Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:rpm/redhat/tfm-rubygem-passenger@4.0.18-23?arch=el7sat
Typerpm
Namespaceredhat
Nametfm-rubygem-passenger
Version4.0.18-23
Qualifiers
arch el7sat
Subpath
Is_vulnerabletrue
Next_non_vulnerable_versionnull
Latest_non_vulnerable_versionnull
Affected_by_vulnerabilities
0
url VCID-3ycr-9smk-uqdc
vulnerability_id VCID-3ycr-9smk-uqdc
summary 
Potential Denial of Service Vulnerability
Carefully crafted requests can cause a `SystemStackError` and potentially cause a denial of service attack.
references
0
reference_url http://lists.fedoraproject.org/pipermail/package-announce/2015-August/164173.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://lists.fedoraproject.org/pipermail/package-announce/2015-August/164173.html
1
reference_url http://lists.fedoraproject.org/pipermail/package-announce/2015-August/165180.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://lists.fedoraproject.org/pipermail/package-announce/2015-August/165180.html
2
reference_url http://lists.opensuse.org/opensuse-updates/2015-07/msg00040.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://lists.opensuse.org/opensuse-updates/2015-07/msg00040.html
3
reference_url http://lists.opensuse.org/opensuse-updates/2015-07/msg00043.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://lists.opensuse.org/opensuse-updates/2015-07/msg00043.html
4
reference_url http://lists.opensuse.org/opensuse-updates/2015-07/msg00044.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://lists.opensuse.org/opensuse-updates/2015-07/msg00044.html
5
reference_url http://openwall.com/lists/oss-security/2015/06/16/14
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://openwall.com/lists/oss-security/2015/06/16/14
6
reference_url http://rhn.redhat.com/errata/RHSA-2015-2290.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2015-2290.html
7
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-3225.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-3225.json
8
reference_url https://api.first.org/data/v1/epss?cve=CVE-2015-3225
reference_id
reference_type
scores
0
value 0.10456
scoring_system epss
scoring_elements 0.93234
published_at 2026-04-13T12:55:00Z
1
value 0.10456
scoring_system epss
scoring_elements 0.93216
published_at 2026-04-02T12:55:00Z
2
value 0.10456
scoring_system epss
scoring_elements 0.9322
published_at 2026-04-04T12:55:00Z
3
value 0.10456
scoring_system epss
scoring_elements 0.93218
published_at 2026-04-07T12:55:00Z
4
value 0.10456
scoring_system epss
scoring_elements 0.93227
published_at 2026-04-08T12:55:00Z
5
value 0.10456
scoring_system epss
scoring_elements 0.93231
published_at 2026-04-09T12:55:00Z
6
value 0.10456
scoring_system epss
scoring_elements 0.93235
published_at 2026-04-11T12:55:00Z
7
value 0.10456
scoring_system epss
scoring_elements 0.93232
published_at 2026-04-12T12:55:00Z
8
value 0.10456
scoring_system epss
scoring_elements 0.93207
published_at 2026-04-01T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2015-3225
9
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3225
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3225
10
reference_url https://github.com/rack/rack
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/rack/rack
11
reference_url https://github.com/rack/rack/blob/master/HISTORY.md
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/rack/rack/blob/master/HISTORY.md
12
reference_url https://github.com/rack/rack/commits/1.4.6
reference_id
reference_type
scores
url https://github.com/rack/rack/commits/1.4.6
13
reference_url https://github.com/rubysec/ruby-advisory-db/blob/master/gems/rack/CVE-2015-3225.yml
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/rubysec/ruby-advisory-db/blob/master/gems/rack/CVE-2015-3225.yml
14
reference_url https://groups.google.com/forum/#!topic/ruby-security-ann/gcUbICUmKMc
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://groups.google.com/forum/#!topic/ruby-security-ann/gcUbICUmKMc
15
reference_url https://nvd.nist.gov/vuln/detail/CVE-2015-3225
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2015-3225
16
reference_url http://www.debian.org/security/2015/dsa-3322
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.debian.org/security/2015/dsa-3322
17
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1232292
reference_id 1232292
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1232292
18
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=789311
reference_id 789311
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=789311
19
reference_url https://github.com/advisories/GHSA-rgr4-9jh5-j4j6
reference_id GHSA-rgr4-9jh5-j4j6
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-rgr4-9jh5-j4j6
20
reference_url https://access.redhat.com/errata/RHSA-2015:2290
reference_id RHSA-2015:2290
reference_type
