Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:apk/alpine/libmad@0.15.1b-r9?arch=riscv64&distroversion=v3.22&reponame=community
Typeapk
Namespacealpine
Namelibmad
Version0.15.1b-r9
Qualifiers
arch riscv64
distroversion v3.22
reponame community
Subpath
Is_vulnerablefalse
Next_non_vulnerable_versionnull
Latest_non_vulnerable_versionnull
Affected_by_vulnerabilities
Fixing_vulnerabilities
0
url VCID-fz8c-d5p7-4bg4
vulnerability_id VCID-fz8c-d5p7-4bg4
summary The mad_layer_III function in layer3.c in Underbit MAD libmad 0.15.1b, if NDEBUG is omitted, allows remote attackers to cause a denial of service (assertion failure and application exit) via a crafted audio file.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2017-8372
reference_id
reference_type
scores
0
value 0.00381
scoring_system epss
scoring_elements 0.59868
published_at 2026-06-06T12:55:00Z
1
value 0.00381
scoring_system epss
scoring_elements 0.59858
published_at 2026-06-09T12:55:00Z
2
value 0.00381
scoring_system epss
scoring_elements 0.59865
published_at 2026-06-05T12:55:00Z
3
value 0.00381
scoring_system epss
scoring_elements 0.59814
published_at 2026-06-04T12:55:00Z
4
value 0.00381
scoring_system epss
scoring_elements 0.59859
published_at 2026-06-07T12:55:00Z
5
value 0.00381
scoring_system epss
scoring_elements 0.5984
published_at 2026-06-08T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2017-8372
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-8372
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-8372
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-8373
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-8373
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-8374
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-8374
4
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 3.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
5
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=287519
reference_id 287519
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=287519
fixed_packages
0
url pkg:apk/alpine/libmad@0.15.1b-r9?arch=riscv64&distroversion=v3.22&reponame=community
purl pkg:apk/alpine/libmad@0.15.1b-r9?arch=riscv64&distroversion=v3.22&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/libmad@0.15.1b-r9%3Farch=riscv64&distroversion=v3.22&reponame=community
aliases CVE-2017-8372
risk_score 0.8
exploitability 0.5
weighted_severity 1.6
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-fz8c-d5p7-4bg4
1
url VCID-kjbg-h1r6-7bbe
vulnerability_id VCID-kjbg-h1r6-7bbe
summary The mad_layer_III function in layer3.c in Underbit MAD libmad 0.15.1b allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted audio file.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2017-8373
reference_id
reference_type
scores
0
value 0.00342
scoring_system epss
scoring_elements 0.57159
published_at 2026-06-06T12:55:00Z
1
value 0.00342
scoring_system epss
scoring_elements 0.5715
published_at 2026-06-09T12:55:00Z
2
value 0.00342
scoring_system epss
scoring_elements 0.57151
published_at 2026-06-05T12:55:00Z
3
value 0.00342
scoring_system epss
scoring_elements 0.57099
published_at 2026-06-04T12:55:00Z
4
value 0.00342
scoring_system epss
scoring_elements 0.57147
published_at 2026-06-07T12:55:00Z
5
value 0.00342
scoring_system epss
scoring_elements 0.57132
published_at 2026-06-08T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2017-8373
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-8372
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-8372
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-8373
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-8373
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-8374
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-8374
4
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
5
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=287519
reference_id 287519
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=287519
fixed_packages
0
url pkg:apk/alpine/libmad@0.15.1b-r9?arch=riscv64&distroversion=v3.22&reponame=community
purl pkg:apk/alpine/libmad@0.15.1b-r9?arch=riscv64&distroversion=v3.22&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/libmad@0.15.1b-r9%3Farch=riscv64&distroversion=v3.22&reponame=community
aliases CVE-2017-8373
risk_score 1.9
exploitability 0.5
weighted_severity 3.9
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-kjbg-h1r6-7bbe
2
url VCID-msng-1e9j-8qav
vulnerability_id VCID-msng-1e9j-8qav
summary mpg321.c in mpg321 0.3.2-1 does not properly manage memory for use with libmad 0.15.1b, which allows remote attackers to cause a denial of service (memory corruption seen in a crash in the mad_decoder_run function in decoder.c in libmad) via a crafted MP3 file.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2017-11552
reference_id
reference_type
scores
0
value 0.0875
scoring_system epss
scoring_elements 0.92654
published_at 2026-06-04T12:55:00Z
1
value 0.0875
scoring_system epss
scoring_elements 0.92666
