Django REST framework

Lookup for vulnerable packages by Package URL.

Purl pkg:apk/alpine/pdns@4.0.5-r0?arch=s390x&distroversion=v3.23&reponame=community

Type apk

Namespace alpine

Name pdns

Version 4.0.5-r0

Qualifiers

arch	s390x
distroversion	v3.23
reponame	community

Subpath

Is_vulnerable false

Next_non_vulnerable_version 4.1.5-r0

Latest_non_vulnerable_version 5.0.4-r0

Affected_by_vulnerabilities

Fixing_vulnerabilities

url VCID-keaf-6ca3-vkbc

vulnerability_id VCID-keaf-6ca3-vkbc

summary An issue has been found in the API component of PowerDNS Authoritative 4.x up to and including 4.0.4 and 3.x up to and including 3.4.11, where some operations that have an impact on the state of the server are still allowed even though the API has been configured as read-only via the api-readonly keyword. This missing check allows an attacker with valid API credentials to flush the cache, trigger a zone transfer or send a NOTIFY.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2017-15091

reference_id

reference_type

scores

value	3e-05
scoring_system	epss
scoring_elements	0.00069
published_at	2026-04-18T12:55:00Z

value	3e-05
scoring_system	epss
scoring_elements	0.00071
published_at	2026-04-29T12:55:00Z

value	3e-05
scoring_system	epss
scoring_elements	0.00072
published_at	2026-04-21T12:55:00Z

value	3e-05
scoring_system	epss
scoring_elements	0.0007
published_at	2026-04-04T12:55:00Z

value	3e-05
scoring_system	epss
scoring_elements	0.00068
published_at	2026-04-16T12:55:00Z

value	3e-05
scoring_system	epss
scoring_elements	0.00073
published_at	2026-04-26T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2017-15091

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15091
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15091

reference_url	https://security.archlinux.org/ASA-201711-30
reference_id	ASA-201711-30
reference_type
scores
url	https://security.archlinux.org/ASA-201711-30

reference_url

https://security.archlinux.org/AVG-519

reference_id

AVG-519

reference_type

scores

value	Low
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-519

fixed_packages

url	pkg:apk/alpine/pdns@4.0.5-r0?arch=s390x&distroversion=v3.23&reponame=community
purl	pkg:apk/alpine/pdns@4.0.5-r0?arch=s390x&distroversion=v3.23&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/pdns@4.0.5-r0%3Farch=s390x&distroversion=v3.23&reponame=community

aliases CVE-2017-15091

risk_score 1.4

exploitability 0.5

weighted_severity 2.7

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-keaf-6ca3-vkbc

Risk_score null

Resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/pdns@4.0.5-r0%3Farch=s390x&distroversion=v3.23&reponame=community

Package Instance