Django REST framework

Lookup for vulnerable packages by Package URL.

Purl pkg:deb/debian/policycoreutils@3.9-2?distro=trixie

Type deb

Namespace debian

Name policycoreutils

Version 3.9-2

Qualifiers

distro	trixie

Subpath

Is_vulnerable false

Next_non_vulnerable_version 3.10-1

Latest_non_vulnerable_version 3.10-1

Affected_by_vulnerabilities

Fixing_vulnerabilities

url VCID-4d98-3nv9-bbd7

vulnerability_id VCID-4d98-3nv9-bbd7

summary policycoreutils: Relabelling of symbolic links in /tmp and /var/tmp change the context of their target instead

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-1063.json

reference_id

reference_type

scores

value	3.9
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-1063.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2018-1063

reference_id

reference_type

scores

value	0.00117
scoring_system	epss
scoring_elements	0.30595
published_at	2026-04-07T12:55:00Z

value	0.00117
scoring_system	epss
scoring_elements	0.30731
published_at	2026-04-02T12:55:00Z

value	0.00117
scoring_system	epss
scoring_elements	0.3078
published_at	2026-04-04T12:55:00Z

value	0.00117
scoring_system	epss
scoring_elements	0.30653
published_at	2026-04-08T12:55:00Z

value	0.00117
scoring_system	epss
scoring_elements	0.30686
published_at	2026-04-09T12:55:00Z

value	0.00117
scoring_system	epss
scoring_elements	0.3069
published_at	2026-04-11T12:55:00Z

value	0.00117
scoring_system	epss
scoring_elements	0.30646
published_at	2026-04-12T12:55:00Z

value	0.00117
scoring_system	epss
scoring_elements	0.306
published_at	2026-04-13T12:55:00Z

value	0.00117
scoring_system	epss
scoring_elements	0.30626
published_at	2026-04-16T12:55:00Z

value	0.00117
scoring_system	epss
scoring_elements	0.30609
published_at	2026-04-18T12:55:00Z

value	0.00117
scoring_system	epss
scoring_elements	0.30574
published_at	2026-04-21T12:55:00Z

value	0.00117
scoring_system	epss
scoring_elements	0.30395
published_at	2026-04-24T12:55:00Z

value	0.00117
scoring_system	epss
scoring_elements	0.30281
published_at	2026-04-26T12:55:00Z

value	0.00117
scoring_system	epss
scoring_elements	0.30201
published_at	2026-04-29T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2018-1063

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1063
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1063

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1550122
reference_id	1550122
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1550122

reference_url	https://access.redhat.com/errata/RHSA-2018:0913
reference_id	RHSA-2018:0913
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2018:0913

fixed_packages

url	pkg:deb/debian/policycoreutils@2.7-1?distro=trixie
purl	pkg:deb/debian/policycoreutils@2.7-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/policycoreutils@2.7-1%3Fdistro=trixie

url	pkg:deb/debian/policycoreutils@3.1-3?distro=trixie
purl	pkg:deb/debian/policycoreutils@3.1-3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/policycoreutils@3.1-3%3Fdistro=trixie

url	pkg:deb/debian/policycoreutils@3.4-1?distro=trixie
purl	pkg:deb/debian/policycoreutils@3.4-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/policycoreutils@3.4-1%3Fdistro=trixie

url	pkg:deb/debian/policycoreutils@3.8.1-2?distro=trixie
purl	pkg:deb/debian/policycoreutils@3.8.1-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/policycoreutils@3.8.1-2%3Fdistro=trixie

url	pkg:deb/debian/policycoreutils@3.9-2?distro=trixie
purl	pkg:deb/debian/policycoreutils@3.9-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/policycoreutils@3.9-2%3Fdistro=trixie

url	pkg:deb/debian/policycoreutils@3.10-1?distro=trixie
purl	pkg:deb/debian/policycoreutils@3.10-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/policycoreutils@3.10-1%3Fdistro=trixie

aliases CVE-2018-1063

risk_score 1.8

exploitability 0.5

weighted_severity 3.5

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-4d98-3nv9-bbd7

url VCID-e1e8-5dvg-tqgf

vulnerability_id VCID-e1e8-5dvg-tqgf

summary

A vulnerability in policycoreutils could lead to local privilege
    escalation.

