Django REST framework

Lookup for vulnerable packages by Package URL.

Purl pkg:rpm/redhat/haproxy@2.4.7-2.el9_0?arch=2

Type rpm

Namespace redhat

Name haproxy

Version 2.4.7-2.el9_0

Qualifiers

arch	2

Subpath

Is_vulnerable true

Next_non_vulnerable_version null

Latest_non_vulnerable_version null

Affected_by_vulnerabilities

url

VCID-bb8w-k2e1-xbht

vulnerability_id

VCID-bb8w-k2e1-xbht

summary

haproxy: request smuggling attack in HTTP/1 header parsing

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-25725.json

reference_id

reference_type

scores

value	8.2
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-25725.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2023-25725

reference_id

reference_type

scores

value	0.20036
scoring_system	epss
scoring_elements	0.95486
published_at	2026-04-18T12:55:00Z

value	0.29937
scoring_system	epss
scoring_elements	0.96629
published_at	2026-04-04T12:55:00Z

value	0.29937
scoring_system	epss
scoring_elements	0.96623
published_at	2026-04-02T12:55:00Z

value	0.29937
scoring_system	epss
scoring_elements	0.96654
published_at	2026-04-16T12:55:00Z

value	0.29937
scoring_system	epss
scoring_elements	0.96647
published_at	2026-04-13T12:55:00Z

value	0.29937
scoring_system	epss
scoring_elements	0.96645
published_at	2026-04-12T12:55:00Z

value	0.29937
scoring_system	epss
scoring_elements	0.96644
published_at	2026-04-11T12:55:00Z

value	0.29937
scoring_system	epss
scoring_elements	0.96642
published_at	2026-04-09T12:55:00Z

value	0.29937
scoring_system	epss
scoring_elements	0.9664
published_at	2026-04-08T12:55:00Z

value	0.29937
scoring_system	epss
scoring_elements	0.96632
published_at	2026-04-07T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2023-25725

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0056
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0056

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25725
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25725

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	9.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:H/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2169089
reference_id	2169089
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2169089

reference_url

https://www.debian.org/security/2023/dsa-5348

reference_id

dsa-5348

reference_type

scores

value	9.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-03-20T19:12:55Z/

url

https://www.debian.org/security/2023/dsa-5348

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FPTJQHKUEU2PQ7RWFUYAFLAD4STEIKHU/

reference_id

FPTJQHKUEU2PQ7RWFUYAFLAD4STEIKHU

reference_type

scores

value	9.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-03-20T19:12:55Z/

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FPTJQHKUEU2PQ7RWFUYAFLAD4STEIKHU/

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JM5NCIBTHYDTLPY2UNC4HO2VAHHE6CJG/

reference_id

JM5NCIBTHYDTLPY2UNC4HO2VAHHE6CJG

reference_type

scores

value	9.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-03-20T19:12:55Z/

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JM5NCIBTHYDTLPY2UNC4HO2VAHHE6CJG/

reference_url

https://lists.debian.org/debian-lts-announce/2023/02/msg00012.html

reference_id

msg00012.html

reference_type

scores

value	9.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-03-20T19:12:55Z/

url

https://lists.debian.org/debian-lts-announce/2023/02/msg00012.html

reference_url

https://git.haproxy.org/?p=haproxy-2.7.git%3Ba=commit%3Bh=a0e561ad7f29ed50c473f5a9da664267b60d1112

reference_id

?p=haproxy-2.7.git%3Ba=commit%3Bh=a0e561ad7f29ed50c473f5a9da664267b60d1112

reference_type

scores

value	9.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-03-20T19:12:55Z/

url

https://git.haproxy.org/?p=haproxy-2.7.git%3Ba=commit%3Bh=a0e561ad7f29ed50c473f5a9da664267b60d1112

reference_url	https://access.redhat.com/errata/RHSA-2023:1268
reference_id	RHSA-2023:1268
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:1268

reference_url	https://access.redhat.com/errata/RHSA-2023:1325
reference_id	RHSA-2023:1325
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:1325

