Django REST framework

Lookup for vulnerable packages by Package URL.

Purl pkg:apk/alpine/freetype@2.12.1-r0?arch=armhf&distroversion=v3.16&reponame=main

Type apk

Namespace alpine

Name freetype

Version 2.12.1-r0

Qualifiers

arch	armhf
distroversion	v3.16
reponame	main

Subpath

Is_vulnerable false

Next_non_vulnerable_version null

Latest_non_vulnerable_version null

Affected_by_vulnerabilities

Fixing_vulnerabilities

url VCID-1w63-ynmk-eya3

vulnerability_id VCID-1w63-ynmk-eya3

summary FreeType commit 53dfdcd8198d2b3201a23c4bad9190519ba918db was discovered to contain a segmentation violation via the function FNT_Size_Request.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-27405.json

reference_id

reference_type

scores

value	7.1
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-27405.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2022-27405

reference_id

reference_type

scores

value	0.00092
scoring_system	epss
scoring_elements	0.25797
published_at	2026-06-04T12:55:00Z

value	0.00092
scoring_system	epss
scoring_elements	0.25899
published_at	2026-06-05T12:55:00Z

value	0.00092
scoring_system	epss
scoring_elements	0.25891
published_at	2026-06-06T12:55:00Z

value	0.00092
scoring_system	epss
scoring_elements	0.25846
published_at	2026-06-07T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2022-27405

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27405
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27405

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	5.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1010183
reference_id	1010183
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1010183

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2077991
reference_id	2077991
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2077991

reference_url	https://security.gentoo.org/glsa/202402-06
reference_id	GLSA-202402-06
reference_type
scores
url	https://security.gentoo.org/glsa/202402-06

reference_url	https://access.redhat.com/errata/RHSA-2022:7745
reference_id	RHSA-2022:7745
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:7745

reference_url	https://access.redhat.com/errata/RHSA-2022:8340
reference_id	RHSA-2022:8340
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:8340

reference_url	https://access.redhat.com/errata/RHSA-2024:0420
reference_id	RHSA-2024:0420
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0420

reference_url	https://usn.ubuntu.com/5528-1/
reference_id	USN-5528-1
reference_type
scores
url	https://usn.ubuntu.com/5528-1/

fixed_packages

url	pkg:apk/alpine/freetype@2.12.1-r0?arch=armhf&distroversion=v3.16&reponame=main
purl	pkg:apk/alpine/freetype@2.12.1-r0?arch=armhf&distroversion=v3.16&reponame=main
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/freetype@2.12.1-r0%3Farch=armhf&distroversion=v3.16&reponame=main

aliases CVE-2022-27405

risk_score 3.2

exploitability 0.5

weighted_severity 6.4

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-1w63-ynmk-eya3

url VCID-4yvt-rk2z-2bb9

vulnerability_id VCID-4yvt-rk2z-2bb9

summary FreeType commit 1e2eb65048f75c64b68708efed6ce904c31f3b2f was discovered to contain a heap buffer overflow via the function sfnt_init_face.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-27404.json

reference_id

reference_type

scores

value	7.6
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-27404.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2022-27404

reference_id

reference_type

scores

value	0.00124
scoring_system	epss
scoring_elements	0.31066
published_at	2026-06-04T12:55:00Z

value	0.00124
scoring_system	epss
scoring_elements	0.31131
published_at	2026-06-05T12:55:00Z

value	0.00124
scoring_system	epss
scoring_elements	0.31098
published_at	2026-06-06T12:55:00Z

value	0.00124
scoring_system	epss
scoring_elements	0.31063
published_at	2026-06-07T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2022-27404

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27404
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27404

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	6.6
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1010183
reference_id	1010183
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1010183

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2077989
reference_id	2077989
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2077989

reference_url	https://security.gentoo.org/glsa/202402-06
reference_id	GLSA-202402-06
reference_type
scores
url	https://security.gentoo.org/glsa/202402-06

reference_url	https://access.redhat.com/errata/RHSA-2022:7745
reference_id	RHSA-2022:7745
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:7745

reference_url	https://access.redhat.com/errata/RHSA-2022:8340
reference_id	RHSA-2022:8340
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:8340

reference_url	https://access.redhat.com/errata/RHSA-2024:0420
reference_id	RHSA-2024:0420
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0420

reference_url	https://usn.ubuntu.com/5528-1/
reference_id	USN-5528-1
reference_type
scores
url	https://usn.ubuntu.com/5528-1/

fixed_packages

url	pkg:apk/alpine/freetype@2.12.1-r0?arch=armhf&distroversion=v3.16&reponame=main
purl	pkg:apk/alpine/freetype@2.12.1-r0?arch=armhf&distroversion=v3.16&reponame=main
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/freetype@2.12.1-r0%3Farch=armhf&distroversion=v3.16&reponame=main

aliases CVE-2022-27404

risk_score 3.4

exploitability 0.5

weighted_severity 6.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-4yvt-rk2z-2bb9

url VCID-c5e7-yx9x-hygd

vulnerability_id VCID-c5e7-yx9x-hygd

summary FreeType commit 22a0cccb4d9d002f33c1ba7a4b36812c7d4f46b5 was discovered to contain a segmentation violation via the function FT_Request_Size.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-27406.json

reference_id

reference_type

scores

value	7.1
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-27406.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2022-27406

reference_id

reference_type

scores

value	0.00152
scoring_system	epss
scoring_elements	0.35529
published_at	2026-06-04T12:55:00Z

value	0.00152
scoring_system	epss
scoring_elements	0.35624
published_at	2026-06-05T12:55:00Z

value	0.00152
scoring_system	epss
scoring_elements	0.35636
published_at	2026-06-06T12:55:00Z

value	0.00152
scoring_system	epss
scoring_elements	0.35599
published_at	2026-06-07T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2022-27406

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27406
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27406

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	5.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1010183
reference_id	1010183
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1010183

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2077985
reference_id	2077985
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2077985

reference_url	https://security.gentoo.org/glsa/202402-06
reference_id	GLSA-202402-06
reference_type
scores
url	https://security.gentoo.org/glsa/202402-06

reference_url	https://access.redhat.com/errata/RHSA-2022:7745
reference_id	RHSA-2022:7745
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:7745

reference_url	https://access.redhat.com/errata/RHSA-2022:8340
reference_id	RHSA-2022:8340
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:8340

reference_url	https://access.redhat.com/errata/RHSA-2024:0420
reference_id	RHSA-2024:0420
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0420

reference_url	https://usn.ubuntu.com/5453-1/
reference_id	USN-5453-1
reference_type
scores
url	https://usn.ubuntu.com/5453-1/

reference_url	https://usn.ubuntu.com/5528-1/
reference_id	USN-5528-1
reference_type
scores
url	https://usn.ubuntu.com/5528-1/

reference_url	https://usn.ubuntu.com/7352-2/
reference_id	USN-7352-2
reference_type
scores
url	https://usn.ubuntu.com/7352-2/

fixed_packages

url	pkg:apk/alpine/freetype@2.12.1-r0?arch=armhf&distroversion=v3.16&reponame=main
purl	pkg:apk/alpine/freetype@2.12.1-r0?arch=armhf&distroversion=v3.16&reponame=main
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/freetype@2.12.1-r0%3Farch=armhf&distroversion=v3.16&reponame=main

aliases CVE-2022-27406

risk_score 3.2

exploitability 0.5

weighted_severity 6.4

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-c5e7-yx9x-hygd

Risk_score null

Resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/freetype@2.12.1-r0%3Farch=armhf&distroversion=v3.16&reponame=main

Package Instance