Django REST framework

Lookup for vulnerable packages by Package URL.

Purl pkg:deb/debian/pistache@0?distro=trixie

Type deb

Namespace debian

Name pistache

Version 0

Qualifiers

distro	trixie

Subpath

Is_vulnerable false

Next_non_vulnerable_version 0.0.5+ds-3

Latest_non_vulnerable_version 0.4.26+ds-3

Affected_by_vulnerabilities

Fixing_vulnerabilities

url VCID-yadt-m3av-nqhs

vulnerability_id VCID-yadt-m3av-nqhs

summary This affects the package pistacheio/pistache before 0.0.3.20220425. It is possible to traverse directories to fetch arbitrary files from the server.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2022-26068

reference_id

reference_type

scores

value	0.00381
scoring_system	epss
scoring_elements	0.59807
published_at	2026-06-04T12:55:00Z

value	0.00381
scoring_system	epss
scoring_elements	0.59858
published_at	2026-06-05T12:55:00Z

value	0.00381
scoring_system	epss
scoring_elements	0.59861
published_at	2026-06-06T12:55:00Z

value	0.00381
scoring_system	epss
scoring_elements	0.59852
published_at	2026-06-09T12:55:00Z

value	0.00381
scoring_system	epss
scoring_elements	0.59833
published_at	2026-06-08T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2022-26068

fixed_packages

url	pkg:deb/debian/pistache@0?distro=trixie
purl	pkg:deb/debian/pistache@0?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/pistache@0%3Fdistro=trixie

url	pkg:deb/debian/pistache@0.0.5%2Bds-3?distro=trixie
purl	pkg:deb/debian/pistache@0.0.5%2Bds-3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/pistache@0.0.5%252Bds-3%3Fdistro=trixie

url	pkg:deb/debian/pistache@0.0.5%2Bds-5.1?distro=trixie
purl	pkg:deb/debian/pistache@0.0.5%2Bds-5.1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/pistache@0.0.5%252Bds-5.1%3Fdistro=trixie

url	pkg:deb/debian/pistache@0.4.26%2Bds-3?distro=trixie
purl	pkg:deb/debian/pistache@0.4.26%2Bds-3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/pistache@0.4.26%252Bds-3%3Fdistro=trixie

aliases CVE-2022-26068

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-yadt-m3av-nqhs

Risk_score null

Resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/pistache@0%3Fdistro=trixie

Package Instance