Django REST framework

Lookup for vulnerable packages by Package URL.

Purl pkg:deb/debian/php7.4@7.4.33-1%2Bdeb11u9?distro=bullseye

Type deb

Namespace debian

Name php7.4

Version 7.4.33-1+deb11u9

Qualifiers

distro	bullseye

Subpath

Is_vulnerable false

Next_non_vulnerable_version 7.4.33-1+deb11u10

Latest_non_vulnerable_version 7.4.33-1+deb11u10

Affected_by_vulnerabilities

Fixing_vulnerabilities

url VCID-7qqj-hp6m-z7bh

vulnerability_id VCID-7qqj-hp6m-z7bh

summary php: NULL Pointer Dereference in PHP SOAP Extension via Large XML Namespace Prefix

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-6491.json

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-6491.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2025-6491

reference_id

reference_type

scores

value	0.00227
scoring_system	epss
scoring_elements	0.45447
published_at	2026-04-04T12:55:00Z

value	0.00227
scoring_system	epss
scoring_elements	0.45427
published_at	2026-04-02T12:55:00Z

value	0.00227
scoring_system	epss
scoring_elements	0.45392
published_at	2026-04-07T12:55:00Z

value	0.00252
scoring_system	epss
scoring_elements	0.48576
published_at	2026-04-21T12:55:00Z

value	0.00252
scoring_system	epss
scoring_elements	0.48573
published_at	2026-04-13T12:55:00Z

value	0.00252
scoring_system	epss
scoring_elements	0.48623
published_at	2026-04-16T12:55:00Z

value	0.00252
scoring_system	epss
scoring_elements	0.48618
published_at	2026-04-18T12:55:00Z

value	0.00252
scoring_system	epss
scoring_elements	0.48569
published_at	2026-04-08T12:55:00Z

value	0.00252
scoring_system	epss
scoring_elements	0.48566
published_at	2026-04-09T12:55:00Z

value	0.00252
scoring_system	epss
scoring_elements	0.48587
published_at	2026-04-11T12:55:00Z

value	0.00252
scoring_system	epss
scoring_elements	0.4856
published_at	2026-04-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2025-6491

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-6491
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-6491

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2378690
reference_id	2378690
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2378690

reference_url

https://github.com/php/php-src/security/advisories/GHSA-453j-q27h-5p8x

reference_id

GHSA-453j-q27h-5p8x

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-07-14T15:59:51Z/

url

https://github.com/php/php-src/security/advisories/GHSA-453j-q27h-5p8x

reference_url	https://access.redhat.com/errata/RHSA-2025:23309
reference_id	RHSA-2025:23309
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:23309

reference_url	https://access.redhat.com/errata/RHSA-2026:1409
reference_id	RHSA-2026:1409
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:1409

reference_url	https://access.redhat.com/errata/RHSA-2026:1412
reference_id	RHSA-2026:1412
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:1412

reference_url	https://access.redhat.com/errata/RHSA-2026:2470
reference_id	RHSA-2026:2470
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:2470

reference_url	https://usn.ubuntu.com/7648-1/
reference_id	USN-7648-1
reference_type
scores
url	https://usn.ubuntu.com/7648-1/

reference_url	https://usn.ubuntu.com/7648-2/
reference_id	USN-7648-2
reference_type
scores
url	https://usn.ubuntu.com/7648-2/

fixed_packages

url	pkg:deb/debian/php7.4@7.4.33-1%2Bdeb11u5?distro=bullseye
purl	pkg:deb/debian/php7.4@7.4.33-1%2Bdeb11u5?distro=bullseye
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/php7.4@7.4.33-1%252Bdeb11u5%3Fdistro=bullseye

url	pkg:deb/debian/php7.4@7.4.33-1%2Bdeb11u9?distro=bullseye
purl	pkg:deb/debian/php7.4@7.4.33-1%2Bdeb11u9?distro=bullseye
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/php7.4@7.4.33-1%252Bdeb11u9%3Fdistro=bullseye

aliases CVE-2025-6491

risk_score 2.6

exploitability 0.5

weighted_severity 5.3

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-7qqj-hp6m-z7bh

url VCID-fyhr-st6h-eker

vulnerability_id VCID-fyhr-st6h-eker

summary php: PHP Hostname Null Character Vulnerability

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-1220.json

reference_id

reference_type

scores

value	3.7
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-1220.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2025-1220

reference_id

reference_type

scores

value	0.00037
scoring_system	epss
scoring_elements	0.1132
published_at	2026-04-04T12:55:00Z

value	0.00037
scoring_system	epss
scoring_elements	0.11261
published_at	2026-04-02T12:55:00Z

value	0.0005
scoring_system	epss
scoring_elements	0.15356
published_at	2026-04-07T12:55:00Z

value	0.00051
scoring_system	epss
scoring_elements	0.15785
published_at	2026-04-21T12:55:00Z

value	0.00051
scoring_system	epss
scoring_elements	0.15809
published_at	2026-04-13T12:55:00Z

value	0.00051
scoring_system	epss
scoring_elements	0.15732
published_at	2026-04-16T12:55:00Z

value	0.00051
scoring_system	epss
scoring_elements	0.15741
published_at	2026-04-18T12:55:00Z

value	0.00051
scoring_system	epss
scoring_elements	0.15877
published_at	2026-04-12T12:55:00Z

value	0.00051
scoring_system	epss
scoring_elements	0.1594
published_at	2026-04-09T12:55:00Z

value	0.00051
scoring_system	epss
scoring_elements	0.15916
published_at	2026-04-11T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2025-1220

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-1220
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-1220

