Django REST framework

Lookup for vulnerable packages by Package URL.

Purl pkg:deb/debian/busybox@0?distro=trixie

Type deb

Namespace debian

Name busybox

Version 0

Qualifiers

distro	trixie

Subpath

Is_vulnerable false

Next_non_vulnerable_version 1:1.1.3-1

Latest_non_vulnerable_version 1:1.38.0-1

Affected_by_vulnerabilities

Fixing_vulnerabilities

url VCID-5ttr-ev3f-9kbc

vulnerability_id VCID-5ttr-ev3f-9kbc

summary

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-28391.json

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-28391.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2022-28391

reference_id

reference_type

scores

value	0.03075
scoring_system	epss
scoring_elements	0.87052
published_at	2026-06-11T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2022-28391

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

https://git.alpinelinux.org/aports/plain/main/busybox/0001-libbb-sockaddr2str-ensure-only-printable-characters-.patch

reference_id

0001-libbb-sockaddr2str-ensure-only-printable-characters-.patch

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-06-09T15:32:28Z/

url

https://git.alpinelinux.org/aports/plain/main/busybox/0001-libbb-sockaddr2str-ensure-only-printable-characters-.patch

reference_url

https://git.alpinelinux.org/aports/plain/main/busybox/0002-nslookup-sanitize-all-printed-strings-with-printable.patch

reference_id

0002-nslookup-sanitize-all-printed-strings-with-printable.patch

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-06-09T15:32:28Z/

url

https://git.alpinelinux.org/aports/plain/main/busybox/0002-nslookup-sanitize-all-printed-strings-with-printable.patch

reference_url

https://gitlab.alpinelinux.org/alpine/aports/-/issues/13661

reference_id

13661

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-06-09T15:32:28Z/

url

https://gitlab.alpinelinux.org/alpine/aports/-/issues/13661

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2080958
reference_id	2080958
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2080958

fixed_packages

url	pkg:deb/debian/busybox@0?distro=trixie
purl	pkg:deb/debian/busybox@0?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/busybox@0%3Fdistro=trixie

url pkg:deb/debian/busybox@1:1.30.1-6?distro=trixie

purl pkg:deb/debian/busybox@1:1.30.1-6?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2c4n-htar-1bbp

vulnerability	VCID-58wk-ehxg-kkek

vulnerability	VCID-a314-yrfn-tqdx

vulnerability	VCID-c6kg-dsp8-6yad

vulnerability	VCID-e9dx-nc9q-vkeg

vulnerability	VCID-nwea-9any-zkge

vulnerability	VCID-s3ut-stae-23cy

vulnerability	VCID-sg5c-73vs-gkhw

vulnerability	VCID-tbbf-pgwt-sucx

vulnerability	VCID-u5mj-gur5-8beh

vulnerability	VCID-ufyv-rttj-wqdw

vulnerability	VCID-v2v3-ucaq-u3e3

vulnerability	VCID-vkux-cpct-8fge

vulnerability	VCID-xzk7-7cke-hqdc

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/busybox@1:1.30.1-6%3Fdistro=trixie

url pkg:deb/debian/busybox@1:1.35.0-4%2Bdeb12u1?distro=trixie

purl pkg:deb/debian/busybox@1:1.35.0-4%2Bdeb12u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2c4n-htar-1bbp

vulnerability	VCID-58wk-ehxg-kkek

vulnerability	VCID-a314-yrfn-tqdx

vulnerability	VCID-e9dx-nc9q-vkeg

vulnerability	VCID-nwea-9any-zkge

vulnerability	VCID-s3ut-stae-23cy

vulnerability	VCID-u5mj-gur5-8beh

vulnerability	VCID-vkux-cpct-8fge

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/busybox@1:1.35.0-4%252Bdeb12u1%3Fdistro=trixie

url pkg:deb/debian/busybox@1:1.37.0-6?distro=trixie

purl pkg:deb/debian/busybox@1:1.37.0-6?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2c4n-htar-1bbp

vulnerability	VCID-58wk-ehxg-kkek

vulnerability	VCID-e9dx-nc9q-vkeg

vulnerability	VCID-nwea-9any-zkge

vulnerability	VCID-s3ut-stae-23cy

vulnerability	VCID-u5mj-gur5-8beh

vulnerability	VCID-vkux-cpct-8fge

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/busybox@1:1.37.0-6%3Fdistro=trixie

