Django REST framework

Lookup for vulnerable packages by Package URL.

Purl pkg:deb/debian/ncompress@4.2.4.6-4?distro=trixie

Type deb

Namespace debian

Name ncompress

Version 4.2.4.6-4

Qualifiers

distro	trixie

Subpath

Is_vulnerable false

Next_non_vulnerable_version 4.2.4.6-6

Latest_non_vulnerable_version 5.0-4

Affected_by_vulnerabilities

Fixing_vulnerabilities

url VCID-6xz5-ra91-7qdx

vulnerability_id VCID-6xz5-ra91-7qdx

summary

compress and uncompress, which could be used by daemon programs, contain a
    buffer overflow that could lead to remote execution of arbitrary code with
    the rights of the daemon process.

references

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2001-1413.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2001-1413.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2001-1413

reference_id

reference_type

scores

value	0.0903
scoring_system	epss
scoring_elements	0.92601
published_at	2026-04-01T12:55:00Z

value	0.0903
scoring_system	epss
scoring_elements	0.92607
published_at	2026-04-02T12:55:00Z

value	0.0903
scoring_system	epss
scoring_elements	0.92613
published_at	2026-04-04T12:55:00Z

value	0.0903
scoring_system	epss
scoring_elements	0.92614
published_at	2026-04-07T12:55:00Z

value	0.0903
scoring_system	epss
scoring_elements	0.92625
published_at	2026-04-08T12:55:00Z

value	0.0903
scoring_system	epss
scoring_elements	0.9263
published_at	2026-04-09T12:55:00Z

value	0.0903
scoring_system	epss
scoring_elements	0.92635
published_at	2026-04-13T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2001-1413

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2001-1413
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2001-1413

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1616707
reference_id	1616707
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1616707

reference_url	https://security.gentoo.org/glsa/200410-08
reference_id	GLSA-200410-08
reference_type
scores
url	https://security.gentoo.org/glsa/200410-08

reference_url	https://access.redhat.com/errata/RHSA-2004:536
reference_id	RHSA-2004:536
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2004:536

fixed_packages

url	pkg:deb/debian/ncompress@4.2.4-15?distro=trixie
purl	pkg:deb/debian/ncompress@4.2.4-15?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/ncompress@4.2.4-15%3Fdistro=trixie

url	pkg:deb/debian/ncompress@4.2.4.6-4?distro=trixie
purl	pkg:deb/debian/ncompress@4.2.4.6-4?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/ncompress@4.2.4.6-4%3Fdistro=trixie

url	pkg:deb/debian/ncompress@4.2.4.6-6?distro=trixie
purl	pkg:deb/debian/ncompress@4.2.4.6-6?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/ncompress@4.2.4.6-6%3Fdistro=trixie

url	pkg:deb/debian/ncompress@5.0-3?distro=trixie
purl	pkg:deb/debian/ncompress@5.0-3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/ncompress@5.0-3%3Fdistro=trixie

url	pkg:deb/debian/ncompress@5.0-4?distro=trixie
purl	pkg:deb/debian/ncompress@5.0-4?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/ncompress@5.0-4%3Fdistro=trixie

aliases CVE-2001-1413

risk_score 0.1

exploitability 0.5

weighted_severity 0.1

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-6xz5-ra91-7qdx

url VCID-cd15-ngyt-93he

vulnerability_id VCID-cd15-ngyt-93he

summary

A buffer underflow vulnerability has been reported in ncompress allowing
    for the execution of arbitrary code.

references

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2006-1168.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2006-1168.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2006-1168

reference_id

reference_type

scores

value	0.09814
scoring_system	epss
scoring_elements	0.92939
published_at	2026-04-01T12:55:00Z

value	0.09814
scoring_system	epss
scoring_elements	0.92947
published_at	2026-04-02T12:55:00Z

value	0.09814
scoring_system	epss
scoring_elements	0.92952
published_at	2026-04-07T12:55:00Z

value	0.09814
scoring_system	epss
scoring_elements	0.92959
published_at	2026-04-08T12:55:00Z

value	0.09814
scoring_system	epss
scoring_elements	0.92964
published_at	2026-04-09T12:55:00Z

value	0.09814
scoring_system	epss
scoring_elements	0.92968
published_at	2026-04-13T12:55:00Z

value	0.09814
scoring_system	epss
scoring_elements	0.92966
published_at	2026-04-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2006-1168

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1168
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1168