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	7.4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2379792
reference_id	2379792
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2379792

reference_url

https://github.com/php/php-src/security/advisories/GHSA-3cr5-j632-f35r

reference_id

GHSA-3cr5-j632-f35r

reference_type

scores

value	3.7
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-07-14T15:58:46Z/

url

https://github.com/php/php-src/security/advisories/GHSA-3cr5-j632-f35r

reference_url	https://access.redhat.com/errata/RHSA-2025:23309
reference_id	RHSA-2025:23309
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:23309

reference_url	https://access.redhat.com/errata/RHSA-2026:1409
reference_id	RHSA-2026:1409
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:1409

reference_url	https://access.redhat.com/errata/RHSA-2026:1412
reference_id	RHSA-2026:1412
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:1412

reference_url	https://access.redhat.com/errata/RHSA-2026:2470
reference_id	RHSA-2026:2470
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:2470

reference_url	https://usn.ubuntu.com/7648-1/
reference_id	USN-7648-1
reference_type
scores
url	https://usn.ubuntu.com/7648-1/

reference_url	https://usn.ubuntu.com/7648-2/
reference_id	USN-7648-2
reference_type
scores
url	https://usn.ubuntu.com/7648-2/

fixed_packages

url	pkg:deb/debian/php7.4@7.4.33-1%2Bdeb11u5?distro=bullseye
purl	pkg:deb/debian/php7.4@7.4.33-1%2Bdeb11u5?distro=bullseye
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/php7.4@7.4.33-1%252Bdeb11u5%3Fdistro=bullseye

url	pkg:deb/debian/php7.4@7.4.33-1%2Bdeb11u9?distro=bullseye
purl	pkg:deb/debian/php7.4@7.4.33-1%2Bdeb11u9?distro=bullseye
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/php7.4@7.4.33-1%252Bdeb11u9%3Fdistro=bullseye

aliases CVE-2025-1220

risk_score 1.9

exploitability 0.5

weighted_severity 3.7

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-fyhr-st6h-eker

url VCID-uush-g6k9-9ffm

vulnerability_id VCID-uush-g6k9-9ffm

summary php: pgsql extension does not check for errors during escaping

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-1735.json

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-1735.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2025-1735

reference_id

reference_type

scores

value	0.00134
scoring_system	epss
scoring_elements	0.33221
published_at	2026-04-04T12:55:00Z

value	0.00134
scoring_system	epss
scoring_elements	0.33187
published_at	2026-04-02T12:55:00Z

value	0.00134
scoring_system	epss
scoring_elements	0.33052
published_at	2026-04-07T12:55:00Z

value	0.0015
scoring_system	epss
scoring_elements	0.35471
published_at	2026-04-21T12:55:00Z

value	0.0015
scoring_system	epss
scoring_elements	0.35493
published_at	2026-04-13T12:55:00Z

value	0.0015
scoring_system	epss
scoring_elements	0.35532
published_at	2026-04-16T12:55:00Z

value	0.0015
scoring_system	epss
scoring_elements	0.35522
published_at	2026-04-18T12:55:00Z

value	0.0015
scoring_system	epss
scoring_elements	0.35525
published_at	2026-04-08T12:55:00Z

value	0.0015
scoring_system	epss
scoring_elements	0.35549
published_at	2026-04-09T12:55:00Z

value	0.0015
scoring_system	epss
scoring_elements	0.35558
published_at	2026-04-11T12:55:00Z

value	0.0015
scoring_system	epss
scoring_elements	0.35514
published_at	2026-04-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2025-1735

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-1735
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-1735

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2378689
reference_id	2378689
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2378689

reference_url

https://github.com/php/php-src/security/advisories/GHSA-hrwm-9436-5mv3

reference_id

GHSA-hrwm-9436-5mv3

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-07-14T15:58:08Z/

url

https://github.com/php/php-src/security/advisories/GHSA-hrwm-9436-5mv3

reference_url	https://access.redhat.com/errata/RHSA-2025:23309
reference_id	RHSA-2025:23309
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:23309

reference_url	https://access.redhat.com/errata/RHSA-2026:1409
reference_id	RHSA-2026:1409
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:1409

reference_url	https://access.redhat.com/errata/RHSA-2026:1412
reference_id	RHSA-2026:1412
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:1412

reference_url	https://access.redhat.com/errata/RHSA-2026:2470
reference_id	RHSA-2026:2470
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:2470

reference_url	https://usn.ubuntu.com/7648-1/
reference_id	USN-7648-1
reference_type
scores
url	https://usn.ubuntu.com/7648-1/

reference_url	https://usn.ubuntu.com/7648-2/
reference_id	USN-7648-2
reference_type
scores
url	https://usn.ubuntu.com/7648-2/

reference_url	https://usn.ubuntu.com/7648-3/
reference_id	USN-7648-3
reference_type
scores
url	https://usn.ubuntu.com/7648-3/

fixed_packages

url	pkg:deb/debian/php7.4@7.4.33-1%2Bdeb11u5?distro=bullseye
purl	pkg:deb/debian/php7.4@7.4.33-1%2Bdeb11u5?distro=bullseye
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/php7.4@7.4.33-1%252Bdeb11u5%3Fdistro=bullseye

url	pkg:deb/debian/php7.4@7.4.33-1%2Bdeb11u9?distro=bullseye
purl	pkg:deb/debian/php7.4@7.4.33-1%2Bdeb11u9?distro=bullseye
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/php7.4@7.4.33-1%252Bdeb11u9%3Fdistro=bullseye

aliases CVE-2025-1735

risk_score 2.6

exploitability 0.5

weighted_severity 5.3

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-uush-g6k9-9ffm

Risk_score null

Resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/php7.4@7.4.33-1%252Bdeb11u9%3Fdistro=bullseye

Package Instance