Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:deb/debian/cluster-glue@1.0.6-1?distro=trixie
Typedeb
Namespacedebian
Namecluster-glue
Version1.0.6-1
Qualifiers
distro trixie
Subpath
Is_vulnerablefalse
Next_non_vulnerable_version1.0.12-20
Latest_non_vulnerable_version1.0.12-25
Affected_by_vulnerabilities
Fixing_vulnerabilities
0
url VCID-gtfw-2r73-ubaa
vulnerability_id VCID-gtfw-2r73-ubaa
summary stonith-ng in pacemaker and cluster-glue passed passwords as commandline parameters, making it possible for local attackers to gain access to passwords of the HA stack and potentially influence its operations. This is fixed in cluster-glue 1.0.6 and newer, and pacemaker 1.1.3 and newer.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-2496.json
reference_id
reference_type
scores
0
value 7.8
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-2496.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2010-2496
reference_id
reference_type
scores
0
value 0.00041
scoring_system epss
scoring_elements 0.12753
published_at 2026-06-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2010-2496
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2496
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2496
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1974363
reference_id 1974363
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1974363
fixed_packages
0
url pkg:deb/debian/cluster-glue@1.0.6-1?distro=trixie
purl pkg:deb/debian/cluster-glue@1.0.6-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/cluster-glue@1.0.6-1%3Fdistro=trixie
1
url pkg:deb/debian/cluster-glue@1.0.12-20?distro=trixie
purl pkg:deb/debian/cluster-glue@1.0.12-20?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/cluster-glue@1.0.12-20%3Fdistro=trixie
2
url pkg:deb/debian/cluster-glue@1.0.12-21?distro=trixie
purl pkg:deb/debian/cluster-glue@1.0.12-21?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/cluster-glue@1.0.12-21%3Fdistro=trixie
3
url pkg:deb/debian/cluster-glue@1.0.12-24?distro=trixie
purl pkg:deb/debian/cluster-glue@1.0.12-24?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/cluster-glue@1.0.12-24%3Fdistro=trixie
4
url pkg:deb/debian/cluster-glue@1.0.12-25?distro=trixie
purl pkg:deb/debian/cluster-glue@1.0.12-25?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/cluster-glue@1.0.12-25%3Fdistro=trixie
aliases CVE-2010-2496
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-gtfw-2r73-ubaa
Risk_scorenull
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:deb/debian/cluster-glue@1.0.6-1%3Fdistro=trixie