Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:deb/debian/open-iscsi@2.0.874-5?distro=trixie
Typedeb
Namespacedebian
Nameopen-iscsi
Version2.0.874-5
Qualifiers
distro trixie
Subpath
Is_vulnerablefalse
Next_non_vulnerable_version2.1.3-1
Latest_non_vulnerable_version2.1.11-5
Affected_by_vulnerabilities
Fixing_vulnerabilities
0
url VCID-7ath-xavf-kkfe
vulnerability_id VCID-7ath-xavf-kkfe
summary An issue was discovered in Open-iSCSI through 2.0.875. A local attacker can cause the iscsiuio server to abort or potentially execute code by sending messages with incorrect lengths, which (due to lack of checking) can lead to buffer overflows, and result in aborts (with overflow checking enabled) or code execution. The process_iscsid_broadcast function in iscsiuio/src/unix/iscsid_ipc.c does not validate the payload length before a write operation.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-17840.json
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-17840.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2017-17840
reference_id
reference_type
scores
0
value 0.00161
scoring_system epss
scoring_elements 0.36703
published_at 2026-06-04T12:55:00Z
1
value 0.00161
scoring_system epss
scoring_elements 0.36742
published_at 2026-06-09T12:55:00Z
2
value 0.00161
scoring_system epss
scoring_elements 0.36768
published_at 2026-06-07T12:55:00Z
3
value 0.00161
scoring_system epss
scoring_elements 0.3673
published_at 2026-06-08T12:55:00Z
4
value 0.00161
scoring_system epss
scoring_elements 0.36796
published_at 2026-06-05T12:55:00Z
5
value 0.00161
scoring_system epss
scoring_elements 0.36803
published_at 2026-06-06T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2017-17840
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17840
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17840
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 4.6
scoring_system cvssv2
scoring_elements AV:L/AC:L/Au:N/C:P/I:P/A:P
1
value 7.3
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1529176
reference_id 1529176
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1529176
5
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=885021
reference_id 885021
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=885021
fixed_packages
0
url pkg:deb/debian/open-iscsi@2.0.874-5?distro=trixie
purl pkg:deb/debian/open-iscsi@2.0.874-5?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/open-iscsi@2.0.874-5%3Fdistro=trixie
1
url pkg:deb/debian/open-iscsi@2.1.3-5?distro=trixie
purl pkg:deb/debian/open-iscsi@2.1.3-5?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/open-iscsi@2.1.3-5%3Fdistro=trixie
2
url pkg:deb/debian/open-iscsi@2.1.8-1?distro=trixie
purl pkg:deb/debian/open-iscsi@2.1.8-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/open-iscsi@2.1.8-1%3Fdistro=trixie
3
url pkg:deb/debian/open-iscsi@2.1.11-1%2Bdeb13u2?distro=trixie
purl pkg:deb/debian/open-iscsi@2.1.11-1%2Bdeb13u2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/open-iscsi@2.1.11-1%252Bdeb13u2%3Fdistro=trixie
4
url pkg:deb/debian/open-iscsi@2.1.11-5?distro=trixie
purl pkg:deb/debian/open-iscsi@2.1.11-5?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/open-iscsi@2.1.11-5%3Fdistro=trixie
aliases CVE-2017-17840
risk_score 3.0
exploitability 0.5
weighted_severity 5.9
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-7ath-xavf-kkfe
Risk_scorenull
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:deb/debian/open-iscsi@2.0.874-5%3Fdistro=trixie