Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:deb/debian/redmine@5.0.4-1?distro=trixie
Typedeb
Namespacedebian
Nameredmine
Version5.0.4-1
Qualifiers
distro trixie
Subpath
Is_vulnerablefalse
Next_non_vulnerable_version5.0.4-5+deb12u1
Latest_non_vulnerable_version6.0.6+ds-6
Affected_by_vulnerabilities
Fixing_vulnerabilities
0
url VCID-5j9e-c844-zuh1
vulnerability_id VCID-5j9e-c844-zuh1
summary Redmine 5.x before 5.0.4 allows downloading of file attachments of any Issue or any Wiki page due to insufficient permission checks. Depending on the configuration, this may require login as a registered user.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-44030
reference_id
reference_type
scores
0
value 0.0035
scoring_system epss
scoring_elements 0.5748
published_at 2026-04-21T12:55:00Z
1
value 0.0035
scoring_system epss
scoring_elements 0.57478
published_at 2026-04-13T12:55:00Z
2
value 0.0035
scoring_system epss
scoring_elements 0.57505
published_at 2026-04-16T12:55:00Z
3
value 0.0035
scoring_system epss
scoring_elements 0.57501
published_at 2026-04-18T12:55:00Z
4
value 0.0035
scoring_system epss
scoring_elements 0.57448
published_at 2026-04-02T12:55:00Z
5
value 0.0035
scoring_system epss
scoring_elements 0.57471
published_at 2026-04-04T12:55:00Z
6
value 0.0035
scoring_system epss
scoring_elements 0.57447
published_at 2026-04-07T12:55:00Z
7
value 0.0035
scoring_system epss
scoring_elements 0.575
published_at 2026-04-08T12:55:00Z
8
value 0.0035
scoring_system epss
scoring_elements 0.57504
published_at 2026-04-09T12:55:00Z
9
value 0.0035
scoring_system epss
scoring_elements 0.57519
published_at 2026-04-11T12:55:00Z
10
value 0.0035
scoring_system epss
scoring_elements 0.57497
published_at 2026-04-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-44030
1
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1026048
reference_id 1026048
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1026048
2
reference_url https://www.redmine.org/news/139
reference_id 139
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-23T16:15:17Z/
url https://www.redmine.org/news/139
fixed_packages
0
url pkg:deb/debian/redmine@5.0.4-1?distro=trixie
purl pkg:deb/debian/redmine@5.0.4-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/redmine@5.0.4-1%3Fdistro=trixie
1
url pkg:deb/debian/redmine@5.0.4-5%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/redmine@5.0.4-5%2Bdeb12u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/redmine@5.0.4-5%252Bdeb12u1%3Fdistro=trixie
2
url pkg:deb/debian/redmine@6.0.5%2Bds-1?distro=trixie
purl pkg:deb/debian/redmine@6.0.5%2Bds-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/redmine@6.0.5%252Bds-1%3Fdistro=trixie
3
url pkg:deb/debian/redmine@6.0.6%2Bds-6?distro=trixie
purl pkg:deb/debian/redmine@6.0.6%2Bds-6?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/redmine@6.0.6%252Bds-6%3Fdistro=trixie
aliases CVE-2022-44030
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-5j9e-c844-zuh1
1
url VCID-8trg-1f24-mff1
vulnerability_id VCID-8trg-1f24-mff1
summary Redmine before 4.2.9 and 5.0.x before 5.0.4 allows persistent XSS in its Textile formatter due to improper sanitization of the blockquote syntax in Textile-formatted fields.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-44031
reference_id
reference_type
scores
0
value 0.00669
scoring_system epss
scoring_elements 0.71334
published_at 2026-04-21T12:55:00Z
1
value 0.00669
scoring_system epss
scoring_elements 0.71355
published_at 2026-04-18T12:55:00Z
2
value 0.00669
scoring_system epss
scoring_elements 0.71265
published_at 2026-04-02T12:55:00Z
3
value 0.00669
scoring_system epss
scoring_elements 0.71283
published_at 2026-04-04T12:55:00Z
4
value 0.00669
scoring_system epss
scoring_elements 0.71258
published_at 2026-04-07T12:55:00Z
5
value 0.00669
scoring_system epss
scoring_elements 0.71299
published_at 2026-04-08T12:55:00Z
6
value 0.00669
scoring_system epss
scoring_elements 0.71313
published_at 2026-04-09T12:55:00Z
7
value 0.00669
scoring_system epss
