Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:deb/debian/trafficserver@9.2.5%2Bds-0%2Bdeb12u1?distro=sid
Typedeb
Namespacedebian
Nametrafficserver
Version9.2.5+ds-0+deb12u1
Qualifiers
distro sid
Subpath
Is_vulnerablefalse
Next_non_vulnerable_version9.2.5+ds-0+deb12u2
Latest_non_vulnerable_version9.2.5+ds-0+deb12u4
Affected_by_vulnerabilities
Fixing_vulnerabilities
0
url VCID-esap-nkps-cfg9
vulnerability_id VCID-esap-nkps-cfg9
summary Invalid Accept-Encoding header can cause Apache Traffic Server to fail cache lookup and force forwarding requests. This issue affects Apache Traffic Server: from 8.0.0 through 8.1.10, from 9.0.0 through 9.2.4. Users are recommended to upgrade to version 8.1.11 or 9.2.5, which fixes the issue.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2024-35296
reference_id
reference_type
scores
0
value 0.00123
scoring_system epss
scoring_elements 0.31401
published_at 2026-04-21T12:55:00Z
1
value 0.00123
scoring_system epss
scoring_elements 0.31453
published_at 2026-04-16T12:55:00Z
2
value 0.00123
scoring_system epss
scoring_elements 0.31432
published_at 2026-04-18T12:55:00Z
3
value 0.00123
scoring_system epss
scoring_elements 0.31553
published_at 2026-04-02T12:55:00Z
4
value 0.00123
scoring_system epss
scoring_elements 0.31595
published_at 2026-04-04T12:55:00Z
5
value 0.00123
scoring_system epss
scoring_elements 0.31411
published_at 2026-04-07T12:55:00Z
6
value 0.00123
scoring_system epss
scoring_elements 0.31464
published_at 2026-04-08T12:55:00Z
7
value 0.00123
scoring_system epss
scoring_elements 0.31494
published_at 2026-04-09T12:55:00Z
8
value 0.00123
scoring_system epss
scoring_elements 0.31499
published_at 2026-04-11T12:55:00Z
9
value 0.00123
scoring_system epss
scoring_elements 0.31457
published_at 2026-04-12T12:55:00Z
10
value 0.00123
scoring_system epss
scoring_elements 0.31419
published_at 2026-04-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2024-35296
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-35296
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-35296
2
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1077141
reference_id 1077141
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1077141
3
reference_url https://lists.apache.org/thread/c4mcmpblgl8kkmyt56t23543gp8v56m0
reference_id c4mcmpblgl8kkmyt56t23543gp8v56m0
reference_type
scores
0
value 8.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:L
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-26T14:01:18Z/
url https://lists.apache.org/thread/c4mcmpblgl8kkmyt56t23543gp8v56m0
fixed_packages
0
url pkg:deb/debian/trafficserver@8.1.10%2Bds-1~deb11u1?distro=sid
purl pkg:deb/debian/trafficserver@8.1.10%2Bds-1~deb11u1?distro=sid
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-4738-xk8n-hbac
1
vulnerability VCID-4hs3-be7k-9qe7
2
vulnerability VCID-4uhe-mtbx-nfdu
3
vulnerability VCID-5e1r-3jec-tkhp
4
vulnerability VCID-c62p-6ghw-j3dv
5
vulnerability VCID-eay7-63um-43e9
6
vulnerability VCID-kjah-am9e-xkev
7
vulnerability VCID-tevw-8dcp-yfh6
8
vulnerability VCID-ww3t-p3pq-gkhy
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@8.1.10%252Bds-1~deb11u1%3Fdistro=sid
1
url pkg:deb/debian/trafficserver@8.1.11%2Bds-0%2Bdeb11u1?distro=sid
purl pkg:deb/debian/trafficserver@8.1.11%2Bds-0%2Bdeb11u1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@8.1.11%252Bds-0%252Bdeb11u1%3Fdistro=sid
