Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:apk/alpine/dropbear@2025.89-r0?arch=armv7&distroversion=edge&reponame=main
Typeapk
Namespacealpine
Namedropbear
Version2025.89-r0
Qualifiers
arch armv7
distroversion edge
reponame main
Subpath
Is_vulnerablefalse
Next_non_vulnerable_versionnull
Latest_non_vulnerable_versionnull
Affected_by_vulnerabilities
Fixing_vulnerabilities
0
url VCID-enpx-ej3b-n3gh
vulnerability_id VCID-enpx-ej3b-n3gh
summary 
A flaw was found in Dropbear. When running in multi-user mode and authenticating users, the dropbear ssh server does the socket forwardings requested by the remote client as root,
only switching to the logged-in user upon spawning a shell or performing
some operations like reading the user's files.
With the recent ability of also using unix domain sockets as the forwarding destination any user able to log in via ssh can connect to any unix socket with the root's credentials, bypassing both file system restrictions and any SO_PEERCRED / SO_PASSCRED checks performed by the peer.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-14282
reference_id
reference_type
scores
0
value 0.00015
scoring_system epss
scoring_elements 0.03054
published_at 2026-04-18T12:55:00Z
1
value 0.00015
scoring_system epss
scoring_elements 0.03045
published_at 2026-04-16T12:55:00Z
2
value 0.00015
scoring_system epss
scoring_elements 0.0307
published_at 2026-04-13T12:55:00Z
3
value 0.00015
scoring_system epss
scoring_elements 0.03083
published_at 2026-04-12T12:55:00Z
4
value 0.00015
scoring_system epss
scoring_elements 0.03109
published_at 2026-04-11T12:55:00Z
5
value 0.00015
scoring_system epss
scoring_elements 0.0315
published_at 2026-04-09T12:55:00Z
6
value 0.00015
scoring_system epss
scoring_elements 0.03125
published_at 2026-04-08T12:55:00Z
7
value 0.00015
scoring_system epss
scoring_elements 0.03121
published_at 2026-04-07T12:55:00Z
8
value 0.00015
scoring_system epss
scoring_elements 0.0312
published_at 2026-04-04T12:55:00Z
9
value 0.00015
scoring_system epss
scoring_elements 0.03107
published_at 2026-04-02T12:55:00Z
10
value 0.00017
scoring_system epss
scoring_elements 0.04398
published_at 2026-04-21T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-14282
1
reference_url https://lists.ucc.gu.uwa.edu.au/pipermail/dropbear/2025q4/002390.html
reference_id 002390.html
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-02-13T16:20:24Z/
url https://lists.ucc.gu.uwa.edu.au/pipermail/dropbear/2025q4/002390.html
2
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1123069
reference_id 1123069
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1123069
3
reference_url https://github.com/mkj/dropbear/pull/391
reference_id 391
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-02-13T16:20:24Z/
url https://github.com/mkj/dropbear/pull/391
4
reference_url https://github.com/mkj/dropbear/pull/394
reference_id 394
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-02-13T16:20:24Z/
url https://github.com/mkj/dropbear/pull/394
5
reference_url https://access.redhat.com/security/cve/CVE-2025-14282
reference_id CVE-2025-14282
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-02-13T16:20:24Z/
url https://access.redhat.com/security/cve/CVE-2025-14282
6
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2420052
reference_id show_bug.cgi?id=2420052
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-02-13T16:20:24Z/
url https://bugzilla.redhat.com/show_bug.cgi?id=2420052
fixed_packages
0
url pkg:apk/alpine/dropbear@2025.89-r0?arch=armv7&distroversion=edge&reponame=main
purl pkg:apk/alpine/dropbear@2025.89-r0?arch=armv7&distroversion=edge&reponame=main
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/dropbear@2025.89-r0%3Farch=armv7&distroversion=edge&reponame=main
aliases CVE-2025-14282
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-enpx-ej3b-n3gh
1
url VCID-gzmm-8kvw-6qbv
vulnerability_id VCID-gzmm-8kvw-6qbv
summary 
Multiple vulnerabilities have been found in OpenSSH, the worst of
    which could allow a remote attacker to gain unauthorized access.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-6111.json
