Django REST framework

Lookup for vulnerable packages by Package URL.

Purl pkg:deb/debian/csound@1:6.18.1%2Bdfsg-6?distro=trixie

Type deb

Namespace debian

Name csound

Version 1:6.18.1+dfsg-6

Qualifiers

distro	trixie

Subpath

Is_vulnerable false

Next_non_vulnerable_version null

Latest_non_vulnerable_version null

Affected_by_vulnerabilities

Fixing_vulnerabilities

url VCID-5rpx-jse6-j7g1

vulnerability_id VCID-5rpx-jse6-j7g1

summary csound: untrusted python modules search path

references

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-5986.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-5986.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2008-5986

reference_id

reference_type

scores

value	0.00059
scoring_system	epss
scoring_elements	0.18784
published_at	2026-05-29T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2008-5986

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5986
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5986

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=481550
reference_id	481550
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=481550

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=504359
reference_id	504359
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=504359

fixed_packages

url	pkg:deb/debian/csound@5.08.2~dfsg-1.1?distro=trixie
purl	pkg:deb/debian/csound@5.08.2~dfsg-1.1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/csound@5.08.2~dfsg-1.1%3Fdistro=trixie

url	pkg:deb/debian/csound@1:6.14.0~dfsg-6?distro=trixie
purl	pkg:deb/debian/csound@1:6.14.0~dfsg-6?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/csound@1:6.14.0~dfsg-6%3Fdistro=trixie

url	pkg:deb/debian/csound@1:6.18.1%2Bdfsg-1?distro=trixie
purl	pkg:deb/debian/csound@1:6.18.1%2Bdfsg-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/csound@1:6.18.1%252Bdfsg-1%3Fdistro=trixie

url	pkg:deb/debian/csound@1:6.18.1%2Bdfsg-4?distro=trixie
purl	pkg:deb/debian/csound@1:6.18.1%2Bdfsg-4?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/csound@1:6.18.1%252Bdfsg-4%3Fdistro=trixie

url	pkg:deb/debian/csound@1:6.18.1%2Bdfsg-6?distro=trixie
purl	pkg:deb/debian/csound@1:6.18.1%2Bdfsg-6?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/csound@1:6.18.1%252Bdfsg-6%3Fdistro=trixie

aliases CVE-2008-5986

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-5rpx-jse6-j7g1

url VCID-jz5a-vech-d3hx

vulnerability_id VCID-jz5a-vech-d3hx

summary Multiple stack-based buffer overflows in Csound before 5.16.6 allow remote attackers to execute arbitrary code via a crafted (1) hetro file to the getnum function in util/heti_main.c or (2) PVOC file to the getnum function in util/pv_import.c.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2012-0270

reference_id

reference_type

scores

value	0.75449
scoring_system	epss
scoring_elements	0.98913
published_at	2026-05-29T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2012-0270

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0270
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0270

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=661197
reference_id	661197
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=661197

reference_url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/local/18710.rb
reference_id	CVE-2012-0270;OSVDB-79491
reference_type	exploit
scores
url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/local/18710.rb

fixed_packages

url	pkg:deb/debian/csound@1:5.16.6~dfsg-1?distro=trixie
purl	pkg:deb/debian/csound@1:5.16.6~dfsg-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/csound@1:5.16.6~dfsg-1%3Fdistro=trixie

url	pkg:deb/debian/csound@1:6.14.0~dfsg-6?distro=trixie
purl	pkg:deb/debian/csound@1:6.14.0~dfsg-6?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/csound@1:6.14.0~dfsg-6%3Fdistro=trixie

url	pkg:deb/debian/csound@1:6.18.1%2Bdfsg-1?distro=trixie
purl	pkg:deb/debian/csound@1:6.18.1%2Bdfsg-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/csound@1:6.18.1%252Bdfsg-1%3Fdistro=trixie

url	pkg:deb/debian/csound@1:6.18.1%2Bdfsg-4?distro=trixie
purl	pkg:deb/debian/csound@1:6.18.1%2Bdfsg-4?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/csound@1:6.18.1%252Bdfsg-4%3Fdistro=trixie

url	pkg:deb/debian/csound@1:6.18.1%2Bdfsg-6?distro=trixie
purl	pkg:deb/debian/csound@1:6.18.1%2Bdfsg-6?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/csound@1:6.18.1%252Bdfsg-6%3Fdistro=trixie

aliases CVE-2012-0270

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-jz5a-vech-d3hx

url VCID-p73c-788f-nbe2

vulnerability_id VCID-p73c-788f-nbe2

summary Stack-based buffer overflow in the main function in util/lpci_main.c in Csound before 5.17.2, when converting a file, allows user-assisted remote attackers to execute arbitrary code via a crafted file.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2012-2108

reference_id

reference_type

scores

value	0.05809
scoring_system	epss
scoring_elements	0.90654
published_at	2026-05-29T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2012-2108

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2108
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2108