url	pkg:deb/debian/busybox@1:1.37.0-10.1?distro=trixie
purl	pkg:deb/debian/busybox@1:1.37.0-10.1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/busybox@1:1.37.0-10.1%3Fdistro=trixie

url	pkg:deb/debian/busybox@1:1.38.0-1?distro=trixie
purl	pkg:deb/debian/busybox@1:1.38.0-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/busybox@1:1.38.0-1%3Fdistro=trixie

aliases CVE-2022-28391

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-5ttr-ev3f-9kbc

url VCID-fj4y-vg4x-n3gg

vulnerability_id VCID-fj4y-vg4x-n3gg

summary

This GLSA contains notification of vulnerabilities found in several
    Gentoo packages which have been fixed prior to January 1, 2011. The worst
    of these vulnerabilities could lead to local privilege escalation and
    remote code execution. Please see the package list and CVE identifiers
    below for more information.

references

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-0001.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-0001.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2010-0001

reference_id

reference_type

scores

value	0.22601
scoring_system	epss
scoring_elements	0.95977
published_at	2026-06-11T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2010-0001

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0001
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0001

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=554418
reference_id	554418
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=554418

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=566002
reference_id	566002
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=566002

reference_url	https://security.gentoo.org/glsa/201412-08
reference_id	GLSA-201412-08
reference_type
scores
url	https://security.gentoo.org/glsa/201412-08

reference_url	https://access.redhat.com/errata/RHSA-2010:0061
reference_id	RHSA-2010:0061
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2010:0061

reference_url	https://usn.ubuntu.com/889-1/
reference_id	USN-889-1
reference_type
scores
url	https://usn.ubuntu.com/889-1/

fixed_packages

url	pkg:deb/debian/busybox@0?distro=trixie
purl	pkg:deb/debian/busybox@0?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/busybox@0%3Fdistro=trixie

url pkg:deb/debian/busybox@1:1.30.1-6?distro=trixie

purl pkg:deb/debian/busybox@1:1.30.1-6?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2c4n-htar-1bbp

vulnerability	VCID-58wk-ehxg-kkek

vulnerability	VCID-a314-yrfn-tqdx

vulnerability	VCID-c6kg-dsp8-6yad

vulnerability	VCID-e9dx-nc9q-vkeg

vulnerability	VCID-nwea-9any-zkge

vulnerability	VCID-s3ut-stae-23cy

vulnerability	VCID-sg5c-73vs-gkhw

vulnerability	VCID-tbbf-pgwt-sucx

vulnerability	VCID-u5mj-gur5-8beh

vulnerability	VCID-ufyv-rttj-wqdw

vulnerability	VCID-v2v3-ucaq-u3e3

vulnerability	VCID-vkux-cpct-8fge

vulnerability	VCID-xzk7-7cke-hqdc

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/busybox@1:1.30.1-6%3Fdistro=trixie

url pkg:deb/debian/busybox@1:1.35.0-4%2Bdeb12u1?distro=trixie

purl pkg:deb/debian/busybox@1:1.35.0-4%2Bdeb12u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2c4n-htar-1bbp

vulnerability	VCID-58wk-ehxg-kkek

vulnerability	VCID-a314-yrfn-tqdx

vulnerability	VCID-e9dx-nc9q-vkeg

vulnerability	VCID-nwea-9any-zkge

vulnerability	VCID-s3ut-stae-23cy

vulnerability	VCID-u5mj-gur5-8beh

vulnerability	VCID-vkux-cpct-8fge

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/busybox@1:1.35.0-4%252Bdeb12u1%3Fdistro=trixie

url pkg:deb/debian/busybox@1:1.37.0-6?distro=trixie

purl pkg:deb/debian/busybox@1:1.37.0-6?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2c4n-htar-1bbp

vulnerability	VCID-58wk-ehxg-kkek

vulnerability	VCID-e9dx-nc9q-vkeg

vulnerability	VCID-nwea-9any-zkge

vulnerability	VCID-s3ut-stae-23cy

vulnerability	VCID-u5mj-gur5-8beh

vulnerability	VCID-vkux-cpct-8fge

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/busybox@1:1.37.0-6%3Fdistro=trixie

