Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:apk/alpine/patch@2.7.6-r6?arch=aarch64&distroversion=v3.18&reponame=main
Typeapk
Namespacealpine
Namepatch
Version2.7.6-r6
Qualifiers
arch aarch64
distroversion v3.18
reponame main
Subpath
Is_vulnerablefalse
Next_non_vulnerable_version2.7.6-r7
Latest_non_vulnerable_version2.7.6-r7
Affected_by_vulnerabilities
Fixing_vulnerabilities
0
url VCID-fuan-yz1a-jbej
vulnerability_id VCID-fuan-yz1a-jbej
summary multiple issues
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-1000156.json
reference_id
reference_type
scores
0
value 7.8
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-1000156.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2018-1000156
reference_id
reference_type
scores
0
value 0.36762
scoring_system epss
scoring_elements 0.97238
published_at 2026-06-09T12:55:00Z
1
value 0.36762
scoring_system epss
scoring_elements 0.97235
published_at 2026-06-06T12:55:00Z
2
value 0.36762
scoring_system epss
scoring_elements 0.97236
published_at 2026-06-07T12:55:00Z
3
value 0.36762
scoring_system epss
scoring_elements 0.97237
published_at 2026-06-08T12:55:00Z
4
value 0.36762
scoring_system epss
scoring_elements 0.97229
published_at 2026-06-04T12:55:00Z
5
value 0.36762
scoring_system epss
scoring_elements 0.97233
published_at 2026-06-05T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2018-1000156
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000156
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000156
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.8
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1564326
reference_id 1564326
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1564326
5
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=894993
reference_id 894993
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=894993
6
reference_url https://security.archlinux.org/ASA-201810-8
reference_id ASA-201810-8
reference_type
scores
url https://security.archlinux.org/ASA-201810-8
7
reference_url https://security.archlinux.org/ASA-201811-14
reference_id ASA-201811-14
reference_type
scores
url https://security.archlinux.org/ASA-201811-14
8
reference_url https://security.archlinux.org/AVG-619
reference_id AVG-619
reference_type
scores
0
value High
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-619
9
reference_url https://security.archlinux.org/AVG-808
reference_id AVG-808
reference_type
scores
0
value High
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-808
10
reference_url https://security.gentoo.org/glsa/201904-17
reference_id GLSA-201904-17
reference_type
scores
url https://security.gentoo.org/glsa/201904-17
11
reference_url https://access.redhat.com/errata/RHSA-2018:1199
reference_id RHSA-2018:1199
reference_type
scores
url https://access.redhat.com/errata/RHSA-2018:1199
12
reference_url https://access.redhat.com/errata/RHSA-2018:1200
reference_id RHSA-2018:1200
reference_type
scores
url https://access.redhat.com/errata/RHSA-2018:1200
13
reference_url https://access.redhat.com/errata/RHSA-2018:2091
reference_id RHSA-2018:2091
reference_type
scores
url https://access.redhat.com/errata/RHSA-2018:2091
14
reference_url https://access.redhat.com/errata/RHSA-2018:2092
reference_id RHSA-2018:2092
reference_type
scores
url https://access.redhat.com/errata/RHSA-2018:2092
15
reference_url https://access.redhat.com/errata/RHSA-2018:2093
reference_id RHSA-2018:2093
reference_type
scores
url https://access.redhat.com/errata/RHSA-2018:2093
16
reference_url https://access.redhat.com/errata/RHSA-2018:2094
reference_id RHSA-2018:2094
reference_type
scores
url https://access.redhat.com/errata/RHSA-2018:2094
17
reference_url https://access.redhat.com/errata/RHSA-2018:2095
reference_id RHSA-2018:2095
reference_type
scores
url https://access.redhat.com/errata/RHSA-2018:2095
18
reference_url https://access.redhat.com/errata/RHSA-2018:2096
reference_id RHSA-2018:2096
reference_type
scores
url https://access.redhat.com/errata/RHSA-2018:2096
19
reference_url https://access.redhat.com/errata/RHSA-2018:2097
reference_id RHSA-2018:2097
reference_type
scores
url https://access.redhat.com/errata/RHSA-2018:2097
20
reference_url https://usn.ubuntu.com/3624-1/
reference_id USN-3624-1
reference_type
scores
url https://usn.ubuntu.com/3624-1/
21
reference_url https://usn.ubuntu.com/3624-2/
reference_id USN-3624-2
reference_type
scores
url https://usn.ubuntu.com/3624-2/
fixed_packages
0
url pkg:apk/alpine/patch@2.7.6-r6?arch=aarch64&distroversion=v3.18&reponame=main
purl pkg:apk/alpine/patch@2.7.6-r6?arch=aarch64&distroversion=v3.18&reponame=main
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/patch@2.7.6-r6%3Farch=aarch64&distroversion=v3.18&reponame=main
aliases CVE-2018-1000156
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-fuan-yz1a-jbej
1
url VCID-mfsr-c5z2-hfh4
vulnerability_id VCID-mfsr-c5z2-hfh4
summary GNU patch through 2.7.6 is vulnerable to OS shell command injection that can be exploited by opening a crafted patch file that contains an ed style diff payload with shell metacharacters. The ed editor does not need to be present on the vulnerable system. This is different from CVE-2018-1000156.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-13638.json
reference_id
reference_type
scores
0
value 7.8
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-13638.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2019-13638
reference_id
reference_type
scores
0
value 0.0205
scoring_system epss
scoring_elements 0.84188
published_at 2026-06-04T12:55:00Z
1
value 0.0205
scoring_system epss
scoring_elements 0.84212
published_at 2026-06-05T12:55:00Z
2
value 0.0205
scoring_system epss
scoring_elements 0.84215
published_at 2026-06-06T12:55:00Z
3
value 0.0205
