Django REST framework

Lookup for vulnerable packages by Package URL.

Purl pkg:deb/debian/trafficserver@9.1.4%2Bds-1?distro=sid

Type deb

Namespace debian

Name trafficserver

Version 9.1.4+ds-1

Qualifiers

distro	sid

Subpath

Is_vulnerable false

Next_non_vulnerable_version 9.2.0+ds-2+deb12u1

Latest_non_vulnerable_version 9.2.5+ds-0+deb12u4

Affected_by_vulnerabilities

Fixing_vulnerabilities

url VCID-41x7-hv4u-byb9

vulnerability_id VCID-41x7-hv4u-byb9

summary security update

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2022-32749

reference_id

reference_type

scores

value	0.00921
scoring_system	epss
scoring_elements	0.75944
published_at	2026-04-04T12:55:00Z

value	0.00921
scoring_system	epss
scoring_elements	0.75912
published_at	2026-04-02T12:55:00Z

value	0.01339
scoring_system	epss
scoring_elements	0.80008
published_at	2026-04-09T12:55:00Z

value	0.01339
scoring_system	epss
scoring_elements	0.79971
published_at	2026-04-07T12:55:00Z

value	0.01339
scoring_system	epss
scoring_elements	0.79999
published_at	2026-04-08T12:55:00Z

value	0.01339
scoring_system	epss
scoring_elements	0.80028
published_at	2026-04-11T12:55:00Z

value	0.06551
scoring_system	epss
scoring_elements	0.91164
published_at	2026-04-21T12:55:00Z

value	0.06551
scoring_system	epss
scoring_elements	0.91137
published_at	2026-04-12T12:55:00Z

value	0.06551
scoring_system	epss
scoring_elements	0.91136
published_at	2026-04-13T12:55:00Z

value	0.06551
scoring_system	epss
scoring_elements	0.91161
published_at	2026-04-18T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2022-32749

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32749
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32749

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-37392
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-37392

reference_url

https://lists.apache.org/thread/mrj2lg4s0hf027rk7gz8t7hbn9xpfg02

reference_id

mrj2lg4s0hf027rk7gz8t7hbn9xpfg02

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-17T14:20:46Z/

url

https://lists.apache.org/thread/mrj2lg4s0hf027rk7gz8t7hbn9xpfg02

fixed_packages

url	pkg:deb/debian/trafficserver@8.1.6%2Bds-1~deb11u1?distro=sid
purl	pkg:deb/debian/trafficserver@8.1.6%2Bds-1~deb11u1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@8.1.6%252Bds-1~deb11u1%3Fdistro=sid

url pkg:deb/debian/trafficserver@8.1.10%2Bds-1~deb11u1?distro=sid

purl pkg:deb/debian/trafficserver@8.1.10%2Bds-1~deb11u1?distro=sid

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-4738-xk8n-hbac

vulnerability	VCID-4hs3-be7k-9qe7

vulnerability	VCID-4uhe-mtbx-nfdu

vulnerability	VCID-5e1r-3jec-tkhp

vulnerability	VCID-c62p-6ghw-j3dv

vulnerability	VCID-eay7-63um-43e9

vulnerability	VCID-kjah-am9e-xkev

vulnerability	VCID-tevw-8dcp-yfh6

vulnerability	VCID-ww3t-p3pq-gkhy

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@8.1.10%252Bds-1~deb11u1%3Fdistro=sid

url	pkg:deb/debian/trafficserver@9.1.4%2Bds-1?distro=sid
purl	pkg:deb/debian/trafficserver@9.1.4%2Bds-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@9.1.4%252Bds-1%3Fdistro=sid

url	pkg:deb/debian/trafficserver@9.2.5%2Bds-0%2Bdeb12u3?distro=sid
purl	pkg:deb/debian/trafficserver@9.2.5%2Bds-0%2Bdeb12u3?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@9.2.5%252Bds-0%252Bdeb12u3%3Fdistro=sid

url pkg:deb/debian/trafficserver@9.2.5%2Bds-1?distro=sid

purl pkg:deb/debian/trafficserver@9.2.5%2Bds-1?distro=sid

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-4738-xk8n-hbac

vulnerability	VCID-4hs3-be7k-9qe7

vulnerability	VCID-4uhe-mtbx-nfdu

vulnerability	VCID-5e1r-3jec-tkhp

vulnerability	VCID-c62p-6ghw-j3dv

vulnerability	VCID-eay7-63um-43e9

vulnerability	VCID-jabw-thzt-63bb

vulnerability	VCID-kjah-am9e-xkev

vulnerability	VCID-rcdg-j23x-xfbn

vulnerability	VCID-tevw-8dcp-yfh6

vulnerability	VCID-ww3t-p3pq-gkhy

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@9.2.5%252Bds-1%3Fdistro=sid