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=201919
reference_id	201919
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=201919

reference_url	https://security.gentoo.org/glsa/200610-03
reference_id	GLSA-200610-03
reference_type
scores
url	https://security.gentoo.org/glsa/200610-03

reference_url	https://security.gentoo.org/glsa/201312-02
reference_id	GLSA-201312-02
reference_type
scores
url	https://security.gentoo.org/glsa/201312-02

reference_url	https://access.redhat.com/errata/RHSA-2006:0663
reference_id	RHSA-2006:0663
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2006:0663

reference_url	https://access.redhat.com/errata/RHSA-2012:0308
reference_id	RHSA-2012:0308
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2012:0308

reference_url	https://access.redhat.com/errata/RHSA-2012:0810
reference_id	RHSA-2012:0810
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2012:0810

fixed_packages

url	pkg:deb/debian/ncompress@4.2.4-16?distro=trixie
purl	pkg:deb/debian/ncompress@4.2.4-16?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/ncompress@4.2.4-16%3Fdistro=trixie

url	pkg:deb/debian/ncompress@4.2.4.6-4?distro=trixie
purl	pkg:deb/debian/ncompress@4.2.4.6-4?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/ncompress@4.2.4.6-4%3Fdistro=trixie

url	pkg:deb/debian/ncompress@4.2.4.6-6?distro=trixie
purl	pkg:deb/debian/ncompress@4.2.4.6-6?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/ncompress@4.2.4.6-6%3Fdistro=trixie

url	pkg:deb/debian/ncompress@5.0-3?distro=trixie
purl	pkg:deb/debian/ncompress@5.0-3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/ncompress@5.0-3%3Fdistro=trixie

url	pkg:deb/debian/ncompress@5.0-4?distro=trixie
purl	pkg:deb/debian/ncompress@5.0-4?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/ncompress@5.0-4%3Fdistro=trixie

aliases CVE-2006-1168

risk_score 0.1

exploitability 0.5

weighted_severity 0.1

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-cd15-ngyt-93he

url VCID-tt3s-bpne-j3dh

vulnerability_id VCID-tt3s-bpne-j3dh

summary ncompress: insecure tmp file handling may lead to file overwrite

references

reference_url	http://marc.info/?l=bugtraq&m=112689772732098&w=2
reference_id
reference_type
scores
url	http://marc.info/?l=bugtraq&m=112689772732098&w=2

reference_url	http://marc.info/?l=full-disclosure&m=112688098630314&w=2
reference_id
reference_type
scores
url	http://marc.info/?l=full-disclosure&m=112688098630314&w=2

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2005-2991.json

reference_id

reference_type

scores

value	5.0
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:L/I:L/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2005-2991.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2005-2991

reference_id

reference_type

scores

value	0.00092
scoring_system	epss
scoring_elements	0.25862
published_at	2026-04-01T12:55:00Z

value	0.00092
scoring_system	epss
scoring_elements	0.25926
published_at	2026-04-02T12:55:00Z

value	0.00092
scoring_system	epss
scoring_elements	0.25968
published_at	2026-04-04T12:55:00Z

value	0.00092
scoring_system	epss
scoring_elements	0.25734
published_at	2026-04-07T12:55:00Z

value	0.00092
scoring_system	epss
scoring_elements	0.25806
published_at	2026-04-08T12:55:00Z

value	0.00092
scoring_system	epss
scoring_elements	0.25857
published_at	2026-04-09T12:55:00Z

value	0.00092
scoring_system	epss
scoring_elements	0.25868
published_at	2026-04-11T12:55:00Z

value	0.00092
scoring_system	epss
scoring_elements	0.25827
published_at	2026-04-12T12:55:00Z

value	0.00092
scoring_system	epss
scoring_elements	0.25771
published_at	2026-04-13T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2005-2991

reference_url	http://securityreason.com/securityalert/12
reference_id
reference_type
scores
url	http://securityreason.com/securityalert/12

reference_url	http://www.zataz.net/adviso/ncompress-09052005.txt
reference_id
reference_type
scores
url	http://www.zataz.net/adviso/ncompress-09052005.txt

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2023347
reference_id	2023347
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2023347

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ncompress:ncompress::::::::
reference_id	cpe:2.3:a:ncompress:ncompress::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ncompress:ncompress::::::::

