Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:deb/debian/skim@0?distro=sid
Typedeb
Namespacedebian
Nameskim
Version0
Qualifiers
distro sid
Subpath
Is_vulnerablefalse
Next_non_vulnerable_version0.20.5+ds-3
Latest_non_vulnerable_version0.20.5+ds-3
Affected_by_vulnerabilities
Fixing_vulnerabilities
0
url VCID-at6h-dwue-vqgk
vulnerability_id VCID-at6h-dwue-vqgk
summary Skim is a fuzzy finder designed to through files, lines, and commands. The generate-files job in .github/workflows/pr.yml checks out attacker-controlled fork code and executes it via cargo run, with access to SKIM_RS_BOT_PRIVATE_KEY and GITHUB_TOKEN (contents:write). No gates prevent exploitation - any GitHub user can trigger this by opening a pull request from a fork. This vulnerability is fixed with commit bf63404ad51985b00ed304690ba9d477860a5a75.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-41414
reference_id
reference_type
scores
0
value 0.00044
scoring_system epss
scoring_elements 0.13693
published_at 2026-06-09T12:55:00Z
1
value 0.00044
scoring_system epss
scoring_elements 0.13783
published_at 2026-06-05T12:55:00Z
2
value 0.00044
scoring_system epss
scoring_elements 0.13787
published_at 2026-06-06T12:55:00Z
3
value 0.00044
scoring_system epss
scoring_elements 0.13748
published_at 2026-06-07T12:55:00Z
4
value 0.00044
scoring_system epss
scoring_elements 0.13663
published_at 2026-06-08T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-41414
1
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:H/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
2
reference_url https://github.com/skim-rs/skim/commit/bf63404ad51985b00ed304690ba9d477860a5a75
reference_id bf63404ad51985b00ed304690ba9d477860a5a75
reference_type
scores
0
value 7.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-27T13:45:19Z/
url https://github.com/skim-rs/skim/commit/bf63404ad51985b00ed304690ba9d477860a5a75
3
reference_url https://github.com/skim-rs/skim/security/advisories/GHSA-9g93-rxr5-xhqw
reference_id GHSA-9g93-rxr5-xhqw
reference_type
scores
0
value 7.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-27T13:45:19Z/
url https://github.com/skim-rs/skim/security/advisories/GHSA-9g93-rxr5-xhqw
fixed_packages
0
url pkg:deb/debian/skim@0?distro=sid
purl pkg:deb/debian/skim@0?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/skim@0%3Fdistro=sid
1
url pkg:deb/debian/skim@0.20.5%2Bds-3?distro=sid
purl pkg:deb/debian/skim@0.20.5%2Bds-3?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/skim@0.20.5%252Bds-3%3Fdistro=sid
aliases CVE-2026-41414
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-at6h-dwue-vqgk
Risk_scorenull
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:deb/debian/skim@0%3Fdistro=sid