Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:apk/alpine/botan@2.6.0-r0?arch=armv7&distroversion=v3.21&reponame=main
Typeapk
Namespacealpine
Namebotan
Version2.6.0-r0
Qualifiers
arch armv7
distroversion v3.21
reponame main
Subpath
Is_vulnerablefalse
Next_non_vulnerable_version2.7.0-r0
Latest_non_vulnerable_version2.19.5-r0
Affected_by_vulnerabilities
Fixing_vulnerabilities
0
url VCID-vz6u-9har-sbc7
vulnerability_id VCID-vz6u-9har-sbc7
summary An issue was discovered in Botan 1.11.32 through 2.x before 2.6.0. An off-by-one error when processing malformed TLS-CBC ciphertext could cause the receiving side to include in the HMAC computation exactly 64K bytes of data following the record buffer, aka an over-read. The MAC comparison will subsequently fail and the connection will be closed. This could be used for denial of service. No information leak occurs.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2018-9860
reference_id
reference_type
scores
0
value 0.00384
scoring_system epss
scoring_elements 0.60114
published_at 2026-06-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2018-9860
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-9860
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-9860
fixed_packages
0
url pkg:apk/alpine/botan@2.6.0-r0?arch=armv7&distroversion=v3.21&reponame=main
purl pkg:apk/alpine/botan@2.6.0-r0?arch=armv7&distroversion=v3.21&reponame=main
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/botan@2.6.0-r0%3Farch=armv7&distroversion=v3.21&reponame=main
aliases CVE-2018-9860
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-vz6u-9har-sbc7
Risk_scorenull
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:apk/alpine/botan@2.6.0-r0%3Farch=armv7&distroversion=v3.21&reponame=main