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=661197
reference_id	661197
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=661197

fixed_packages

url	pkg:deb/debian/csound@1:5.17.6~dfsg-1?distro=trixie
purl	pkg:deb/debian/csound@1:5.17.6~dfsg-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/csound@1:5.17.6~dfsg-1%3Fdistro=trixie

url	pkg:deb/debian/csound@1:6.14.0~dfsg-6?distro=trixie
purl	pkg:deb/debian/csound@1:6.14.0~dfsg-6?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/csound@1:6.14.0~dfsg-6%3Fdistro=trixie

url	pkg:deb/debian/csound@1:6.18.1%2Bdfsg-1?distro=trixie
purl	pkg:deb/debian/csound@1:6.18.1%2Bdfsg-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/csound@1:6.18.1%252Bdfsg-1%3Fdistro=trixie

url	pkg:deb/debian/csound@1:6.18.1%2Bdfsg-4?distro=trixie
purl	pkg:deb/debian/csound@1:6.18.1%2Bdfsg-4?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/csound@1:6.18.1%252Bdfsg-4%3Fdistro=trixie

url	pkg:deb/debian/csound@1:6.18.1%2Bdfsg-6?distro=trixie
purl	pkg:deb/debian/csound@1:6.18.1%2Bdfsg-6?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/csound@1:6.18.1%252Bdfsg-6%3Fdistro=trixie

aliases CVE-2012-2108

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-p73c-788f-nbe2

url VCID-wvkp-ava8-wybw

vulnerability_id VCID-wvkp-ava8-wybw

summary Integer overflow in the pv_import function in util/pv_import.c in Csound 5.16.6, when converting a file, allows remote attackers to execute arbitrary code via a crafted file, which triggers a heap-based buffer overflow.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2012-2106

reference_id

reference_type

scores

value	0.04789
scoring_system	epss
scoring_elements	0.8964
published_at	2026-05-29T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2012-2106

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2106
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2106

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=661197
reference_id	661197
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=661197

fixed_packages

url	pkg:deb/debian/csound@1:5.17.6~dfsg-1?distro=trixie
purl	pkg:deb/debian/csound@1:5.17.6~dfsg-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/csound@1:5.17.6~dfsg-1%3Fdistro=trixie

url	pkg:deb/debian/csound@1:6.14.0~dfsg-6?distro=trixie
purl	pkg:deb/debian/csound@1:6.14.0~dfsg-6?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/csound@1:6.14.0~dfsg-6%3Fdistro=trixie

url	pkg:deb/debian/csound@1:6.18.1%2Bdfsg-1?distro=trixie
purl	pkg:deb/debian/csound@1:6.18.1%2Bdfsg-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/csound@1:6.18.1%252Bdfsg-1%3Fdistro=trixie

url	pkg:deb/debian/csound@1:6.18.1%2Bdfsg-4?distro=trixie
purl	pkg:deb/debian/csound@1:6.18.1%2Bdfsg-4?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/csound@1:6.18.1%252Bdfsg-4%3Fdistro=trixie

url	pkg:deb/debian/csound@1:6.18.1%2Bdfsg-6?distro=trixie
purl	pkg:deb/debian/csound@1:6.18.1%2Bdfsg-6?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/csound@1:6.18.1%252Bdfsg-6%3Fdistro=trixie

aliases CVE-2012-2106

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-wvkp-ava8-wybw

url VCID-wwdj-c8rz-1udb

vulnerability_id VCID-wwdj-c8rz-1udb

summary Integer overflow in the main function in util/lpci_main.c in Csound before 5.17.2, when converting a file, allows user-assisted remote attackers to execute arbitrary code via a crafted file, which triggers a heap-based buffer overflow.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2012-2107

reference_id

reference_type

scores

value	0.05126
scoring_system	epss
scoring_elements	0.89995
published_at	2026-05-29T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2012-2107

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2107
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2107

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=661197
reference_id	661197
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=661197

fixed_packages

url	pkg:deb/debian/csound@1:5.17.6~dfsg-1?distro=trixie
purl	pkg:deb/debian/csound@1:5.17.6~dfsg-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/csound@1:5.17.6~dfsg-1%3Fdistro=trixie

url	pkg:deb/debian/csound@1:6.14.0~dfsg-6?distro=trixie
purl	pkg:deb/debian/csound@1:6.14.0~dfsg-6?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/csound@1:6.14.0~dfsg-6%3Fdistro=trixie

url	pkg:deb/debian/csound@1:6.18.1%2Bdfsg-1?distro=trixie
purl	pkg:deb/debian/csound@1:6.18.1%2Bdfsg-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/csound@1:6.18.1%252Bdfsg-1%3Fdistro=trixie

url	pkg:deb/debian/csound@1:6.18.1%2Bdfsg-4?distro=trixie
purl	pkg:deb/debian/csound@1:6.18.1%2Bdfsg-4?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/csound@1:6.18.1%252Bdfsg-4%3Fdistro=trixie

url	pkg:deb/debian/csound@1:6.18.1%2Bdfsg-6?distro=trixie
purl	pkg:deb/debian/csound@1:6.18.1%2Bdfsg-6?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/csound@1:6.18.1%252Bdfsg-6%3Fdistro=trixie

aliases CVE-2012-2107

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-wwdj-c8rz-1udb

Risk_score null

Resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/csound@1:6.18.1%252Bdfsg-6%3Fdistro=trixie

Package Instance