Django REST framework

Lookup for vulnerable packages by Package URL.

Purl pkg:apk/alpine/squid@4.10-r0?arch=s390x&distroversion=v3.9&reponame=main

Type apk

Namespace alpine

Name squid

Version 4.10-r0

Qualifiers

arch	s390x
distroversion	v3.9
reponame	main

Subpath

Is_vulnerable false

Next_non_vulnerable_version 4.11-r0

Latest_non_vulnerable_version 4.13-r0

Affected_by_vulnerabilities

Fixing_vulnerabilities

url VCID-2wzr-qudp-a7ff

vulnerability_id VCID-2wzr-qudp-a7ff

summary An issue was discovered in Squid before 4.10. Due to incorrect input validation, the NTLM authentication credentials parser in ext_lm_group_acl may write to memory outside the credentials buffer. On systems with memory access protections, this can result in the helper process being terminated unexpectedly. This leads to the Squid process also terminating and a denial of service for all clients using the proxy.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-8517.json

reference_id

reference_type

scores

value	8.1
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-8517.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2020-8517

reference_id

reference_type

scores

value	0.00828
scoring_system	epss
scoring_elements	0.74874
published_at	2026-06-04T12:55:00Z

value	0.00828
scoring_system	epss
scoring_elements	0.74903
published_at	2026-06-05T12:55:00Z

value	0.00927
scoring_system	epss
scoring_elements	0.76479
published_at	2026-06-06T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2020-8517

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8517
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8517

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	8.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1798545
reference_id	1798545
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1798545

reference_url	https://security.gentoo.org/glsa/202003-34
reference_id	GLSA-202003-34
reference_type
scores
url	https://security.gentoo.org/glsa/202003-34

reference_url	https://usn.ubuntu.com/4289-1/
reference_id	USN-4289-1
reference_type
scores
url	https://usn.ubuntu.com/4289-1/

fixed_packages

url	pkg:apk/alpine/squid@4.10-r0?arch=s390x&distroversion=v3.9&reponame=main
purl	pkg:apk/alpine/squid@4.10-r0?arch=s390x&distroversion=v3.9&reponame=main
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/squid@4.10-r0%3Farch=s390x&distroversion=v3.9&reponame=main

aliases CVE-2020-8517

risk_score 3.6

exploitability 0.5

weighted_severity 7.3

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-2wzr-qudp-a7ff

url VCID-4yrg-ns3w-77af

vulnerability_id VCID-4yrg-ns3w-77af

summary An issue was discovered in Squid before 4.10. Due to incorrect buffer management, a remote client can cause a buffer overflow in a Squid instance acting as a reverse proxy.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-8450.json

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-8450.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2020-8450

reference_id

reference_type

scores

value	0.46309
scoring_system	epss
scoring_elements	0.97713
published_at	2026-06-04T12:55:00Z

value	0.46309
scoring_system	epss
scoring_elements	0.97717
published_at	2026-06-05T12:55:00Z

value	0.46309
scoring_system	epss
scoring_elements	0.97718
published_at	2026-06-06T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2020-8450

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12519
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12519

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12520
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12520

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12521
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12521

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12523
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12523

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12524
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12524

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12526
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12526

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12528
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12528

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18676
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18676

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18677
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18677

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18678
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18678

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18679
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18679

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11945
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11945

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8449
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8449

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8450
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8450

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	7.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1798552
reference_id	1798552
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1798552

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=950802
reference_id	950802
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=950802

reference_url	https://security.gentoo.org/glsa/202003-34
reference_id	GLSA-202003-34
reference_type
scores
url	https://security.gentoo.org/glsa/202003-34

reference_url	https://access.redhat.com/errata/RHSA-2020:4082
reference_id	RHSA-2020:4082
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:4082

reference_url	https://access.redhat.com/errata/RHSA-2020:4743
reference_id	RHSA-2020:4743
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:4743

reference_url	https://usn.ubuntu.com/4289-1/
reference_id	USN-4289-1
reference_type
scores
url	https://usn.ubuntu.com/4289-1/

fixed_packages

url	pkg:apk/alpine/squid@4.10-r0?arch=s390x&distroversion=v3.9&reponame=main
purl	pkg:apk/alpine/squid@4.10-r0?arch=s390x&distroversion=v3.9&reponame=main
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/squid@4.10-r0%3Farch=s390x&distroversion=v3.9&reponame=main

aliases CVE-2020-8450

risk_score 2.6

exploitability 0.5

weighted_severity 5.3

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-4yrg-ns3w-77af

url VCID-dydn-mqw1-g7at

vulnerability_id VCID-dydn-mqw1-g7at

summary An issue was discovered in Squid before 4.10. It allows a crafted FTP server to trigger disclosure of sensitive information from heap memory, such as information associated with other users' sessions or non-Squid processes.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-12528.json