2
url pkg:deb/debian/trafficserver@9.2.5%2Bds-0%2Bdeb12u1?distro=sid
purl pkg:deb/debian/trafficserver@9.2.5%2Bds-0%2Bdeb12u1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@9.2.5%252Bds-0%252Bdeb12u1%3Fdistro=sid
3
url pkg:deb/debian/trafficserver@9.2.5%2Bds-0%2Bdeb12u3?distro=sid
purl pkg:deb/debian/trafficserver@9.2.5%2Bds-0%2Bdeb12u3?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@9.2.5%252Bds-0%252Bdeb12u3%3Fdistro=sid
4
url pkg:deb/debian/trafficserver@9.2.5%2Bds-1?distro=sid
purl pkg:deb/debian/trafficserver@9.2.5%2Bds-1?distro=sid
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-4738-xk8n-hbac
1
vulnerability VCID-4hs3-be7k-9qe7
2
vulnerability VCID-4uhe-mtbx-nfdu
3
vulnerability VCID-5e1r-3jec-tkhp
4
vulnerability VCID-c62p-6ghw-j3dv
5
vulnerability VCID-eay7-63um-43e9
6
vulnerability VCID-jabw-thzt-63bb
7
vulnerability VCID-kjah-am9e-xkev
8
vulnerability VCID-rcdg-j23x-xfbn
9
vulnerability VCID-tevw-8dcp-yfh6
10
vulnerability VCID-ww3t-p3pq-gkhy
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@9.2.5%252Bds-1%3Fdistro=sid
aliases CVE-2024-35296
risk_score 3.7
exploitability 0.5
weighted_severity 7.4
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-esap-nkps-cfg9
1
url VCID-jb1b-9gr2-suez
vulnerability_id VCID-jb1b-9gr2-suez
summary Apache Traffic Server forwards malformed HTTP chunked trailer section to origin servers. This can be utilized for request smuggling and may also lead cache poisoning if the origin servers are vulnerable. This issue affects Apache Traffic Server: from 8.0.0 through 8.1.10, from 9.0.0 through 9.2.4. Users can set a new setting (proxy.config.http.drop_chunked_trailers) not to forward chunked trailer section. Users are recommended to upgrade to version 8.1.11 or 9.2.5, which fixes the issue.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2024-35161
reference_id
reference_type
scores
0
value 0.00216
scoring_system epss
scoring_elements 0.44089
published_at 2026-04-02T12:55:00Z
1
value 0.00338
scoring_system epss
scoring_elements 0.56653
published_at 2026-04-21T12:55:00Z
2
value 0.00338
scoring_system epss
scoring_elements 0.56682
published_at 2026-04-16T12:55:00Z
3
value 0.00338
scoring_system epss
scoring_elements 0.56681
published_at 2026-04-18T12:55:00Z
4
value 0.00338
scoring_system epss
scoring_elements 0.56654
published_at 2026-04-04T12:55:00Z
5
value 0.00338
scoring_system epss
scoring_elements 0.56633
published_at 2026-04-07T12:55:00Z
6
value 0.00338
scoring_system epss
scoring_elements 0.56684
published_at 2026-04-08T12:55:00Z
7
value 0.00338
scoring_system epss
scoring_elements 0.56689
published_at 2026-04-09T12:55:00Z
8
value 0.00338
scoring_system epss
scoring_elements 0.56697
published_at 2026-04-11T12:55:00Z
9
value 0.00338
scoring_system epss
scoring_elements 0.56672
published_at 2026-04-12T12:55:00Z
10
value 0.00338
scoring_system epss
scoring_elements 0.56651
published_at 2026-04-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2024-35161
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-35161
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-35161
2
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1077141
reference_id 1077141
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1077141
3