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2005-2991

reference_id

CVE-2005-2991

reference_type

scores

value	2.1
scoring_system	cvssv2
scoring_elements	AV:L/AC:L/Au:N/C:N/I:P/A:N

url

https://nvd.nist.gov/vuln/detail/CVE-2005-2991

fixed_packages

url	pkg:deb/debian/ncompress@0?distro=trixie
purl	pkg:deb/debian/ncompress@0?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/ncompress@0%3Fdistro=trixie

url	pkg:deb/debian/ncompress@4.2.4.6-4?distro=trixie
purl	pkg:deb/debian/ncompress@4.2.4.6-4?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/ncompress@4.2.4.6-4%3Fdistro=trixie

url	pkg:deb/debian/ncompress@4.2.4.6-6?distro=trixie
purl	pkg:deb/debian/ncompress@4.2.4.6-6?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/ncompress@4.2.4.6-6%3Fdistro=trixie

url	pkg:deb/debian/ncompress@5.0-3?distro=trixie
purl	pkg:deb/debian/ncompress@5.0-3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/ncompress@5.0-3%3Fdistro=trixie

url	pkg:deb/debian/ncompress@5.0-4?distro=trixie
purl	pkg:deb/debian/ncompress@5.0-4?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/ncompress@5.0-4%3Fdistro=trixie

aliases CVE-2005-2991

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-tt3s-bpne-j3dh

url VCID-vm8g-v83d-mbfm

vulnerability_id VCID-vm8g-v83d-mbfm

summary

This GLSA contains notification of vulnerabilities found in several
    Gentoo packages which have been fixed prior to January 1, 2011. The worst
    of these vulnerabilities could lead to local privilege escalation and
    remote code execution. Please see the package list and CVE identifiers
    below for more information.

references

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-0001.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-0001.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2010-0001

reference_id

reference_type

scores

value	0.22601
scoring_system	epss
scoring_elements	0.95813
published_at	2026-04-01T12:55:00Z

value	0.22601
scoring_system	epss
scoring_elements	0.95822
published_at	2026-04-02T12:55:00Z

value	0.22601
scoring_system	epss
scoring_elements	0.9583
published_at	2026-04-04T12:55:00Z

value	0.22601
scoring_system	epss
scoring_elements	0.95832
published_at	2026-04-07T12:55:00Z

value	0.22601
scoring_system	epss
scoring_elements	0.95841
published_at	2026-04-08T12:55:00Z

value	0.22601
scoring_system	epss
scoring_elements	0.95845
published_at	2026-04-09T12:55:00Z

value	0.22601
scoring_system	epss
scoring_elements	0.95848
published_at	2026-04-12T12:55:00Z

value	0.22601
scoring_system	epss
scoring_elements	0.95849
published_at	2026-04-13T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2010-0001

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0001
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0001

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=554418
reference_id	554418
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=554418

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=566002
reference_id	566002
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=566002

reference_url	https://security.gentoo.org/glsa/201412-08
reference_id	GLSA-201412-08
reference_type
scores
url	https://security.gentoo.org/glsa/201412-08

reference_url	https://access.redhat.com/errata/RHSA-2010:0061
reference_id	RHSA-2010:0061
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2010:0061

reference_url	https://usn.ubuntu.com/889-1/
reference_id	USN-889-1
reference_type
scores
url	https://usn.ubuntu.com/889-1/

fixed_packages

url	pkg:deb/debian/ncompress@4.2.4.3-1?distro=trixie
purl	pkg:deb/debian/ncompress@4.2.4.3-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/ncompress@4.2.4.3-1%3Fdistro=trixie

url	pkg:deb/debian/ncompress@4.2.4.6-4?distro=trixie
purl	pkg:deb/debian/ncompress@4.2.4.6-4?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/ncompress@4.2.4.6-4%3Fdistro=trixie

url	pkg:deb/debian/ncompress@4.2.4.6-6?distro=trixie
purl	pkg:deb/debian/ncompress@4.2.4.6-6?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/ncompress@4.2.4.6-6%3Fdistro=trixie

url	pkg:deb/debian/ncompress@5.0-3?distro=trixie
purl	pkg:deb/debian/ncompress@5.0-3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/ncompress@5.0-3%3Fdistro=trixie

url	pkg:deb/debian/ncompress@5.0-4?distro=trixie
purl	pkg:deb/debian/ncompress@5.0-4?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/ncompress@5.0-4%3Fdistro=trixie

aliases CVE-2010-0001

risk_score 0.1

exploitability 0.5

weighted_severity 0.2

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-vm8g-v83d-mbfm

Risk_score null

Resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/ncompress@4.2.4.6-4%3Fdistro=trixie

Package Instance