Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:apk/alpine/bind@9.12.1_p2-r0?arch=aarch64&distroversion=v3.12&reponame=main
Typeapk
Namespacealpine
Namebind
Version9.12.1_p2-r0
Qualifiers
arch aarch64
distroversion v3.12
reponame main
Subpath
Is_vulnerablefalse
Next_non_vulnerable_version9.12.2_p1-r0
Latest_non_vulnerable_version9.16.27-r0
Affected_by_vulnerabilities
Fixing_vulnerabilities
0
url VCID-45wz-94b7-87gz
vulnerability_id VCID-45wz-94b7-87gz
summary An error in zone database reference counting can lead to an assertion failure if a server which is running an affected version of BIND attempts several transfers of a slave zone in quick succession. This defect could be deliberately exercised by an attacker who is permitted to cause a vulnerable server to initiate zone transfers (for example: by sending valid NOTIFY messages), causing the named process to exit after failing the assertion test. Affects BIND 9.12.0 and 9.12.1.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-5736.json
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-5736.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2018-5736
reference_id
reference_type
scores
0
value 0.42906
scoring_system epss
scoring_elements 0.97553
published_at 2026-06-04T12:55:00Z
1
value 0.42906
scoring_system epss
scoring_elements 0.97558
published_at 2026-06-05T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2018-5736
2
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1578591
reference_id 1578591
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1578591
3
reference_url https://security.archlinux.org/ASA-201805-20
reference_id ASA-201805-20
reference_type
scores
url https://security.archlinux.org/ASA-201805-20
4
reference_url https://security.archlinux.org/AVG-706
reference_id AVG-706
reference_type
scores
0
value Medium
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-706
fixed_packages
0
url pkg:apk/alpine/bind@9.12.1_p2-r0?arch=aarch64&distroversion=v3.12&reponame=main
purl pkg:apk/alpine/bind@9.12.1_p2-r0?arch=aarch64&distroversion=v3.12&reponame=main
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/bind@9.12.1_p2-r0%3Farch=aarch64&distroversion=v3.12&reponame=main
aliases CVE-2018-5736
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-45wz-94b7-87gz
1
url VCID-chqp-rqde-5kcv
vulnerability_id VCID-chqp-rqde-5kcv
summary A problem with the implementation of the new serve-stale feature in BIND 9.12 can lead to an assertion failure in rbtdb.c, even when stale-answer-enable is off. Additionally, problematic interaction between the serve-stale feature and NSEC aggressive negative caching can in some cases cause undesirable behavior from named, such as a recursion loop or excessive logging. Deliberate exploitation of this condition could cause operational problems depending on the particular manifestation -- either degradation or denial of service. Affects BIND 9.12.0 and 9.12.1.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-5737.json
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-5737.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2018-5737
reference_id
reference_type
scores
0
value 0.01186
scoring_system epss
scoring_elements 0.79133
published_at 2026-06-04T12:55:00Z
1
value 0.01186
scoring_system epss
scoring_elements 0.79159
published_at 2026-06-05T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2018-5737
2
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1578593
reference_id 1578593
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1578593
3
reference_url https://security.archlinux.org/ASA-201805-20
reference_id ASA-201805-20
reference_type
scores
url https://security.archlinux.org/ASA-201805-20
4
reference_url https://security.archlinux.org/AVG-706
reference_id AVG-706
reference_type
scores
0
value Medium
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-706
fixed_packages
0
url pkg:apk/alpine/bind@9.12.1_p2-r0?arch=aarch64&distroversion=v3.12&reponame=main
purl pkg:apk/alpine/bind@9.12.1_p2-r0?arch=aarch64&distroversion=v3.12&reponame=main
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/bind@9.12.1_p2-r0%3Farch=aarch64&distroversion=v3.12&reponame=main
aliases CVE-2018-5737
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-chqp-rqde-5kcv
Risk_scorenull
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:apk/alpine/bind@9.12.1_p2-r0%3Farch=aarch64&distroversion=v3.12&reponame=main