reference_url https://lists.apache.org/thread/c4mcmpblgl8kkmyt56t23543gp8v56m0
reference_id c4mcmpblgl8kkmyt56t23543gp8v56m0
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-07-31T17:38:35Z/
url https://lists.apache.org/thread/c4mcmpblgl8kkmyt56t23543gp8v56m0
fixed_packages
0
url pkg:deb/debian/trafficserver@8.1.10%2Bds-1~deb11u1?distro=sid
purl pkg:deb/debian/trafficserver@8.1.10%2Bds-1~deb11u1?distro=sid
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-4738-xk8n-hbac
1
vulnerability VCID-4hs3-be7k-9qe7
2
vulnerability VCID-4uhe-mtbx-nfdu
3
vulnerability VCID-5e1r-3jec-tkhp
4
vulnerability VCID-c62p-6ghw-j3dv
5
vulnerability VCID-eay7-63um-43e9
6
vulnerability VCID-kjah-am9e-xkev
7
vulnerability VCID-tevw-8dcp-yfh6
8
vulnerability VCID-ww3t-p3pq-gkhy
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@8.1.10%252Bds-1~deb11u1%3Fdistro=sid
1
url pkg:deb/debian/trafficserver@8.1.11%2Bds-0%2Bdeb11u1?distro=sid
purl pkg:deb/debian/trafficserver@8.1.11%2Bds-0%2Bdeb11u1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@8.1.11%252Bds-0%252Bdeb11u1%3Fdistro=sid
2
url pkg:deb/debian/trafficserver@9.2.5%2Bds-0%2Bdeb12u1?distro=sid
purl pkg:deb/debian/trafficserver@9.2.5%2Bds-0%2Bdeb12u1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@9.2.5%252Bds-0%252Bdeb12u1%3Fdistro=sid
3
url pkg:deb/debian/trafficserver@9.2.5%2Bds-0%2Bdeb12u3?distro=sid
purl pkg:deb/debian/trafficserver@9.2.5%2Bds-0%2Bdeb12u3?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@9.2.5%252Bds-0%252Bdeb12u3%3Fdistro=sid
4
url pkg:deb/debian/trafficserver@9.2.5%2Bds-1?distro=sid
purl pkg:deb/debian/trafficserver@9.2.5%2Bds-1?distro=sid
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-4738-xk8n-hbac
1
vulnerability VCID-4hs3-be7k-9qe7
2
vulnerability VCID-4uhe-mtbx-nfdu
3
vulnerability VCID-5e1r-3jec-tkhp
4
vulnerability VCID-c62p-6ghw-j3dv
5
vulnerability VCID-eay7-63um-43e9
6
vulnerability VCID-jabw-thzt-63bb
7
vulnerability VCID-kjah-am9e-xkev
8
vulnerability VCID-rcdg-j23x-xfbn
9
vulnerability VCID-tevw-8dcp-yfh6
10
vulnerability VCID-ww3t-p3pq-gkhy
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@9.2.5%252Bds-1%3Fdistro=sid
aliases CVE-2024-35161
risk_score 4.1
exploitability 0.5
weighted_severity 8.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-jb1b-9gr2-suez
2
url VCID-rw58-bnwt-2bam
vulnerability_id VCID-rw58-bnwt-2bam
summary Apache Traffic Server accepts characters that are not allowed for HTTP field names and forwards malformed requests to origin servers. This can be utilized for request smuggling and may also lead cache poisoning if the origin servers are vulnerable. This issue affects Apache Traffic Server: from 8.0.0 through 8.1.10, from 9.0.0 through 9.2.4. Users are recommended to upgrade to version 8.1.11 or 9.2.5, which fixes the issue.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2023-38522
reference_id
reference_type
scores
0
value 0.00364
scoring_system epss
scoring_elements 0.585
published_at 2026-04-21T12:55:00Z
1
value 0.00364
scoring_system epss
scoring_elements 0.58521
published_at 2026-04-18T12:55:00Z
2
value 0.00364
scoring_system epss
scoring_elements 0.58458
published_at 2026-04-02T12:55:00Z
3
value 0.00364
scoring_system epss
scoring_elements 0.58477
published_at 2026-04-04T12:55:00Z
4
value 0.00364
scoring_system epss
scoring_elements 0.58448