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-6111.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2019-6111
reference_id
reference_type
scores
0
value 0.54405
scoring_system epss
scoring_elements 0.98032
published_at 2026-04-18T12:55:00Z
1
value 0.54405
scoring_system epss
scoring_elements 0.98026
published_at 2026-04-13T12:55:00Z
2
value 0.54405
scoring_system epss
scoring_elements 0.98025
published_at 2026-04-12T12:55:00Z
3
value 0.54405
scoring_system epss
scoring_elements 0.98021
published_at 2026-04-09T12:55:00Z
4
value 0.54405
scoring_system epss
scoring_elements 0.9802
published_at 2026-04-08T12:55:00Z
5
value 0.54405
scoring_system epss
scoring_elements 0.98016
published_at 2026-04-07T12:55:00Z
6
value 0.54405
scoring_system epss
scoring_elements 0.98014
published_at 2026-04-04T12:55:00Z
7
value 0.54405
scoring_system epss
scoring_elements 0.98007
published_at 2026-04-01T12:55:00Z
8
value 0.54405
scoring_system epss
scoring_elements 0.98012
published_at 2026-04-02T12:55:00Z
9
value 0.5497
scoring_system epss
scoring_elements 0.98058
published_at 2026-04-21T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2019-6111
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20685
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20685
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-6109
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-6109
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-6111
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-6111
5
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 4.8
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:H/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
6
reference_url http://www.openwall.com/lists/oss-security/2019/04/18/1
reference_id 1
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-18T14:34:56Z/
url http://www.openwall.com/lists/oss-security/2019/04/18/1
7
reference_url http://www.openwall.com/lists/oss-security/2022/08/02/1
reference_id 1
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-18T14:34:56Z/
url http://www.openwall.com/lists/oss-security/2022/08/02/1
8
reference_url http://www.securityfocus.com/bid/106741
reference_id 106741
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-18T14:34:56Z/
url http://www.securityfocus.com/bid/106741
9
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1666127
reference_id 1666127
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1666127
10
reference_url https://www.exploit-db.com/exploits/46193/
reference_id 46193
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-18T14:34:56Z/
url https://www.exploit-db.com/exploits/46193/
11
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=923486
reference_id 923486
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=923486
12
reference_url https://security.archlinux.org/ASA-201904-11
reference_id ASA-201904-11
reference_type
scores
url https://security.archlinux.org/ASA-201904-11
13
reference_url https://security.archlinux.org/AVG-951
reference_id AVG-951
reference_type
scores
0
value High
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-951
14
reference_url https://lists.apache.org/thread.html/c45d9bc90700354b58fb7455962873c44229841880dcb64842fa7d23%40%3Cdev.mina.apache.org%3E
reference_id c45d9bc90700354b58fb7455962873c44229841880dcb64842fa7d23%40%3Cdev.mina.apache.org%3E
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-18T14:34:56Z/
url https://lists.apache.org/thread.html/c45d9bc90700354b58fb7455962873c44229841880dcb64842fa7d23%40%3Cdev.mina.apache.org%3E
15
reference_url https://lists.apache.org/thread.html/c7301cab36a86825359e1b725fc40304d1df56dc6d107c1fe885148b%40%3Cdev.mina.apache.org%3E
reference_id c7301cab36a86825359e1b725fc40304d1df56dc6d107c1fe885148b%40%3Cdev.mina.apache.org%3E
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-18T14:34:56Z/
url https://lists.apache.org/thread.html/c7301cab36a86825359e1b725fc40304d1df56dc6d107c1fe885148b%40%3Cdev.mina.apache.org%3E
16
