Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:deb/debian/rar@0?distro=trixie
Typedeb
Namespacedebian
Namerar
Version0
Qualifiers
distro trixie
Subpath
Is_vulnerablefalse
Next_non_vulnerable_version1:3.7b1-1
Latest_non_vulnerable_version2:7.20-1
Affected_by_vulnerabilities
Fixing_vulnerabilities
0
url VCID-m2ca-cwwa-mqcc
vulnerability_id VCID-m2ca-cwwa-mqcc
summary 
RARLAB WinRAR Directory Traversal Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of RARLAB WinRAR. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.

The specific flaw exists within the handling of file paths within archive files. A crafted file path can cause the process to traverse to unintended directories. An attacker can leverage this vulnerability to execute code in the context of the current user. Was ZDI-CAN-27198.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-6218
reference_id
reference_type
scores
0
value 0.04756
scoring_system epss
scoring_elements 0.89442
published_at 2026-04-09T12:55:00Z
1
value 0.04756
scoring_system epss
scoring_elements 0.89459
published_at 2026-04-16T12:55:00Z
2
value 0.04756
scoring_system epss
scoring_elements 0.89444
published_at 2026-04-13T12:55:00Z
3
value 0.04756
scoring_system epss
scoring_elements 0.89448
published_at 2026-04-12T12:55:00Z
4
value 0.04756
scoring_system epss
scoring_elements 0.8945
published_at 2026-04-11T12:55:00Z
5
value 0.04756
scoring_system epss
scoring_elements 0.8942
published_at 2026-04-04T12:55:00Z
6
value 0.04756
scoring_system epss
scoring_elements 0.89422
published_at 2026-04-07T12:55:00Z
7
value 0.04756
scoring_system epss
scoring_elements 0.89438
published_at 2026-04-08T12:55:00Z
8
value 0.0527
scoring_system epss
scoring_elements 0.89958
published_at 2026-04-02T12:55:00Z
9
value 0.06169
scoring_system epss
scoring_elements 0.90858
published_at 2026-04-18T12:55:00Z
10
value 0.06169
scoring_system epss
scoring_elements 0.90857
published_at 2026-04-21T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-6218
1
reference_url https://www.win-rar.com/singlenewsview.html?&tx_ttnews%5Btt_news%5D=276&cHash=388885bd3908a40726f535c026f94eb6
reference_id singlenewsview.html?&tx_ttnews%5Btt_news%5D=276&cHash=388885bd3908a40726f535c026f94eb6
reference_type
scores
0
value 7.8
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-12-10T04:57:14Z/
url https://www.win-rar.com/singlenewsview.html?&tx_ttnews%5Btt_news%5D=276&cHash=388885bd3908a40726f535c026f94eb6
2
reference_url https://www.zerodayinitiative.com/advisories/ZDI-25-409/
reference_id ZDI-25-409
reference_type
scores
0
value 7.8
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-12-10T04:57:14Z/
url https://www.zerodayinitiative.com/advisories/ZDI-25-409/
fixed_packages
0
url pkg:deb/debian/rar@0?distro=trixie
purl pkg:deb/debian/rar@0?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/rar@0%3Fdistro=trixie
1
url pkg:deb/debian/rar@2:6.23-1~deb11u1?distro=trixie
purl pkg:deb/debian/rar@2:6.23-1~deb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-gkjf-x8s7-57dn
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/rar@2:6.23-1~deb11u1%3Fdistro=trixie
2
url pkg:deb/debian/rar@2:7.01-1~deb12u1?distro=trixie
purl pkg:deb/debian/rar@2:7.01-1~deb12u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/rar@2:7.01-1~deb12u1%3Fdistro=trixie
3
url pkg:deb/debian/rar@2:7.11-1?distro=trixie
purl pkg:deb/debian/rar@2:7.11-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/rar@2:7.11-1%3Fdistro=trixie
4
url pkg:deb/debian/rar@2:7.20-1?distro=trixie
purl pkg:deb/debian/rar@2:7.20-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/rar@2:7.20-1%3Fdistro=trixie
aliases CVE-2025-6218
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-m2ca-cwwa-mqcc
Risk_scorenull
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:deb/debian/rar@0%3Fdistro=trixie