published_at 2026-04-07T12:55:00Z
5
value 0.00364
scoring_system epss
scoring_elements 0.58501
published_at 2026-04-08T12:55:00Z
6
value 0.00364
scoring_system epss
scoring_elements 0.58507
published_at 2026-04-09T12:55:00Z
7
value 0.00364
scoring_system epss
scoring_elements 0.58524
published_at 2026-04-11T12:55:00Z
8
value 0.00364
scoring_system epss
scoring_elements 0.58504
published_at 2026-04-12T12:55:00Z
9
value 0.00364
scoring_system epss
scoring_elements 0.58485
published_at 2026-04-13T12:55:00Z
10
value 0.00364
scoring_system epss
scoring_elements 0.58517
published_at 2026-04-16T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2023-38522
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-38522
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-38522
2
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1077141
reference_id 1077141
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1077141
3
reference_url https://lists.apache.org/thread/c4mcmpblgl8kkmyt56t23543gp8v56m0
reference_id c4mcmpblgl8kkmyt56t23543gp8v56m0
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-07-26T13:37:29Z/
url https://lists.apache.org/thread/c4mcmpblgl8kkmyt56t23543gp8v56m0
fixed_packages
0
url pkg:deb/debian/trafficserver@8.1.10%2Bds-1~deb11u1?distro=sid
purl pkg:deb/debian/trafficserver@8.1.10%2Bds-1~deb11u1?distro=sid
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-4738-xk8n-hbac
1
vulnerability VCID-4hs3-be7k-9qe7
2
vulnerability VCID-4uhe-mtbx-nfdu
3
vulnerability VCID-5e1r-3jec-tkhp
4
vulnerability VCID-c62p-6ghw-j3dv
5
vulnerability VCID-eay7-63um-43e9
6
vulnerability VCID-kjah-am9e-xkev
7
vulnerability VCID-tevw-8dcp-yfh6
8
vulnerability VCID-ww3t-p3pq-gkhy
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@8.1.10%252Bds-1~deb11u1%3Fdistro=sid
1
url pkg:deb/debian/trafficserver@8.1.11%2Bds-0%2Bdeb11u1?distro=sid
purl pkg:deb/debian/trafficserver@8.1.11%2Bds-0%2Bdeb11u1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@8.1.11%252Bds-0%252Bdeb11u1%3Fdistro=sid
2
url pkg:deb/debian/trafficserver@9.2.5%2Bds-0%2Bdeb12u1?distro=sid
purl pkg:deb/debian/trafficserver@9.2.5%2Bds-0%2Bdeb12u1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@9.2.5%252Bds-0%252Bdeb12u1%3Fdistro=sid
3
url pkg:deb/debian/trafficserver@9.2.5%2Bds-0%2Bdeb12u3?distro=sid
purl pkg:deb/debian/trafficserver@9.2.5%2Bds-0%2Bdeb12u3?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@9.2.5%252Bds-0%252Bdeb12u3%3Fdistro=sid
4
url pkg:deb/debian/trafficserver@9.2.5%2Bds-1?distro=sid
purl pkg:deb/debian/trafficserver@9.2.5%2Bds-1?distro=sid
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-4738-xk8n-hbac
1
vulnerability VCID-4hs3-be7k-9qe7
2
vulnerability VCID-4uhe-mtbx-nfdu
3
vulnerability VCID-5e1r-3jec-tkhp
4
vulnerability VCID-c62p-6ghw-j3dv
5
vulnerability VCID-eay7-63um-43e9
6
vulnerability VCID-jabw-thzt-63bb
7
vulnerability VCID-kjah-am9e-xkev
8
vulnerability VCID-rcdg-j23x-xfbn
9
vulnerability VCID-tevw-8dcp-yfh6
10
vulnerability VCID-ww3t-p3pq-gkhy
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@9.2.5%252Bds-1%3Fdistro=sid
aliases CVE-2023-38522
risk_score 3.4
exploitability 0.5
weighted_severity 6.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-rw58-bnwt-2bam
Risk_scorenull
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@9.2.5%252Bds-0%252Bdeb12u1%3Fdistro=sid