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-12528.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2019-12528

reference_id

reference_type

scores

value	0.23648
scoring_system	epss
scoring_elements	0.9609
published_at	2026-06-04T12:55:00Z

value	0.23648
scoring_system	epss
scoring_elements	0.96095
published_at	2026-06-05T12:55:00Z

value	0.23648
scoring_system	epss
scoring_elements	0.96098
published_at	2026-06-06T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2019-12528

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12519
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12519

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12520
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12520

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12521
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12521

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12523
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12523

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12524
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12524

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12526
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12526

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12528
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12528

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18676
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18676

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18677
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18677

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18678
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18678

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18679
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18679

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11945
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11945

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8449
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8449

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8450
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8450

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1798534
reference_id	1798534
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1798534

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=950925
reference_id	950925
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=950925

reference_url	https://security.gentoo.org/glsa/202003-34
reference_id	GLSA-202003-34
reference_type
scores
url	https://security.gentoo.org/glsa/202003-34

reference_url	https://access.redhat.com/errata/RHSA-2020:4082
reference_id	RHSA-2020:4082
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:4082

reference_url	https://access.redhat.com/errata/RHSA-2020:4743
reference_id	RHSA-2020:4743
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:4743

reference_url	https://usn.ubuntu.com/4289-1/
reference_id	USN-4289-1
reference_type
scores
url	https://usn.ubuntu.com/4289-1/

fixed_packages

url	pkg:apk/alpine/squid@4.10-r0?arch=s390x&distroversion=v3.9&reponame=main
purl	pkg:apk/alpine/squid@4.10-r0?arch=s390x&distroversion=v3.9&reponame=main
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/squid@4.10-r0%3Farch=s390x&distroversion=v3.9&reponame=main

aliases CVE-2019-12528

risk_score 2.6

exploitability 0.5

weighted_severity 5.3

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-dydn-mqw1-g7at

url VCID-gytn-z913-ubht

vulnerability_id VCID-gytn-z913-ubht

summary An issue was discovered in Squid before 4.10. Due to incorrect input validation, it can interpret crafted HTTP requests in unexpected ways to access server resources prohibited by earlier security filters.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-8449.json

reference_id

reference_type

scores

value	4.8
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-8449.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2020-8449

reference_id

reference_type

scores

value	0.03964
scoring_system	epss
scoring_elements	0.88578
published_at	2026-06-04T12:55:00Z

value	0.03964
scoring_system	epss
scoring_elements	0.88596
published_at	2026-06-05T12:55:00Z

value	0.03964
scoring_system	epss
scoring_elements	0.88598
published_at	2026-06-06T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2020-8449

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12519
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12519

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12520
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12520

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12521
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12521

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12523
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12523

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12524
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12524

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12526
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12526

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12528
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12528

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18676
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18676

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18677
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18677

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18678
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18678

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18679
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18679

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11945
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11945

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8449
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8449

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8450
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8450

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1798540
reference_id	1798540
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1798540

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=950802
reference_id	950802
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=950802

reference_url	https://security.gentoo.org/glsa/202003-34
reference_id	GLSA-202003-34
reference_type
scores
url	https://security.gentoo.org/glsa/202003-34

reference_url	https://access.redhat.com/errata/RHSA-2020:4082
reference_id	RHSA-2020:4082
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:4082

reference_url	https://access.redhat.com/errata/RHSA-2020:4743
reference_id	RHSA-2020:4743
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:4743

reference_url	https://usn.ubuntu.com/4289-1/
reference_id	USN-4289-1
reference_type
scores
url	https://usn.ubuntu.com/4289-1/

fixed_packages

url	pkg:apk/alpine/squid@4.10-r0?arch=s390x&distroversion=v3.9&reponame=main
purl	pkg:apk/alpine/squid@4.10-r0?arch=s390x&distroversion=v3.9&reponame=main
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/squid@4.10-r0%3Farch=s390x&distroversion=v3.9&reponame=main

aliases CVE-2020-8449

risk_score 2.1

exploitability 0.5

weighted_severity 4.3

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-gytn-z913-ubht

Risk_score null

Resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/squid@4.10-r0%3Farch=s390x&distroversion=v3.9&reponame=main

Package Instance