Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:apk/alpine/sequoia-chameleon-gnupg@0.13.1-r2?arch=s390x&distroversion=v3.24&reponame=community
Typeapk
Namespacealpine
Namesequoia-chameleon-gnupg
Version0.13.1-r2
Qualifiers
arch s390x
distroversion v3.24
reponame community
Subpath
Is_vulnerablefalse
Next_non_vulnerable_versionnull
Latest_non_vulnerable_versionnull
Affected_by_vulnerabilities
Fixing_vulnerabilities
0
url VCID-42pa-h97f-sbbm
vulnerability_id VCID-42pa-h97f-sbbm
summary A flaw was found in rust-rpm-sequoia. An attacker can exploit this vulnerability by providing a specially crafted Red Hat Package Manager (RPM) file. During the RPM signature verification process, this crafted file can trigger an error in the OpenPGP signature parsing code, leading to an unconditional termination of the rpm process. This issue results in an application level denial of service, making the system unable to process RPM files for signature verification.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-2625.json
reference_id
reference_type
scores
0
value 4.0
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-2625.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-2625
reference_id
reference_type
scores
0
value 7e-05
scoring_system epss
scoring_elements 0.00679
published_at 2026-06-12T12:55:00Z
1
value 7e-05
scoring_system epss
scoring_elements 0.0068
published_at 2026-06-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-2625
2
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1128418
reference_id 1128418
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1128418
3
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:hummingbird:1
reference_id cpe:/a:redhat:hummingbird:1
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:hummingbird:1
4
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10
reference_id cpe:/o:redhat:enterprise_linux:10
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10
5
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9
reference_id cpe:/o:redhat:enterprise_linux:9
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9
6
reference_url https://access.redhat.com/security/cve/CVE-2026-2625
reference_id CVE-2026-2625
reference_type
scores
0
value 4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-08T18:51:58Z/
url https://access.redhat.com/security/cve/CVE-2026-2625
7
reference_url https://access.redhat.com/errata/RHSA-2026:12682
reference_id RHSA-2026:12682
reference_type
scores
0
value 4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-08T18:51:58Z/
url https://access.redhat.com/errata/RHSA-2026:12682
8
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2440357
reference_id show_bug.cgi?id=2440357
reference_type
scores
0
value 4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-08T18:51:58Z/
url https://bugzilla.redhat.com/show_bug.cgi?id=2440357
fixed_packages
0
url pkg:apk/alpine/sequoia-chameleon-gnupg@0.13.1-r2?arch=s390x&distroversion=v3.24&reponame=community
purl pkg:apk/alpine/sequoia-chameleon-gnupg@0.13.1-r2?arch=s390x&distroversion=v3.24&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/sequoia-chameleon-gnupg@0.13.1-r2%3Farch=s390x&distroversion=v3.24&reponame=community
aliases CVE-2026-2625
risk_score 1.8
exploitability 0.5
weighted_severity 3.6
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-42pa-h97f-sbbm
Risk_scorenull
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:apk/alpine/sequoia-chameleon-gnupg@0.13.1-r2%3Farch=s390x&distroversion=v3.24&reponame=community