references

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-3215.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-3215.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2014-3215

reference_id

reference_type

scores

value	0.0007
scoring_system	epss
scoring_elements	0.21466
published_at	2026-04-01T12:55:00Z

value	0.0007
scoring_system	epss
scoring_elements	0.21635
published_at	2026-04-02T12:55:00Z

value	0.0007
scoring_system	epss
scoring_elements	0.21692
published_at	2026-04-04T12:55:00Z

value	0.0007
scoring_system	epss
scoring_elements	0.21446
published_at	2026-04-07T12:55:00Z

value	0.0007
scoring_system	epss
scoring_elements	0.21523
published_at	2026-04-08T12:55:00Z

value	0.0007
scoring_system	epss
scoring_elements	0.21582
published_at	2026-04-09T12:55:00Z

value	0.0007
scoring_system	epss
scoring_elements	0.21594
published_at	2026-04-11T12:55:00Z

value	0.0007
scoring_system	epss
scoring_elements	0.21556
published_at	2026-04-12T12:55:00Z

value	0.0007
scoring_system	epss
scoring_elements	0.21499
published_at	2026-04-13T12:55:00Z

value	0.0007
scoring_system	epss
scoring_elements	0.21496
published_at	2026-04-16T12:55:00Z

value	0.0007
scoring_system	epss
scoring_elements	0.21503
published_at	2026-04-18T12:55:00Z

value	0.0007
scoring_system	epss
scoring_elements	0.21471
published_at	2026-04-21T12:55:00Z

value	0.0007
scoring_system	epss
scoring_elements	0.21323
published_at	2026-04-24T12:55:00Z

value	0.0007
scoring_system	epss
scoring_elements	0.21322
published_at	2026-04-26T12:55:00Z

value	0.0007
scoring_system	epss
scoring_elements	0.21301
published_at	2026-04-29T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2014-3215

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1095855
reference_id	1095855
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1095855

reference_url	https://security.gentoo.org/glsa/201412-44
reference_id	GLSA-201412-44
reference_type
scores
url	https://security.gentoo.org/glsa/201412-44

reference_url	https://access.redhat.com/errata/RHSA-2015:0864
reference_id	RHSA-2015:0864
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2015:0864

fixed_packages

url	pkg:deb/debian/policycoreutils@0?distro=trixie
purl	pkg:deb/debian/policycoreutils@0?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/policycoreutils@0%3Fdistro=trixie

url	pkg:deb/debian/policycoreutils@3.1-3?distro=trixie
purl	pkg:deb/debian/policycoreutils@3.1-3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/policycoreutils@3.1-3%3Fdistro=trixie

url	pkg:deb/debian/policycoreutils@3.4-1?distro=trixie
purl	pkg:deb/debian/policycoreutils@3.4-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/policycoreutils@3.4-1%3Fdistro=trixie

url	pkg:deb/debian/policycoreutils@3.8.1-2?distro=trixie
purl	pkg:deb/debian/policycoreutils@3.8.1-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/policycoreutils@3.8.1-2%3Fdistro=trixie

url	pkg:deb/debian/policycoreutils@3.9-2?distro=trixie
purl	pkg:deb/debian/policycoreutils@3.9-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/policycoreutils@3.9-2%3Fdistro=trixie

url	pkg:deb/debian/policycoreutils@3.10-1?distro=trixie
purl	pkg:deb/debian/policycoreutils@3.10-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/policycoreutils@3.10-1%3Fdistro=trixie

aliases CVE-2014-3215

risk_score null

exploitability 0.5

weighted_severity 0.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-e1e8-5dvg-tqgf

url VCID-vxgp-zab4-2kdm

vulnerability_id VCID-vxgp-zab4-2kdm

summary policycoreutils: SELinux sandbox escape via TIOCSTI ioctl

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-7545.json

reference_id

reference_type

scores

value	8.6
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-7545.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2016-7545

