Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:apk/alpine/squid@3.5.27-r2?arch=x86&distroversion=v3.18&reponame=main
Typeapk
Namespacealpine
Namesquid
Version3.5.27-r2
Qualifiers
arch x86
distroversion v3.18
reponame main
Subpath
Is_vulnerablefalse
Next_non_vulnerable_version4.8-r0
Latest_non_vulnerable_version5.2-r0
Affected_by_vulnerabilities
Fixing_vulnerabilities
0
url VCID-482d-pvjx-aya1
vulnerability_id VCID-482d-pvjx-aya1
summary This vulnerability allows remote attackers to deny service on vulnerable installations of The Squid Software Foundation Squid 3.5.27-20180318. Authentication is not required to exploit this vulnerability. The specific flaw exists within ClientRequestContext::sslBumpAccessCheck(). A crafted request can trigger the dereference of a null pointer. An attacker can leverage this vulnerability to create a denial-of-service condition to users of the system. Was ZDI-CAN-6088.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-1172.json
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-1172.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2018-1172
reference_id
reference_type
scores
0
value 0.08729
scoring_system epss
scoring_elements 0.92643
published_at 2026-06-04T12:55:00Z
1
value 0.08729
scoring_system epss
scoring_elements 0.92655
published_at 2026-06-05T12:55:00Z
2
value 0.08729
scoring_system epss
scoring_elements 0.92645
published_at 2026-06-08T12:55:00Z
3
value 0.08729
scoring_system epss
scoring_elements 0.92651
published_at 2026-06-06T12:55:00Z
4
value 0.08729
scoring_system epss
scoring_elements 0.92647
published_at 2026-06-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2018-1172
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1172
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1172
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1569424
reference_id 1569424
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1569424
fixed_packages
0
url pkg:apk/alpine/squid@3.5.27-r2?arch=x86&distroversion=v3.18&reponame=main
purl pkg:apk/alpine/squid@3.5.27-r2?arch=x86&distroversion=v3.18&reponame=main
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/squid@3.5.27-r2%3Farch=x86&distroversion=v3.18&reponame=main
aliases CVE-2018-1172
risk_score 2.6
exploitability 0.5
weighted_severity 5.3
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-482d-pvjx-aya1
1
url VCID-kks8-56y6-6kew
vulnerability_id VCID-kks8-56y6-6kew
summary The Squid Software Foundation Squid HTTP Caching Proxy version 3.0 to 3.5.27, 4.0 to 4.0.22 contains a Incorrect Pointer Handling vulnerability in ESI Response Processing that can result in Denial of Service for all clients using the proxy.. This attack appear to be exploitable via Remote server delivers an HTTP response payload containing valid but unusual ESI syntax.. This vulnerability appears to have been fixed in 4.0.23 and later.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-1000024.json
reference_id
reference_type
scores
0
value 7.4
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-1000024.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2018-1000024
reference_id
reference_type
scores
0
value 0.09177
scoring_system epss
scoring_elements 0.92842
published_at 2026-06-04T12:55:00Z
1
value 0.09177
scoring_system epss
scoring_elements 0.92854
published_at 2026-06-05T12:55:00Z
2
value 0.09177
scoring_system epss
scoring_elements 0.92844
published_at 2026-06-08T12:55:00Z
3
value 0.09177
scoring_system epss
scoring_elements 0.9285
published_at 2026-06-06T12:55:00Z
4
value 0.09177
scoring_system epss
scoring_elements 0.92846
published_at 2026-06-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2018-1000024
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000024
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000024
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000027
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000027
4
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
5
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1536939
reference_id 1536939
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1536939
6
reference_url https://access.redhat.com/errata/RHSA-2020:1068
reference_id RHSA-2020:1068
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:1068
7
reference_url https://usn.ubuntu.com/3557-1/
reference_id USN-3557-1
reference_type
scores
url https://usn.ubuntu.com/3557-1/
8
reference_url https://usn.ubuntu.com/4059-2/
reference_id USN-4059-2
reference_type
scores
url https://usn.ubuntu.com/4059-2/
fixed_packages
0
url pkg:apk/alpine/squid@3.5.27-r2?arch=x86&distroversion=v3.18&reponame=main
purl pkg:apk/alpine/squid@3.5.27-r2?arch=x86&distroversion=v3.18&reponame=main
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/squid@3.5.27-r2%3Farch=x86&distroversion=v3.18&reponame=main
aliases CVE-2018-1000024
risk_score 3.4
exploitability 0.5
weighted_severity 6.7
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-kks8-56y6-6kew
2
url VCID-vtfj-m8fv-67fz
vulnerability_id VCID-vtfj-m8fv-67fz
summary The Squid Software Foundation Squid HTTP Caching Proxy version prior to version 4.0.23 contains a NULL Pointer Dereference vulnerability in HTTP Response X-Forwarded-For header processing that can result in Denial of Service to all clients of the proxy. This attack appear to be exploitable via Remote HTTP server responding with an X-Forwarded-For header to certain types of HTTP request. This vulnerability appears to have been fixed in 4.0.23 and later.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-1000027.json
reference_id
reference_type
scores
0
value 6.8
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-1000027.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2018-1000027
reference_id
reference_type
scores
0
value 0.65998
scoring_system epss
scoring_elements 0.9853
published_at 2026-06-04T12:55:00Z
1
value 0.65998
scoring_system epss
scoring_elements 0.98533
published_at 2026-06-08T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2018-1000027
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000024
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000024
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000027
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000027
4
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
5
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1536942
reference_id 1536942
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1536942
6
reference_url https://access.redhat.com/errata/RHSA-2020:1068
reference_id RHSA-2020:1068
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:1068
7
reference_url https://usn.ubuntu.com/3557-1/
reference_id USN-3557-1
reference_type
scores
url https://usn.ubuntu.com/3557-1/
8
reference_url https://usn.ubuntu.com/4059-2/
reference_id USN-4059-2
reference_type
scores
url https://usn.ubuntu.com/4059-2/
fixed_packages
0
url pkg:apk/alpine/squid@3.5.27-r2?arch=x86&distroversion=v3.18&reponame=main
purl pkg:apk/alpine/squid@3.5.27-r2?arch=x86&distroversion=v3.18&reponame=main
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/squid@3.5.27-r2%3Farch=x86&distroversion=v3.18&reponame=main
aliases CVE-2018-1000027
risk_score 3.0
exploitability 0.5
weighted_severity 6.1
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-vtfj-m8fv-67fz
Risk_scorenull
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:apk/alpine/squid@3.5.27-r2%3Farch=x86&distroversion=v3.18&reponame=main