Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:apk/alpine/squid@4.13.0-r0?arch=loongarch64&distroversion=edge&reponame=main
Typeapk
Namespacealpine
Namesquid
Version4.13.0-r0
Qualifiers
arch loongarch64
distroversion edge
reponame main
Subpath
Is_vulnerablefalse
Next_non_vulnerable_version5.0.6-r0
Latest_non_vulnerable_version7.3-r0
Affected_by_vulnerabilities
Fixing_vulnerabilities
0
url VCID-1qpe-g66r-r7d5
vulnerability_id VCID-1qpe-g66r-r7d5
summary An issue was discovered in Squid before 4.13 and 5.x before 5.0.4. Due to incorrect data validation, HTTP Request Smuggling attacks may succeed against HTTP and HTTPS traffic. This leads to cache poisoning. This allows any client, including browser scripts, to bypass local security and poison the proxy cache and any downstream caches with content from an arbitrary source. When configured for relaxed header parsing (the default), Squid relays headers containing whitespace characters to upstream servers. When this occurs as a prefix to a Content-Length header, the frame length specified will be ignored by Squid (allowing for a conflicting length to be used from another Content-Length header) but relayed upstream.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-15810.json
reference_id
reference_type
scores
0
value 9.6
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-15810.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-15810
reference_id
reference_type
scores
0
value 0.00155
scoring_system epss
scoring_elements 0.35927
published_at 2026-06-04T12:55:00Z
1
value 0.00155
scoring_system epss
scoring_elements 0.36022
published_at 2026-06-05T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-15810
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15810
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15810
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15811
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15811
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-24606
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-24606
5
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 9.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
6
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1871700
reference_id 1871700
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1871700
7
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=968934
reference_id 968934
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=968934
8
reference_url https://access.redhat.com/errata/RHSA-2020:3623
reference_id RHSA-2020:3623
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:3623
9
reference_url https://access.redhat.com/errata/RHSA-2020:4082
reference_id RHSA-2020:4082
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:4082
10
reference_url https://usn.ubuntu.com/4477-1/
reference_id USN-4477-1
reference_type
scores
url https://usn.ubuntu.com/4477-1/
11
reference_url https://usn.ubuntu.com/4551-1/
reference_id USN-4551-1
reference_type
scores
url https://usn.ubuntu.com/4551-1/
fixed_packages
0
url pkg:apk/alpine/squid@4.13.0-r0?arch=loongarch64&distroversion=edge&reponame=main
purl pkg:apk/alpine/squid@4.13.0-r0?arch=loongarch64&distroversion=edge&reponame=main
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/squid@4.13.0-r0%3Farch=loongarch64&distroversion=edge&reponame=main
aliases CVE-2020-15810
risk_score 4.3
exploitability 0.5
weighted_severity 8.6
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-1qpe-g66r-r7d5
1
url VCID-wgzx-2d4n-pub4
vulnerability_id VCID-wgzx-2d4n-pub4
summary Squid before 4.13 and 5.x before 5.0.4 allows a trusted peer to perform Denial of Service by consuming all available CPU cycles during handling of a crafted Cache Digest response message. This only occurs when cache_peer is used with the cache digests feature. The problem exists because peerDigestHandleReply() livelocking in peer_digest.cc mishandles EOF.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-24606.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-24606.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-24606
reference_id
reference_type
scores
0
value 0.06342
scoring_system epss
scoring_elements 0.91147
published_at 2026-06-04T12:55:00Z
1
value 0.06342
scoring_system epss
scoring_elements 0.9116
published_at 2026-06-05T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-24606
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15810
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15810
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15811
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15811
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-24606
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-24606
5
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
6
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1871705
reference_id 1871705
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1871705
7
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=968933
reference_id 968933
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=968933
8
reference_url https://access.redhat.com/errata/RHSA-2020:4082
reference_id RHSA-2020:4082
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:4082
9
reference_url https://access.redhat.com/errata/RHSA-2020:4743
reference_id RHSA-2020:4743
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:4743
10
reference_url https://usn.ubuntu.com/4477-1/
reference_id USN-4477-1
reference_type
scores
url https://usn.ubuntu.com/4477-1/
11
reference_url https://usn.ubuntu.com/4551-1/
reference_id USN-4551-1
reference_type
scores
url https://usn.ubuntu.com/4551-1/
fixed_packages
0
url pkg:apk/alpine/squid@4.13.0-r0?arch=loongarch64&distroversion=edge&reponame=main
purl pkg:apk/alpine/squid@4.13.0-r0?arch=loongarch64&distroversion=edge&reponame=main
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/squid@4.13.0-r0%3Farch=loongarch64&distroversion=edge&reponame=main
aliases CVE-2020-24606
risk_score 3.4
exploitability 0.5
weighted_severity 6.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-wgzx-2d4n-pub4
Risk_scorenull
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:apk/alpine/squid@4.13.0-r0%3Farch=loongarch64&distroversion=edge&reponame=main