reference_id

reference_type

scores

value	0.00072
scoring_system	epss
scoring_elements	0.21791
published_at	2026-04-01T12:55:00Z

value	0.00072
scoring_system	epss
scoring_elements	0.21956
published_at	2026-04-02T12:55:00Z

value	0.00072
scoring_system	epss
scoring_elements	0.22009
published_at	2026-04-04T12:55:00Z

value	0.00072
scoring_system	epss
scoring_elements	0.21775
published_at	2026-04-07T12:55:00Z

value	0.00072
scoring_system	epss
scoring_elements	0.21851
published_at	2026-04-08T12:55:00Z

value	0.00072
scoring_system	epss
scoring_elements	0.21907
published_at	2026-04-09T12:55:00Z

value	0.00072
scoring_system	epss
scoring_elements	0.21919
published_at	2026-04-11T12:55:00Z

value	0.00072
scoring_system	epss
scoring_elements	0.21879
published_at	2026-04-12T12:55:00Z

value	0.00072
scoring_system	epss
scoring_elements	0.21822
published_at	2026-04-13T12:55:00Z

value	0.00072
scoring_system	epss
scoring_elements	0.21824
published_at	2026-04-16T12:55:00Z

value	0.00072
scoring_system	epss
scoring_elements	0.2183
published_at	2026-04-18T12:55:00Z

value	0.00072
scoring_system	epss
scoring_elements	0.21794
published_at	2026-04-21T12:55:00Z

value	0.00072
scoring_system	epss
scoring_elements	0.21646
published_at	2026-04-24T12:55:00Z

value	0.00072
scoring_system	epss
scoring_elements	0.2164
published_at	2026-04-26T12:55:00Z

value	0.00072
scoring_system	epss
scoring_elements	0.2163
published_at	2026-04-29T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2016-7545

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7545
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7545

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	6.6
scoring_system	cvssv2
scoring_elements	AV:L/AC:M/Au:S/C:C/I:C/A:C

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1378577
reference_id	1378577
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1378577

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=838599
reference_id	838599
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=838599

reference_url	https://access.redhat.com/errata/RHSA-2016:2702
reference_id	RHSA-2016:2702
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:2702

reference_url	https://access.redhat.com/errata/RHSA-2017:0535
reference_id	RHSA-2017:0535
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2017:0535

reference_url	https://access.redhat.com/errata/RHSA-2017:0536
reference_id	RHSA-2017:0536
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2017:0536

fixed_packages

url	pkg:deb/debian/policycoreutils@2.5-3?distro=trixie
purl	pkg:deb/debian/policycoreutils@2.5-3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/policycoreutils@2.5-3%3Fdistro=trixie

url	pkg:deb/debian/policycoreutils@3.1-3?distro=trixie
purl	pkg:deb/debian/policycoreutils@3.1-3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/policycoreutils@3.1-3%3Fdistro=trixie

url	pkg:deb/debian/policycoreutils@3.4-1?distro=trixie
purl	pkg:deb/debian/policycoreutils@3.4-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/policycoreutils@3.4-1%3Fdistro=trixie

url	pkg:deb/debian/policycoreutils@3.8.1-2?distro=trixie
purl	pkg:deb/debian/policycoreutils@3.8.1-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/policycoreutils@3.8.1-2%3Fdistro=trixie

url	pkg:deb/debian/policycoreutils@3.9-2?distro=trixie
purl	pkg:deb/debian/policycoreutils@3.9-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/policycoreutils@3.9-2%3Fdistro=trixie

url	pkg:deb/debian/policycoreutils@3.10-1?distro=trixie
purl	pkg:deb/debian/policycoreutils@3.10-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/policycoreutils@3.10-1%3Fdistro=trixie

aliases CVE-2016-7545

risk_score 3.9

exploitability 0.5

weighted_severity 7.7

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-vxgp-zab4-2kdm

Risk_score null

Resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/policycoreutils@3.9-2%3Fdistro=trixie

Package Instance