reference_url	https://access.redhat.com/errata/RHSA-2023:1655
reference_id	RHSA-2023:1655
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:1655

reference_url	https://access.redhat.com/errata/RHSA-2023:1696
reference_id	RHSA-2023:1696
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:1696

reference_url	https://access.redhat.com/errata/RHSA-2023:1978
reference_id	RHSA-2023:1978
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:1978

reference_url	https://access.redhat.com/errata/RHSA-2024:0746
reference_id	RHSA-2024:0746
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0746

reference_url	https://usn.ubuntu.com/5869-1/
reference_id	USN-5869-1
reference_type
scores
url	https://usn.ubuntu.com/5869-1/

reference_url	https://usn.ubuntu.com/7135-1/
reference_id	USN-7135-1
reference_type
scores
url	https://usn.ubuntu.com/7135-1/

reference_url

https://www.haproxy.org/

reference_id

www.haproxy.org

reference_type

scores

value	9.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-03-20T19:12:55Z/

url

https://www.haproxy.org/

fixed_packages

aliases

CVE-2023-25725

risk_score

4.1

exploitability

0.5

weighted_severity

8.2

resource_url

http://public2.vulnerablecode.io/vulnerabilities/VCID-bb8w-k2e1-xbht

url

VCID-w1we-d8uq-s3hh

vulnerability_id

VCID-w1we-d8uq-s3hh

summary

haproxy: segfault DoS

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-0056.json

reference_id

reference_type

scores

value	4.3
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-0056.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2023-0056

reference_id

reference_type

scores

value	0.00166
scoring_system	epss
scoring_elements	0.37615
published_at	2026-04-07T12:55:00Z

value	0.00166
scoring_system	epss
scoring_elements	0.37711
published_at	2026-04-02T12:55:00Z

value	0.00166
scoring_system	epss
scoring_elements	0.37736
published_at	2026-04-04T12:55:00Z

value	0.00166
scoring_system	epss
scoring_elements	0.37666
published_at	2026-04-08T12:55:00Z

value	0.00166
scoring_system	epss
scoring_elements	0.3768
published_at	2026-04-09T12:55:00Z

value	0.00192
scoring_system	epss
scoring_elements	0.41226
published_at	2026-04-16T12:55:00Z

value	0.00192
scoring_system	epss
scoring_elements	0.41229
published_at	2026-04-11T12:55:00Z

value	0.00192
scoring_system	epss
scoring_elements	0.41197
published_at	2026-04-18T12:55:00Z

value	0.00192
scoring_system	epss
scoring_elements	0.41183
published_at	2026-04-13T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2023-0056

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0056
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0056

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25725
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25725

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2160808
reference_id	2160808
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2160808

reference_url

https://access.redhat.com/security/cve/CVE-2023-0056

reference_id

CVE-2023-0056

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-25T19:35:23Z/

url

https://access.redhat.com/security/cve/CVE-2023-0056

reference_url	https://access.redhat.com/errata/RHSA-2023:0727
reference_id	RHSA-2023:0727
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:0727

reference_url	https://access.redhat.com/errata/RHSA-2023:1325
reference_id	RHSA-2023:1325
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:1325

reference_url	https://access.redhat.com/errata/RHSA-2023:1696
reference_id	RHSA-2023:1696
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:1696

reference_url	https://access.redhat.com/errata/RHSA-2023:1978
reference_id	RHSA-2023:1978
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:1978

reference_url	https://access.redhat.com/errata/RHSA-2024:0746
reference_id	RHSA-2024:0746
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0746

reference_url	https://usn.ubuntu.com/5819-1/
reference_id	USN-5819-1
reference_type
scores
url	https://usn.ubuntu.com/5819-1/

fixed_packages

aliases

CVE-2023-0056

risk_score

3.0

exploitability

0.5

weighted_severity

5.9

resource_url

http://public2.vulnerablecode.io/vulnerabilities/VCID-w1we-d8uq-s3hh

Fixing_vulnerabilities

Risk_score 4.1

Resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/haproxy@2.4.7-2.el9_0%3Farch=2

Package Instance