type
scores
0
value 0.00382
scoring_system epss
scoring_elements 0.59489
published_at 2026-04-01T12:55:00Z
1
value 0.00382
scoring_system epss
scoring_elements 0.59562
published_at 2026-04-02T12:55:00Z
2
value 0.00382
scoring_system epss
scoring_elements 0.59586
published_at 2026-04-04T12:55:00Z
3
value 0.00382
scoring_system epss
scoring_elements 0.59556
published_at 2026-04-07T12:55:00Z
4
value 0.00382
scoring_system epss
scoring_elements 0.59607
published_at 2026-04-08T12:55:00Z
5
value 0.00382
scoring_system epss
scoring_elements 0.5962
published_at 2026-04-09T12:55:00Z
6
value 0.00382
scoring_system epss
scoring_elements 0.59639
published_at 2026-04-11T12:55:00Z
7
value 0.00382
scoring_system epss
scoring_elements 0.59622
published_at 2026-04-12T12:55:00Z
8
value 0.00382
scoring_system epss
scoring_elements 0.59602
published_at 2026-04-13T12:55:00Z
9
value 0.00382
scoring_system epss
scoring_elements 0.59635
published_at 2026-04-16T12:55:00Z
10
value 0.00382
scoring_system epss
scoring_elements 0.59643
published_at 2026-04-18T12:55:00Z
11
value 0.00382
scoring_system epss
scoring_elements 0.59626
published_at 2026-04-21T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2019-25043
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-25043
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-25043
fixed_packages
0
url pkg:deb/debian/modsecurity@3.0.4-1?distro=trixie
purl pkg:deb/debian/modsecurity@3.0.4-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/modsecurity@3.0.4-1%3Fdistro=trixie
1
url pkg:deb/debian/modsecurity@3.0.4-2?distro=trixie
purl pkg:deb/debian/modsecurity@3.0.4-2?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-93qw-yjha-tyce
1
vulnerability VCID-azf2-ue64-y7eb
2
vulnerability VCID-kg7a-8fqh-mffc
3
vulnerability VCID-y8ty-2cp5-y3gm
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/modsecurity@3.0.4-2%3Fdistro=trixie
2
url pkg:deb/debian/modsecurity@3.0.9-1%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/modsecurity@3.0.9-1%2Bdeb12u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-93qw-yjha-tyce
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/modsecurity@3.0.9-1%252Bdeb12u1%3Fdistro=trixie
3
url pkg:deb/debian/modsecurity@3.0.14-1?distro=trixie
purl pkg:deb/debian/modsecurity@3.0.14-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/modsecurity@3.0.14-1%3Fdistro=trixie
aliases CVE-2019-25043
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-m634-5nyb-skeu
Risk_scorenull
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:deb/debian/modsecurity@3.0.4-1%3Fdistro=trixie