scores
url https://access.redhat.com/errata/RHSA-2015:2290
fixed_packages
aliases CVE-2015-3225, GHSA-rgr4-9jh5-j4j6
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-3ycr-9smk-uqdc
1
url VCID-6xkf-evrx-pyau
vulnerability_id VCID-6xkf-evrx-pyau
summary 
Exposure of Sensitive Information to an Unauthorized Actor
The (1) proton.reactor.Connector, (2) proton.reactor.Container, and (3) proton.utils.BlockingConnection classes in Apache Qpid Proton before 0.12.1 improperly use an unencrypted connection for an amqps URI scheme when SSL support is unavailable, which might allow man-in-the-middle attackers to obtain sensitive information or modify data via unspecified vectors.
references
0
reference_url http://lists.fedoraproject.org/pipermail/package-announce/2016-April/182414.html
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://lists.fedoraproject.org/pipermail/package-announce/2016-April/182414.html
1
reference_url http://packetstormsecurity.com/files/136403/Apache-Qpid-Proton-0.12.0-SSL-Failure.html
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://packetstormsecurity.com/files/136403/Apache-Qpid-Proton-0.12.0-SSL-Failure.html
2
reference_url http://qpid.apache.org/releases/qpid-proton-0.12.1/release-notes.html
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://qpid.apache.org/releases/qpid-proton-0.12.1/release-notes.html
3
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2166.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2166.json
4
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-2166
reference_id
reference_type
scores
0
value 0.00271
scoring_system epss
scoring_elements 0.50599
published_at 2026-04-13T12:55:00Z
1
value 0.00271
scoring_system epss
scoring_elements 0.50504
published_at 2026-04-01T12:55:00Z
2
value 0.00271
scoring_system epss
scoring_elements 0.5056
published_at 2026-04-02T12:55:00Z
3
value 0.00271
scoring_system epss
scoring_elements 0.50588
published_at 2026-04-04T12:55:00Z
4
value 0.00271
scoring_system epss
scoring_elements 0.50541
published_at 2026-04-07T12:55:00Z
5
value 0.00271
scoring_system epss
scoring_elements 0.50596
published_at 2026-04-08T12:55:00Z
6
value 0.00271
scoring_system epss
scoring_elements 0.50593
published_at 2026-04-09T12:55:00Z
7
value 0.00271
scoring_system epss
scoring_elements 0.50635
published_at 2026-04-11T12:55:00Z
8
value 0.00271
scoring_system epss
scoring_elements 0.50613
published_at 2026-04-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-2166
5
reference_url https://git-wip-us.apache.org/repos/asf?p=qpid-proton.git%3Bh=a058585
reference_id
reference_type
scores
url https://git-wip-us.apache.org/repos/asf?p=qpid-proton.git%3Bh=a058585
6
reference_url https://git-wip-us.apache.org/repos/asf?p=qpid-proton.git;h=a058585
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://git-wip-us.apache.org/repos/asf?p=qpid-proton.git;h=a058585
7
reference_url https://issues.apache.org/jira/browse/PROTON-1157
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://issues.apache.org/jira/browse/PROTON-1157
8
reference_url https://lists.apache.org/thread.html/914424e4d798a340f523b6169aaf39b626971d9bb00fcdeb1d5d6c0d@%3Ccommits.qpid.apache.org%3E
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/914424e4d798a340f523b6169aaf39b626971d9bb00fcdeb1d5d6c0d@%3Ccommits.qpid.apache.org%3E
9
reference_url https://lists.apache.org/thread.html/914424e4d798a340f523b6169aaf39b626971d9bb00fcdeb1d5d6c0d%40%3Ccommits.qpid.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/914424e4d798a340f523b6169aaf39b626971d9bb00fcdeb1d5d6c0d%40%3Ccommits.qpid.apache.org%3E
10
reference_url http://www.securityfocus.com/archive/1/537864/100/0/threaded
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.securityfocus.com/archive/1/537864/100/0/threaded
11
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1320842
reference_id 1320842
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1320842
12
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:qpid_proton:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:qpid_proton:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:qpid_proton:*:*:*:*:*:*:*:*
13
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:23:*:*:*:*:*:*:*
reference_id cpe:2.3:o:fedoraproject:fedora:23:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:23:*:*:*:*:*:*:*
14
reference_url https://nvd.nist.gov/vuln/detail/CVE-2016-2166
reference_id CVE-2016-2166
reference_type
scores
0
value 5.8
scoring_system cvssv2
scoring_elements AV:N/AC:M/Au:N/C:P/I:P/A:N
1
value 6.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:H/A:N
2
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:H/A:N
3
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2016-2166
15
reference_url https://github.com/advisories/GHSA-f5cf-f7px-xpmh