scoring_elements 0.71335
published_at 2026-04-11T12:55:00Z
8
value 0.00669
scoring_system epss
scoring_elements 0.7132
published_at 2026-04-12T12:55:00Z
9
value 0.00669
scoring_system epss
scoring_elements 0.71304
published_at 2026-04-13T12:55:00Z
10
value 0.00669
scoring_system epss
scoring_elements 0.7135
published_at 2026-04-16T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-44031
1
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1026048
reference_id 1026048
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1026048
fixed_packages
0
url pkg:deb/debian/redmine@5.0.4-1?distro=trixie
purl pkg:deb/debian/redmine@5.0.4-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/redmine@5.0.4-1%3Fdistro=trixie
1
url pkg:deb/debian/redmine@5.0.4-5%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/redmine@5.0.4-5%2Bdeb12u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/redmine@5.0.4-5%252Bdeb12u1%3Fdistro=trixie
2
url pkg:deb/debian/redmine@6.0.5%2Bds-1?distro=trixie
purl pkg:deb/debian/redmine@6.0.5%2Bds-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/redmine@6.0.5%252Bds-1%3Fdistro=trixie
3
url pkg:deb/debian/redmine@6.0.6%2Bds-6?distro=trixie
purl pkg:deb/debian/redmine@6.0.6%2Bds-6?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/redmine@6.0.6%252Bds-6%3Fdistro=trixie
aliases CVE-2022-44031
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-8trg-1f24-mff1
2
url VCID-kmja-ehjr-e3cx
vulnerability_id VCID-kmja-ehjr-e3cx
summary Redmine before 4.2.9 and 5.0.x before 5.0.4 allows persistent XSS in its Textile formatter due to improper sanitization in Redcloth3 Textile-formatted fields. Depending on the configuration, this may require login as a registered user.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-44637
reference_id
reference_type
scores
0
value 0.00669
scoring_system epss
scoring_elements 0.71334
published_at 2026-04-21T12:55:00Z
1
value 0.00669
scoring_system epss
scoring_elements 0.71355
published_at 2026-04-18T12:55:00Z
2
value 0.00669
scoring_system epss
scoring_elements 0.71265
published_at 2026-04-02T12:55:00Z
3
value 0.00669
scoring_system epss
scoring_elements 0.71283
published_at 2026-04-04T12:55:00Z
4
value 0.00669
scoring_system epss
scoring_elements 0.71258
published_at 2026-04-07T12:55:00Z
5
value 0.00669
scoring_system epss
scoring_elements 0.71299
published_at 2026-04-08T12:55:00Z
6
value 0.00669
scoring_system epss
scoring_elements 0.71313
published_at 2026-04-09T12:55:00Z
7
value 0.00669
scoring_system epss
scoring_elements 0.71335
published_at 2026-04-11T12:55:00Z
8
value 0.00669
scoring_system epss
scoring_elements 0.7132
published_at 2026-04-12T12:55:00Z
9
value 0.00669
scoring_system epss
scoring_elements 0.71304
published_at 2026-04-13T12:55:00Z
10
value 0.00669
scoring_system epss
scoring_elements 0.7135
published_at 2026-04-16T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-44637
1
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1026048
reference_id 1026048
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1026048
fixed_packages
0
url pkg:deb/debian/redmine@5.0.4-1?distro=trixie
purl pkg:deb/debian/redmine@5.0.4-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/redmine@5.0.4-1%3Fdistro=trixie
1
url pkg:deb/debian/redmine@5.0.4-5%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/redmine@5.0.4-5%2Bdeb12u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/redmine@5.0.4-5%252Bdeb12u1%3Fdistro=trixie
2
url pkg:deb/debian/redmine@6.0.5%2Bds-1?distro=trixie
purl pkg:deb/debian/redmine@6.0.5%2Bds-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/redmine@6.0.5%252Bds-1%3Fdistro=trixie
3
url pkg:deb/debian/redmine@6.0.6%2Bds-6?distro=trixie
purl pkg:deb/debian/redmine@6.0.6%2Bds-6?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/redmine@6.0.6%252Bds-6%3Fdistro=trixie
aliases CVE-2022-44637
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-kmja-ehjr-e3cx
Risk_scorenull
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:deb/debian/redmine@5.0.4-1%3Fdistro=trixie