published_at 2026-06-05T12:55:00Z
2
value 0.0875
scoring_system epss
scoring_elements 0.92663
published_at 2026-06-06T12:55:00Z
3
value 0.0875
scoring_system epss
scoring_elements 0.92658
published_at 2026-06-07T12:55:00Z
4
value 0.0875
scoring_system epss
scoring_elements 0.92656
published_at 2026-06-08T12:55:00Z
5
value 0.0875
scoring_system epss
scoring_elements 0.92674
published_at 2026-06-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2017-11552
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11552
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11552
2
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=870406
reference_id 870406
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=870406
3
reference_url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/dos/42409.txt
reference_id CVE-2017-11552
reference_type exploit
scores
url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/dos/42409.txt
fixed_packages
0
url pkg:apk/alpine/libmad@0.15.1b-r9?arch=riscv64&distroversion=v3.22&reponame=community
purl pkg:apk/alpine/libmad@0.15.1b-r9?arch=riscv64&distroversion=v3.22&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/libmad@0.15.1b-r9%3Farch=riscv64&distroversion=v3.22&reponame=community
aliases CVE-2017-11552
risk_score 0.2
exploitability 2.0
weighted_severity 0.1
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-msng-1e9j-8qav
3
url VCID-ut89-5ny1-5ya5
vulnerability_id VCID-ut89-5ny1-5ya5
summary The mad_bit_skip function in bit.c in Underbit MAD libmad 0.15.1b allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted audio file.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2017-8374
reference_id
reference_type
scores
0
value 0.00208
scoring_system epss
scoring_elements 0.43226
published_at 2026-06-04T12:55:00Z
1
value 0.00208
scoring_system epss
scoring_elements 0.43299
published_at 2026-06-05T12:55:00Z
2
value 0.00208
scoring_system epss
scoring_elements 0.43308
published_at 2026-06-06T12:55:00Z
3
value 0.00208
scoring_system epss
scoring_elements 0.43284
published_at 2026-06-07T12:55:00Z
4
value 0.00208
scoring_system epss
scoring_elements 0.4325
published_at 2026-06-08T12:55:00Z
5
value 0.00208
scoring_system epss
scoring_elements 0.43259
published_at 2026-06-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2017-8374
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-8372
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-8372
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-8373
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-8373
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-8374
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-8374
fixed_packages
0
url pkg:apk/alpine/libmad@0.15.1b-r9?arch=riscv64&distroversion=v3.22&reponame=community
purl pkg:apk/alpine/libmad@0.15.1b-r9?arch=riscv64&distroversion=v3.22&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/libmad@0.15.1b-r9%3Farch=riscv64&distroversion=v3.22&reponame=community
aliases CVE-2017-8374
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ut89-5ny1-5ya5
4
url VCID-w7mu-88g6-b3hm
vulnerability_id VCID-w7mu-88g6-b3hm
summary libmad: Double-free in the mad_decoder_run() function
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-7263.json
reference_id
reference_type
scores
0
value 3.3
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-7263.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2018-7263
reference_id
reference_type
scores
0
value 0.00503
scoring_system epss
scoring_elements 0.66452
published_at 2026-06-04T12:55:00Z
1
value 0.00503
scoring_system epss
scoring_elements 0.66493
published_at 2026-06-05T12:55:00Z
2
value 0.00503
scoring_system epss
scoring_elements 0.66501
published_at 2026-06-06T12:55:00Z
3
value 0.00503
scoring_system epss
scoring_elements 0.66485
published_at 2026-06-07T12:55:00Z
4
value 0.00503
scoring_system epss
scoring_elements 0.66471
published_at 2026-06-08T12:55:00Z
5
value 0.00503
scoring_system epss
scoring_elements 0.66488
published_at 2026-06-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2018-7263
2
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1547504
reference_id 1547504
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1547504
3
reference_url https://access.redhat.com/errata/RHSA-2020:1631
reference_id RHSA-2020:1631
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:1631
fixed_packages
0
url pkg:apk/alpine/libmad@0.15.1b-r9?arch=riscv64&distroversion=v3.22&reponame=community
purl pkg:apk/alpine/libmad@0.15.1b-r9?arch=riscv64&distroversion=v3.22&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/libmad@0.15.1b-r9%3Farch=riscv64&distroversion=v3.22&reponame=community
aliases CVE-2018-7263
risk_score 1.5
exploitability 0.5
weighted_severity 3.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-w7mu-88g6-b3hm
Risk_scorenull
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:apk/alpine/libmad@0.15.1b-r9%3Farch=riscv64&distroversion=v3.22&reponame=community