reference_id GHSA-f5cf-f7px-xpmh
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:H/A:N
1
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/advisories/GHSA-f5cf-f7px-xpmh
fixed_packages
aliases CVE-2016-2166, GHSA-f5cf-f7px-xpmh
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-6xkf-evrx-pyau
2
url VCID-va8w-uzhc-x3bz
vulnerability_id VCID-va8w-uzhc-x3bz
summary security update
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-6668.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-6668.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2013-6668
reference_id
reference_type
scores
0
value 0.1282
scoring_system epss
scoring_elements 0.93988
published_at 2026-04-01T12:55:00Z
1
value 0.1282
scoring_system epss
scoring_elements 0.93998
published_at 2026-04-02T12:55:00Z
2
value 0.1282
scoring_system epss
scoring_elements 0.94006
published_at 2026-04-04T12:55:00Z
3
value 0.1282
scoring_system epss
scoring_elements 0.94009
published_at 2026-04-07T12:55:00Z
4
value 0.1282
scoring_system epss
scoring_elements 0.94018
published_at 2026-04-08T12:55:00Z
5
value 0.1282
scoring_system epss
scoring_elements 0.94022
published_at 2026-04-09T12:55:00Z
6
value 0.1282
scoring_system epss
scoring_elements 0.94027
published_at 2026-04-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2013-6668
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6653
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6653
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6654
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6654
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6655
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6655
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6656
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6656
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6657
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6657
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6658
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6658
8
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6659
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6659
9
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6660
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6660
10
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6661
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6661
11
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6663
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6663
12
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6664
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6664
13
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6665
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6665
14
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6666
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6666
15
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6667
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6667
16
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6668
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6668
17
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1700
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1700
18
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1701
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1701
19
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1702
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1702
20
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1703
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1703
21
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1704
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1704
22
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1705
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1705
23
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1713
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1713
24
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1715
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1715
25
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1074737
reference_id 1074737
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1074737
26
reference_url https://security.gentoo.org/glsa/201403-01
reference_id GLSA-201403-01
reference_type
scores
url https://security.gentoo.org/glsa/201403-01
27
reference_url https://access.redhat.com/errata/RHSA-2014:1744
reference_id RHSA-2014:1744
reference_type
scores
url https://access.redhat.com/errata/RHSA-2014:1744
fixed_packages
aliases CVE-2013-6668
risk_score 0.1
exploitability 0.5
weighted_severity 0.1
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-va8w-uzhc-x3bz
Fixing_vulnerabilities
Risk_score3.1
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:rpm/redhat/tfm-rubygem-passenger@4.0.18-23%3Farch=el7sat