Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:deb/debian/redmine@1.3.2%2Bdfsg1-1?distro=trixie
Typedeb
Namespacedebian
Nameredmine
Version1.3.2+dfsg1-1
Qualifiers
distro trixie
Subpath
Is_vulnerablefalse
Next_non_vulnerable_version2.5.1-1
Latest_non_vulnerable_version6.0.6+ds-6
Affected_by_vulnerabilities
Fixing_vulnerabilities
0
url VCID-3d2c-ymam-fydw
vulnerability_id VCID-3d2c-ymam-fydw
summary Redmine before 1.3.2 does not properly restrict the use of a hash to provide values for a model's attributes, which allows remote attackers to set attributes in the (1) Comment, (2) Document, (3) IssueCategory, (4) MembersController, (5) Message, (6) News, (7) TimeEntry, (8) Version, (9) Wiki, (10) UserPreference, or (11) Board model via a modified URL, related to a "mass assignment" vulnerability, a different vulnerability than CVE-2012-0327.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2012-2054
reference_id
reference_type
scores
0
value 0.00274
scoring_system epss
scoring_elements 0.51044
published_at 2026-06-04T12:55:00Z
1
value 0.00274
scoring_system epss
scoring_elements 0.51106
published_at 2026-06-05T12:55:00Z
2
value 0.00274
scoring_system epss
scoring_elements 0.51111
published_at 2026-06-06T12:55:00Z
3
value 0.00274
scoring_system epss
scoring_elements 0.51089
published_at 2026-06-07T12:55:00Z
4
value 0.00274
scoring_system epss
scoring_elements 0.5106
published_at 2026-06-08T12:55:00Z
5
value 0.00274
scoring_system epss
scoring_elements 0.51079
published_at 2026-06-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2012-2054
fixed_packages
0
url pkg:deb/debian/redmine@1.3.2%2Bdfsg1-1?distro=trixie
purl pkg:deb/debian/redmine@1.3.2%2Bdfsg1-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/redmine@1.3.2%252Bdfsg1-1%3Fdistro=trixie
1
url pkg:deb/debian/redmine@5.0.4-5%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/redmine@5.0.4-5%2Bdeb12u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/redmine@5.0.4-5%252Bdeb12u1%3Fdistro=trixie
2
url pkg:deb/debian/redmine@6.0.5%2Bds-1?distro=trixie
purl pkg:deb/debian/redmine@6.0.5%2Bds-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/redmine@6.0.5%252Bds-1%3Fdistro=trixie
3
url pkg:deb/debian/redmine@6.0.6%2Bds-6?distro=trixie
purl pkg:deb/debian/redmine@6.0.6%2Bds-6?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/redmine@6.0.6%252Bds-6%3Fdistro=trixie
aliases CVE-2012-2054
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-3d2c-ymam-fydw
1
url VCID-dq17-zm5y-quf7
vulnerability_id VCID-dq17-zm5y-quf7
summary Cross-site scripting (XSS) vulnerability in Redmine before 1.3.2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2012-0327
reference_id
reference_type
scores
0
value 0.00359
scoring_system epss
scoring_elements 0.58361
published_at 2026-06-04T12:55:00Z
1
value 0.00359
scoring_system epss
scoring_elements 0.58408
published_at 2026-06-07T12:55:00Z
2
value 0.00359
scoring_system epss
scoring_elements 0.58416
published_at 2026-06-06T12:55:00Z
3
value 0.00359
scoring_system epss
scoring_elements 0.58393
published_at 2026-06-08T12:55:00Z
4
value 0.00359
scoring_system epss
scoring_elements 0.58409
published_at 2026-06-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2012-0327
fixed_packages
0
url pkg:deb/debian/redmine@1.3.2%2Bdfsg1-1?distro=trixie
purl pkg:deb/debian/redmine@1.3.2%2Bdfsg1-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/redmine@1.3.2%252Bdfsg1-1%3Fdistro=trixie
1
url pkg:deb/debian/redmine@5.0.4-5%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/redmine@5.0.4-5%2Bdeb12u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/redmine@5.0.4-5%252Bdeb12u1%3Fdistro=trixie
2
url pkg:deb/debian/redmine@6.0.5%2Bds-1?distro=trixie
purl pkg:deb/debian/redmine@6.0.5%2Bds-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/redmine@6.0.5%252Bds-1%3Fdistro=trixie
3
url pkg:deb/debian/redmine@6.0.6%2Bds-6?distro=trixie
purl pkg:deb/debian/redmine@6.0.6%2Bds-6?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/redmine@6.0.6%252Bds-6%3Fdistro=trixie
aliases CVE-2012-0327
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-dq17-zm5y-quf7
Risk_scorenull
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:deb/debian/redmine@1.3.2%252Bdfsg1-1%3Fdistro=trixie