aliases CVE-2022-32749

risk_score 3.4

exploitability 0.5

weighted_severity 6.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-41x7-hv4u-byb9

url VCID-73aa-rk27-tye1

vulnerability_id VCID-73aa-rk27-tye1

summary security update

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2022-37392

reference_id

reference_type

scores

value	0.00456
scoring_system	epss
scoring_elements	0.63882
published_at	2026-04-04T12:55:00Z

value	0.00456
scoring_system	epss
scoring_elements	0.63855
published_at	2026-04-02T12:55:00Z

value	0.00615
scoring_system	epss
scoring_elements	0.69892
published_at	2026-04-09T12:55:00Z

value	0.00615
scoring_system	epss
scoring_elements	0.69828
published_at	2026-04-07T12:55:00Z

value	0.00615
scoring_system	epss
scoring_elements	0.69876
published_at	2026-04-08T12:55:00Z

value	0.00615
scoring_system	epss
scoring_elements	0.69914
published_at	2026-04-11T12:55:00Z

value	0.03006
scoring_system	epss
scoring_elements	0.86581
published_at	2026-04-13T12:55:00Z

value	0.03006
scoring_system	epss
scoring_elements	0.86592
published_at	2026-04-21T12:55:00Z

value	0.03006
scoring_system	epss
scoring_elements	0.86588
published_at	2026-04-12T12:55:00Z

value	0.03006
scoring_system	epss
scoring_elements	0.86594
published_at	2026-04-16T12:55:00Z

value	0.03006
scoring_system	epss
scoring_elements	0.86599
published_at	2026-04-18T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2022-37392

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32749
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32749

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-37392
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-37392

reference_url

https://lists.apache.org/thread/mrj2lg4s0hf027rk7gz8t7hbn9xpfg02

reference_id

mrj2lg4s0hf027rk7gz8t7hbn9xpfg02

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-17T14:20:03Z/

url

https://lists.apache.org/thread/mrj2lg4s0hf027rk7gz8t7hbn9xpfg02

fixed_packages

url	pkg:deb/debian/trafficserver@8.1.6%2Bds-1~deb11u1?distro=sid
purl	pkg:deb/debian/trafficserver@8.1.6%2Bds-1~deb11u1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@8.1.6%252Bds-1~deb11u1%3Fdistro=sid

url pkg:deb/debian/trafficserver@8.1.10%2Bds-1~deb11u1?distro=sid

purl pkg:deb/debian/trafficserver@8.1.10%2Bds-1~deb11u1?distro=sid

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-4738-xk8n-hbac

vulnerability	VCID-4hs3-be7k-9qe7

vulnerability	VCID-4uhe-mtbx-nfdu

vulnerability	VCID-5e1r-3jec-tkhp

vulnerability	VCID-c62p-6ghw-j3dv

vulnerability	VCID-eay7-63um-43e9

vulnerability	VCID-kjah-am9e-xkev

vulnerability	VCID-tevw-8dcp-yfh6

vulnerability	VCID-ww3t-p3pq-gkhy

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@8.1.10%252Bds-1~deb11u1%3Fdistro=sid

url	pkg:deb/debian/trafficserver@9.1.4%2Bds-1?distro=sid
purl	pkg:deb/debian/trafficserver@9.1.4%2Bds-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@9.1.4%252Bds-1%3Fdistro=sid

url	pkg:deb/debian/trafficserver@9.2.5%2Bds-0%2Bdeb12u3?distro=sid
purl	pkg:deb/debian/trafficserver@9.2.5%2Bds-0%2Bdeb12u3?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@9.2.5%252Bds-0%252Bdeb12u3%3Fdistro=sid

url pkg:deb/debian/trafficserver@9.2.5%2Bds-1?distro=sid

purl pkg:deb/debian/trafficserver@9.2.5%2Bds-1?distro=sid

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-4738-xk8n-hbac

vulnerability	VCID-4hs3-be7k-9qe7

vulnerability	VCID-4uhe-mtbx-nfdu

vulnerability	VCID-5e1r-3jec-tkhp

vulnerability	VCID-c62p-6ghw-j3dv

vulnerability	VCID-eay7-63um-43e9

vulnerability	VCID-jabw-thzt-63bb

vulnerability	VCID-kjah-am9e-xkev

vulnerability	VCID-rcdg-j23x-xfbn

vulnerability	VCID-tevw-8dcp-yfh6

vulnerability	VCID-ww3t-p3pq-gkhy

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@9.2.5%252Bds-1%3Fdistro=sid

aliases CVE-2022-37392

risk_score 2.4

exploitability 0.5

weighted_severity 4.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-73aa-rk27-tye1

