Django REST framework

Lookup for vulnerable packages by Package URL.

Purl pkg:apk/alpine/nikto@2.1.6-r2?arch=ppc64le&distroversion=v3.23&reponame=community

Type apk

Namespace alpine

Name nikto

Version 2.1.6-r2

Qualifiers

arch	ppc64le
distroversion	v3.23
reponame	community

Subpath

Is_vulnerable false

Next_non_vulnerable_version null

Latest_non_vulnerable_version null

Affected_by_vulnerabilities

Fixing_vulnerabilities

url VCID-6212-y43h-nygk

vulnerability_id VCID-6212-y43h-nygk

summary CSV Injection vulnerability in Nikto 2.1.6 and earlier allows remote attackers to inject arbitrary OS commands via the Server field in an HTTP response header, which is directly injected into a CSV report.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2018-11652

reference_id

reference_type

scores

value	0.33586
scoring_system	epss
scoring_elements	0.97027
published_at	2026-06-04T12:55:00Z

value	0.33586
scoring_system	epss
scoring_elements	0.9703
published_at	2026-06-05T12:55:00Z

value	0.33586
scoring_system	epss
scoring_elements	0.97032
published_at	2026-06-06T12:55:00Z

value	0.33586
scoring_system	epss
scoring_elements	0.97034
published_at	2026-06-08T12:55:00Z

value	0.33586
scoring_system	epss
scoring_elements	0.97038
published_at	2026-06-09T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2018-11652

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-11652
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-11652

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=900608
reference_id	900608
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=900608

reference_url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/local/44899.txt
reference_id	CVE-2018-11652
reference_type	exploit
scores
url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/local/44899.txt

fixed_packages

url	pkg:apk/alpine/nikto@2.1.6-r2?arch=ppc64le&distroversion=v3.23&reponame=community
purl	pkg:apk/alpine/nikto@2.1.6-r2?arch=ppc64le&distroversion=v3.23&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/nikto@2.1.6-r2%3Farch=ppc64le&distroversion=v3.23&reponame=community

aliases CVE-2018-11652

risk_score 0.6

exploitability 2.0

weighted_severity 0.3

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-6212-y43h-nygk

Risk_score null

Resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/nikto@2.1.6-r2%3Farch=ppc64le&distroversion=v3.23&reponame=community

Package Instance