reference_url https://lists.apache.org/thread.html/d540139359de999b0f1c87d05b715be4d7d4bec771e1ae55153c5c7a%40%3Cdev.mina.apache.org%3E
reference_id d540139359de999b0f1c87d05b715be4d7d4bec771e1ae55153c5c7a%40%3Cdev.mina.apache.org%3E
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-18T14:34:56Z/
url https://lists.apache.org/thread.html/d540139359de999b0f1c87d05b715be4d7d4bec771e1ae55153c5c7a%40%3Cdev.mina.apache.org%3E
17
reference_url https://www.debian.org/security/2019/dsa-4387
reference_id dsa-4387
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-18T14:34:56Z/
url https://www.debian.org/security/2019/dsa-4387
18
reference_url https://lists.apache.org/thread.html/e47597433b351d6e01a5d68d610b4ba195743def9730e49561e8cf3f%40%3Cdev.mina.apache.org%3E
reference_id e47597433b351d6e01a5d68d610b4ba195743def9730e49561e8cf3f%40%3Cdev.mina.apache.org%3E
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-18T14:34:56Z/
url https://lists.apache.org/thread.html/e47597433b351d6e01a5d68d610b4ba195743def9730e49561e8cf3f%40%3Cdev.mina.apache.org%3E
19
reference_url https://www.freebsd.org/security/advisories/FreeBSD-EN-19:10.scp.asc
reference_id FreeBSD-EN-19:10.scp.asc
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-18T14:34:56Z/
url https://www.freebsd.org/security/advisories/FreeBSD-EN-19:10.scp.asc
20
reference_url https://security.gentoo.org/glsa/201903-16
reference_id GLSA-201903-16
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-18T14:34:56Z/
url https://security.gentoo.org/glsa/201903-16
21
reference_url https://lists.debian.org/debian-lts-announce/2019/03/msg00030.html
reference_id msg00030.html
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-18T14:34:56Z/
url https://lists.debian.org/debian-lts-announce/2019/03/msg00030.html
22
reference_url http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00058.html
reference_id msg00058.html
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-18T14:34:56Z/
url http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00058.html
23
reference_url https://security.netapp.com/advisory/ntap-20190213-0001/
reference_id ntap-20190213-0001
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-18T14:34:56Z/
url https://security.netapp.com/advisory/ntap-20190213-0001/
24
reference_url https://access.redhat.com/errata/RHSA-2019:3702
reference_id RHSA-2019:3702
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-18T14:34:56Z/
url https://access.redhat.com/errata/RHSA-2019:3702
25
reference_url https://cvsweb.openbsd.org/src/usr.bin/ssh/scp.c
reference_id scp.c
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-18T14:34:56Z/
url https://cvsweb.openbsd.org/src/usr.bin/ssh/scp.c
26
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1677794
reference_id show_bug.cgi?id=1677794
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-18T14:34:56Z/
url https://bugzilla.redhat.com/show_bug.cgi?id=1677794
27
reference_url https://usn.ubuntu.com/3885-1/
reference_id USN-3885-1
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-18T14:34:56Z/
url https://usn.ubuntu.com/3885-1/
28
reference_url https://usn.ubuntu.com/3885-2/
reference_id USN-3885-2
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-18T14:34:56Z/
url https://usn.ubuntu.com/3885-2/
29
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/W3YVQ2BPTOVDCFDVNC2GGF5P5ISFG37G/
reference_id W3YVQ2BPTOVDCFDVNC2GGF5P5ISFG37G
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-18T14:34:56Z/
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/W3YVQ2BPTOVDCFDVNC2GGF5P5ISFG37G/
fixed_packages
0
url pkg:apk/alpine/dropbear@2025.89-r0?arch=armv7&distroversion=edge&reponame=main
purl pkg:apk/alpine/dropbear@2025.89-r0?arch=armv7&distroversion=edge&reponame=main
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/dropbear@2025.89-r0%3Farch=armv7&distroversion=edge&reponame=main
aliases CVE-2019-6111
risk_score 10.0
exploitability 2.0
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-gzmm-8kvw-6qbv
Risk_scorenull
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:apk/alpine/dropbear@2025.89-r0%3Farch=armv7&distroversion=edge&reponame=main