Django REST framework

Vulnerability Instance

Lookup for vulnerabilities affecting packages.

Vulnerability_idVCID-m3yn-396v-mfa5
Summaryopenjpeg: DoS via memory exhaustion in opj_decompress
Aliases
0
alias CVE-2019-6988
Fixed_packages
0
url pkg:alpm/archlinux/openjpeg2@2.5.0-1
purl pkg:alpm/archlinux/openjpeg2@2.5.0-1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/openjpeg2@2.5.0-1
Affected_packages
0
url pkg:alpm/archlinux/openjpeg2@2.4.0-1
purl pkg:alpm/archlinux/openjpeg2@2.4.0-1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1z5a-aa47-dyft
1
vulnerability VCID-2mnk-qxt4-97ga
2
vulnerability VCID-m3yn-396v-mfa5
3
vulnerability VCID-pzv2-p44c-8qg4
resource_url http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/openjpeg2@2.4.0-1
References
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-6988.json
reference_id
reference_type
scores
0
value 3.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-6988.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2019-6988
reference_id
reference_type
scores
0
value 0.00327
scoring_system epss
scoring_elements 0.55553
published_at 2026-04-01T12:55:00Z
1
value 0.00327
scoring_system epss
scoring_elements 0.55735
published_at 2026-04-18T12:55:00Z
2
value 0.00327
scoring_system epss
scoring_elements 0.55709
published_at 2026-04-12T12:55:00Z
3
value 0.00327
scoring_system epss
scoring_elements 0.55692
published_at 2026-04-13T12:55:00Z
4
value 0.00327
scoring_system epss
scoring_elements 0.55731
published_at 2026-04-16T12:55:00Z
5
value 0.00327
scoring_system epss
scoring_elements 0.55664
published_at 2026-04-02T12:55:00Z
6
value 0.00327
scoring_system epss
scoring_elements 0.55687
published_at 2026-04-04T12:55:00Z
7
value 0.00327
scoring_system epss
scoring_elements 0.55665
published_at 2026-04-07T12:55:00Z
8
value 0.00327
scoring_system epss
scoring_elements 0.55717
published_at 2026-04-08T12:55:00Z
9
value 0.00327
scoring_system epss
scoring_elements 0.5572
published_at 2026-04-09T12:55:00Z
10
value 0.00327
scoring_system epss
scoring_elements 0.55729
published_at 2026-04-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2019-6988
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-6988
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-6988
3
reference_url https://github.com/uclouvain/openjpeg/issues/1178
reference_id
reference_type
scores
url https://github.com/uclouvain/openjpeg/issues/1178
4
reference_url http://www.securityfocus.com/bid/106785
reference_id
reference_type
scores
url http://www.securityfocus.com/bid/106785
5
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1670982
reference_id 1670982
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1670982
6
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=922648
reference_id 922648
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=922648
7
reference_url https://security.archlinux.org/AVG-1390
reference_id AVG-1390
reference_type
scores
0
value Medium
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-1390
8
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:uclouvain:openjpeg:2.3.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:uclouvain:openjpeg:2.3.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:uclouvain:openjpeg:2.3.0:*:*:*:*:*:*:*
9
reference_url https://nvd.nist.gov/vuln/detail/CVE-2019-6988
reference_id CVE-2019-6988
reference_type
scores
0
value 4.3
scoring_system cvssv2
scoring_elements AV:N/AC:M/Au:N/C:N/I:N/A:P
1
value 6.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
url https://nvd.nist.gov/vuln/detail/CVE-2019-6988
Weaknesses
0
cwe_id 770
name Allocation of Resources Without Limits or Throttling
description The product allocates a reusable resource or group of resources on behalf of an actor without imposing any restrictions on the size or number of resources that can be allocated, in violation of the intended security policy for that actor.
Exploits
Severity_range_score3.5 - 6.9
Exploitability0.5
Weighted_severity6.2
Risk_score3.1
Resource_urlhttp://public2.vulnerablecode.io/vulnerabilities/VCID-m3yn-396v-mfa5