url	pkg:deb/debian/busybox@1:1.37.0-10.1?distro=trixie
purl	pkg:deb/debian/busybox@1:1.37.0-10.1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/busybox@1:1.37.0-10.1%3Fdistro=trixie

url	pkg:deb/debian/busybox@1:1.38.0-1?distro=trixie
purl	pkg:deb/debian/busybox@1:1.38.0-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/busybox@1:1.38.0-1%3Fdistro=trixie

aliases CVE-2010-0001

risk_score 0.1

exploitability 0.5

weighted_severity 0.2

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-fj4y-vg4x-n3gg

url VCID-sgqz-1391-ckef

vulnerability_id VCID-sgqz-1391-ckef

summary Directory traversal vulnerability in httpd in Rob Landley BusyBox allows remote attackers to read arbitrary files via URL-encoded "%2e%2e/" sequences in the URI.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2006-5050

reference_id

reference_type

scores

value	0.00279
scoring_system	epss
scoring_elements	0.51653
published_at	2026-06-11T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2006-5050

fixed_packages

url	pkg:deb/debian/busybox@0?distro=trixie
purl	pkg:deb/debian/busybox@0?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/busybox@0%3Fdistro=trixie

url pkg:deb/debian/busybox@1:1.30.1-6?distro=trixie

purl pkg:deb/debian/busybox@1:1.30.1-6?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2c4n-htar-1bbp

vulnerability	VCID-58wk-ehxg-kkek

vulnerability	VCID-a314-yrfn-tqdx

vulnerability	VCID-c6kg-dsp8-6yad

vulnerability	VCID-e9dx-nc9q-vkeg

vulnerability	VCID-nwea-9any-zkge

vulnerability	VCID-s3ut-stae-23cy

vulnerability	VCID-sg5c-73vs-gkhw

vulnerability	VCID-tbbf-pgwt-sucx

vulnerability	VCID-u5mj-gur5-8beh

vulnerability	VCID-ufyv-rttj-wqdw

vulnerability	VCID-v2v3-ucaq-u3e3

vulnerability	VCID-vkux-cpct-8fge

vulnerability	VCID-xzk7-7cke-hqdc

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/busybox@1:1.30.1-6%3Fdistro=trixie

url pkg:deb/debian/busybox@1:1.35.0-4%2Bdeb12u1?distro=trixie

purl pkg:deb/debian/busybox@1:1.35.0-4%2Bdeb12u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2c4n-htar-1bbp

vulnerability	VCID-58wk-ehxg-kkek

vulnerability	VCID-a314-yrfn-tqdx

vulnerability	VCID-e9dx-nc9q-vkeg

vulnerability	VCID-nwea-9any-zkge

vulnerability	VCID-s3ut-stae-23cy

vulnerability	VCID-u5mj-gur5-8beh

vulnerability	VCID-vkux-cpct-8fge

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/busybox@1:1.35.0-4%252Bdeb12u1%3Fdistro=trixie

url pkg:deb/debian/busybox@1:1.37.0-6?distro=trixie

purl pkg:deb/debian/busybox@1:1.37.0-6?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2c4n-htar-1bbp

vulnerability	VCID-58wk-ehxg-kkek

vulnerability	VCID-e9dx-nc9q-vkeg

vulnerability	VCID-nwea-9any-zkge

vulnerability	VCID-s3ut-stae-23cy

vulnerability	VCID-u5mj-gur5-8beh

vulnerability	VCID-vkux-cpct-8fge

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/busybox@1:1.37.0-6%3Fdistro=trixie

url	pkg:deb/debian/busybox@1:1.37.0-10.1?distro=trixie
purl	pkg:deb/debian/busybox@1:1.37.0-10.1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/busybox@1:1.37.0-10.1%3Fdistro=trixie

url	pkg:deb/debian/busybox@1:1.38.0-1?distro=trixie
purl	pkg:deb/debian/busybox@1:1.38.0-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/busybox@1:1.38.0-1%3Fdistro=trixie

aliases CVE-2006-5050

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-sgqz-1391-ckef

Risk_score null

Resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/busybox@0%3Fdistro=trixie

Package Instance