Django REST framework
Api Root
Package List
Package Instance
Format
json
api
admin
Package Instance
Lookup for vulnerable packages by Package URL.
Purl
pkg:deb/debian/xmlsec1@1.2.24-1?distro=trixie
Type
deb
Namespace
debian
Name
xmlsec1
Version
1.2.24-1
Qualifiers
distro
trixie
Subpath
Is_vulnerable
false
Next_non_vulnerable_version
1.2.31-1
Latest_non_vulnerable_version
1.3.10-2
Affected_by_vulnerabilities
Fixing_vulnerabilities
0
url
VCID-348t-vqaj-kbef
vulnerability_id
VCID-348t-vqaj-kbef
summary
xmlsec 1.2.23 and before is vulnerable to XML External Entity Expansion when parsing crafted input documents, resulting in possible information disclosure or denial of service
references
0
reference_url
https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-1000061.json
reference_id
reference_type
scores
0
value
6.5
scoring_system
cvssv3
scoring_elements
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L
url
https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-1000061.json
1
reference_url
https://api.first.org/data/v1/epss?cve=CVE-2017-1000061
reference_id
reference_type
scores
0
value
0.00591
scoring_system
epss
scoring_elements
0.69599
published_at
2026-06-04T12:55:00Z
url
https://api.first.org/data/v1/epss?cve=CVE-2017-1000061
2
reference_url
https://bugzilla.redhat.com/show_bug.cgi?id=1437311
reference_id
1437311
reference_type
scores
url
https://bugzilla.redhat.com/show_bug.cgi?id=1437311
3
reference_url
https://access.redhat.com/errata/RHSA-2017:2492
reference_id
RHSA-2017:2492
reference_type
scores
url
https://access.redhat.com/errata/RHSA-2017:2492
fixed_packages
0
url
pkg:deb/debian/xmlsec1@1.2.24-1?distro=trixie
purl
pkg:deb/debian/xmlsec1@1.2.24-1?distro=trixie
is_vulnerable
false
affected_by_vulnerabilities
resource_url
http://public2.vulnerablecode.io/packages/pkg:deb/debian/xmlsec1@1.2.24-1%3Fdistro=trixie
1
url
pkg:deb/debian/xmlsec1@1.2.31-1?distro=trixie
purl
pkg:deb/debian/xmlsec1@1.2.31-1?distro=trixie
is_vulnerable
false
affected_by_vulnerabilities
resource_url
http://public2.vulnerablecode.io/packages/pkg:deb/debian/xmlsec1@1.2.31-1%3Fdistro=trixie
2
url
pkg:deb/debian/xmlsec1@1.2.37-2?distro=trixie
purl
pkg:deb/debian/xmlsec1@1.2.37-2?distro=trixie
is_vulnerable
false
affected_by_vulnerabilities
resource_url
http://public2.vulnerablecode.io/packages/pkg:deb/debian/xmlsec1@1.2.37-2%3Fdistro=trixie
3
url
pkg:deb/debian/xmlsec1@1.2.41-1?distro=trixie
purl
pkg:deb/debian/xmlsec1@1.2.41-1?distro=trixie
is_vulnerable
false
affected_by_vulnerabilities
resource_url
http://public2.vulnerablecode.io/packages/pkg:deb/debian/xmlsec1@1.2.41-1%3Fdistro=trixie
4
url
pkg:deb/debian/xmlsec1@1.3.10-2?distro=trixie
purl
pkg:deb/debian/xmlsec1@1.3.10-2?distro=trixie
is_vulnerable
false
affected_by_vulnerabilities
resource_url
http://public2.vulnerablecode.io/packages/pkg:deb/debian/xmlsec1@1.3.10-2%3Fdistro=trixie
aliases
CVE-2017-1000061
risk_score
3.0
exploitability
0.5
weighted_severity
5.9
resource_url
http://public2.vulnerablecode.io/vulnerabilities/VCID-348t-vqaj-kbef
Risk_score
null
Resource_url
http://public2.vulnerablecode.io/packages/pkg:deb/debian/xmlsec1@1.2.24-1%3Fdistro=trixie
×
Create
None
×
Edit
None