scoring_system epss
scoring_elements 0.84209
published_at 2026-06-07T12:55:00Z
4
value 0.0205
scoring_system epss
scoring_elements 0.84198
published_at 2026-06-08T12:55:00Z
5
value 0.0205
scoring_system epss
scoring_elements 0.8421
published_at 2026-06-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2019-13638
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20969
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20969
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13636
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13636
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13638
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13638
5
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.3
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
6
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1733916
reference_id 1733916
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1733916
7
reference_url https://security.gentoo.org/glsa/201908-22
reference_id GLSA-201908-22
reference_type
scores
url https://security.gentoo.org/glsa/201908-22
8
reference_url https://access.redhat.com/errata/RHSA-2019:2798
reference_id RHSA-2019:2798
reference_type
scores
url https://access.redhat.com/errata/RHSA-2019:2798
9
reference_url https://access.redhat.com/errata/RHSA-2019:2964
reference_id RHSA-2019:2964
reference_type
scores
url https://access.redhat.com/errata/RHSA-2019:2964
10
reference_url https://access.redhat.com/errata/RHSA-2019:3757
reference_id RHSA-2019:3757
reference_type
scores
url https://access.redhat.com/errata/RHSA-2019:3757
11
reference_url https://access.redhat.com/errata/RHSA-2019:3758
reference_id RHSA-2019:3758
reference_type
scores
url https://access.redhat.com/errata/RHSA-2019:3758
12
reference_url https://access.redhat.com/errata/RHSA-2019:4061
reference_id RHSA-2019:4061
reference_type
scores
url https://access.redhat.com/errata/RHSA-2019:4061
13
reference_url https://usn.ubuntu.com/4071-1/
reference_id USN-4071-1
reference_type
scores
url https://usn.ubuntu.com/4071-1/
14
reference_url https://usn.ubuntu.com/4071-2/
reference_id USN-4071-2
reference_type
scores
url https://usn.ubuntu.com/4071-2/
fixed_packages
0
url pkg:apk/alpine/patch@2.7.6-r6?arch=aarch64&distroversion=v3.18&reponame=main
purl pkg:apk/alpine/patch@2.7.6-r6?arch=aarch64&distroversion=v3.18&reponame=main
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/patch@2.7.6-r6%3Farch=aarch64&distroversion=v3.18&reponame=main
aliases CVE-2019-13638
risk_score 3.5
exploitability 0.5
weighted_severity 7.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-mfsr-c5z2-hfh4
2
url VCID-ycqe-xdf8-x3du
vulnerability_id VCID-ycqe-xdf8-x3du
summary do_ed_script in pch.c in GNU patch through 2.7.6 does not block strings beginning with a ! character. NOTE: this is the same commit as for CVE-2019-13638, but the ! syntax is specific to ed, and is unrelated to a shell metacharacter.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-20969.json
reference_id
reference_type
scores
0
value 7.8
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-20969.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2018-20969
reference_id
reference_type
scores
0
value 0.00364
scoring_system epss
scoring_elements 0.58773
published_at 2026-06-04T12:55:00Z
1
value 0.00364
scoring_system epss
scoring_elements 0.5882
published_at 2026-06-05T12:55:00Z
2
value 0.00364
scoring_system epss
scoring_elements 0.58825
published_at 2026-06-06T12:55:00Z
3
value 0.00364
scoring_system epss
scoring_elements 0.58817
published_at 2026-06-07T12:55:00Z
4
value 0.00364
scoring_system epss
scoring_elements 0.58802
published_at 2026-06-08T12:55:00Z
5
value 0.00364
scoring_system epss
scoring_elements 0.58818
published_at 2026-06-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2018-20969
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20969
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20969
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13636
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13636
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13638
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13638
5
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1746672
reference_id 1746672
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1746672
6
reference_url https://access.redhat.com/errata/RHSA-2019:2798
reference_id RHSA-2019:2798
reference_type
scores
url https://access.redhat.com/errata/RHSA-2019:2798
7
reference_url https://access.redhat.com/errata/RHSA-2019:2964
reference_id RHSA-2019:2964
reference_type
scores
url https://access.redhat.com/errata/RHSA-2019:2964
8
reference_url https://access.redhat.com/errata/RHSA-2019:3757
reference_id RHSA-2019:3757
reference_type
scores
url https://access.redhat.com/errata/RHSA-2019:3757
9
reference_url https://access.redhat.com/errata/RHSA-2019:3758
reference_id RHSA-2019:3758
reference_type
scores
url https://access.redhat.com/errata/RHSA-2019:3758
10
reference_url https://access.redhat.com/errata/RHSA-2019:4061
reference_id RHSA-2019:4061
reference_type
scores
url https://access.redhat.com/errata/RHSA-2019:4061
fixed_packages
0
url pkg:apk/alpine/patch@2.7.6-r6?arch=aarch64&distroversion=v3.18&reponame=main
purl pkg:apk/alpine/patch@2.7.6-r6?arch=aarch64&distroversion=v3.18&reponame=main
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/patch@2.7.6-r6%3Farch=aarch64&distroversion=v3.18&reponame=main
aliases CVE-2018-20969
risk_score 3.5
exploitability 0.5
weighted_severity 7.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ycqe-xdf8-x3du
Risk_scorenull
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:apk/alpine/patch@2.7.6-r6%3Farch=aarch64&distroversion=v3.18&reponame=main