url VCID-fvbh-59fu-cfb6

vulnerability_id VCID-fvbh-59fu-cfb6

summary Improper Input Validation vulnerability for the xdebug plugin in Apache Software Foundation Apache Traffic Server can lead to cross site scripting and cache poisoning attacks.This issue affects Apache Traffic Server: 9.0.0 to 9.1.3. Users should upgrade to 9.1.4 or later versions.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2022-40743

reference_id

reference_type

scores

value	0.08233
scoring_system	epss
scoring_elements	0.92233
published_at	2026-04-21T12:55:00Z

value	0.08233
scoring_system	epss
scoring_elements	0.92231
published_at	2026-04-18T12:55:00Z

value	0.08233
scoring_system	epss
scoring_elements	0.92193
published_at	2026-04-02T12:55:00Z

value	0.08233
scoring_system	epss
scoring_elements	0.92199
published_at	2026-04-04T12:55:00Z

value	0.08233
scoring_system	epss
scoring_elements	0.92202
published_at	2026-04-07T12:55:00Z

value	0.08233
scoring_system	epss
scoring_elements	0.92213
published_at	2026-04-08T12:55:00Z

value	0.08233
scoring_system	epss
scoring_elements	0.92217
published_at	2026-04-09T12:55:00Z

value	0.08233
scoring_system	epss
scoring_elements	0.92222
published_at	2026-04-11T12:55:00Z

value	0.08233
scoring_system	epss
scoring_elements	0.92223
published_at	2026-04-12T12:55:00Z

value	0.08233
scoring_system	epss
scoring_elements	0.9222
published_at	2026-04-13T12:55:00Z

value	0.08233
scoring_system	epss
scoring_elements	0.92232
published_at	2026-04-16T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2022-40743

reference_url

https://lists.apache.org/thread/mrj2lg4s0hf027rk7gz8t7hbn9xpfg02

reference_id

mrj2lg4s0hf027rk7gz8t7hbn9xpfg02

reference_type

scores

value	6.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-17T14:19:23Z/

url

https://lists.apache.org/thread/mrj2lg4s0hf027rk7gz8t7hbn9xpfg02

fixed_packages

url	pkg:deb/debian/trafficserver@0?distro=sid
purl	pkg:deb/debian/trafficserver@0?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@0%3Fdistro=sid

url pkg:deb/debian/trafficserver@8.1.10%2Bds-1~deb11u1?distro=sid

purl pkg:deb/debian/trafficserver@8.1.10%2Bds-1~deb11u1?distro=sid

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-4738-xk8n-hbac

vulnerability	VCID-4hs3-be7k-9qe7

vulnerability	VCID-4uhe-mtbx-nfdu

vulnerability	VCID-5e1r-3jec-tkhp

vulnerability	VCID-c62p-6ghw-j3dv

vulnerability	VCID-eay7-63um-43e9

vulnerability	VCID-kjah-am9e-xkev

vulnerability	VCID-tevw-8dcp-yfh6

vulnerability	VCID-ww3t-p3pq-gkhy

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@8.1.10%252Bds-1~deb11u1%3Fdistro=sid

url	pkg:deb/debian/trafficserver@9.1.4%2Bds-1?distro=sid
purl	pkg:deb/debian/trafficserver@9.1.4%2Bds-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@9.1.4%252Bds-1%3Fdistro=sid

url	pkg:deb/debian/trafficserver@9.2.5%2Bds-0%2Bdeb12u3?distro=sid
purl	pkg:deb/debian/trafficserver@9.2.5%2Bds-0%2Bdeb12u3?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@9.2.5%252Bds-0%252Bdeb12u3%3Fdistro=sid

url pkg:deb/debian/trafficserver@9.2.5%2Bds-1?distro=sid

purl pkg:deb/debian/trafficserver@9.2.5%2Bds-1?distro=sid

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-4738-xk8n-hbac

vulnerability	VCID-4hs3-be7k-9qe7

vulnerability	VCID-4uhe-mtbx-nfdu

vulnerability	VCID-5e1r-3jec-tkhp

vulnerability	VCID-c62p-6ghw-j3dv

vulnerability	VCID-eay7-63um-43e9

vulnerability	VCID-jabw-thzt-63bb

vulnerability	VCID-kjah-am9e-xkev

vulnerability	VCID-rcdg-j23x-xfbn

vulnerability	VCID-tevw-8dcp-yfh6

vulnerability	VCID-ww3t-p3pq-gkhy

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@9.2.5%252Bds-1%3Fdistro=sid

aliases CVE-2022-40743

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-fvbh-59fu-cfb6

Risk_score null

Resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@9.1.4%252Bds-1%3Fdistro=sid

Package Instance