Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:apk/alpine/exim@4.96.1-r0?arch=x86&distroversion=v3.21&reponame=community
Typeapk
Namespacealpine
Nameexim
Version4.96.1-r0
Qualifiers
arch x86
distroversion v3.21
reponame community
Subpath
Is_vulnerablefalse
Next_non_vulnerable_version4.96.2-r0
Latest_non_vulnerable_version4.98.2-r0
Affected_by_vulnerabilities
Fixing_vulnerabilities
0
url VCID-2n9w-rkyw-pfda
vulnerability_id VCID-2n9w-rkyw-pfda
summary Exim SMTP Challenge Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Exim. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of NTLM challenge requests. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of the service account. . Was ZDI-CAN-17515.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-42116.json
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-42116.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2023-42116
reference_id
reference_type
scores
0
value 0.06734
scoring_system epss
scoring_elements 0.91464
published_at 2026-06-09T12:55:00Z
1
value 0.06734
scoring_system epss
scoring_elements 0.91453
published_at 2026-06-07T12:55:00Z
2
value 0.06734
scoring_system epss
scoring_elements 0.9145
published_at 2026-06-08T12:55:00Z
3
value 0.06734
scoring_system epss
scoring_elements 0.91454
published_at 2026-06-05T12:55:00Z
4
value 0.06734
scoring_system epss
scoring_elements 0.91456
published_at 2026-06-06T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2023-42116
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-42114
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-42114
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-42115
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-42115
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-42116
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-42116
5
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2241528
reference_id 2241528
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2241528
6
reference_url https://security.gentoo.org/glsa/202402-18
reference_id GLSA-202402-18
reference_type
scores
url https://security.gentoo.org/glsa/202402-18
7
reference_url https://usn.ubuntu.com/6411-1/
reference_id USN-6411-1
reference_type
scores
url https://usn.ubuntu.com/6411-1/
8
reference_url https://www.zerodayinitiative.com/advisories/ZDI-23-1470/
reference_id ZDI-23-1470
reference_type
scores
0
value 8.1
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-07-05T15:02:42Z/
url https://www.zerodayinitiative.com/advisories/ZDI-23-1470/
fixed_packages
0
url pkg:apk/alpine/exim@4.96.1-r0?arch=x86&distroversion=v3.21&reponame=community
purl pkg:apk/alpine/exim@4.96.1-r0?arch=x86&distroversion=v3.21&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/exim@4.96.1-r0%3Farch=x86&distroversion=v3.21&reponame=community
aliases CVE-2023-42116
risk_score 3.6
exploitability 0.5
weighted_severity 7.3
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-2n9w-rkyw-pfda
1
url VCID-qnj2-skmg-jyct
vulnerability_id VCID-qnj2-skmg-jyct
summary Exim AUTH Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Exim. Authentication is not required to exploit this vulnerability. The specific flaw exists within the smtp service, which listens on TCP port 25 by default. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of a buffer. An attacker can leverage this vulnerability to execute code in the context of the service account. . Was ZDI-CAN-17434.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-42115.json
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-42115.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2023-42115
reference_id
reference_type
scores
0
value 0.65812
scoring_system epss
scoring_elements 0.98525
published_at 2026-06-09T12:55:00Z
1
value 0.65812
scoring_system epss
scoring_elements 0.98526
published_at 2026-06-08T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2023-42115
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-42114
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-42114
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-42115
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-42115
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-42116
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-42116
5
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2241525
reference_id 2241525
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2241525
6
reference_url https://security.gentoo.org/glsa/202402-18
reference_id GLSA-202402-18
reference_type
scores
url https://security.gentoo.org/glsa/202402-18
7
reference_url https://usn.ubuntu.com/6411-1/
reference_id USN-6411-1
reference_type
scores
url https://usn.ubuntu.com/6411-1/
8
reference_url https://www.zerodayinitiative.com/advisories/ZDI-23-1469/
reference_id ZDI-23-1469
reference_type
scores
0
value 9.8
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2024-09-20T19:32:20Z/
url https://www.zerodayinitiative.com/advisories/ZDI-23-1469/
fixed_packages
0
url pkg:apk/alpine/exim@4.96.1-r0?arch=x86&distroversion=v3.21&reponame=community
purl pkg:apk/alpine/exim@4.96.1-r0?arch=x86&distroversion=v3.21&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/exim@4.96.1-r0%3Farch=x86&distroversion=v3.21&reponame=community
aliases CVE-2023-42115
risk_score 4.4
exploitability 0.5
weighted_severity 8.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-qnj2-skmg-jyct
2
url VCID-x3kg-j8ew-zkay
vulnerability_id VCID-x3kg-j8ew-zkay
summary Exim NTLM Challenge Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Exim. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of NTLM challenge requests. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated data structure. An attacker can leverage this vulnerability to disclose information in the context of the service account. . Was ZDI-CAN-17433.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-42114.json
reference_id
reference_type
scores
0
value 3.7
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-42114.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2023-42114
reference_id
reference_type
scores
0
value 0.13895
scoring_system epss
scoring_elements 0.9446
published_at 2026-06-09T12:55:00Z
1
value 0.13895
scoring_system epss
scoring_elements 0.94455
published_at 2026-06-07T12:55:00Z
2
value 0.13895
scoring_system epss
scoring_elements 0.94456
published_at 2026-06-08T12:55:00Z
3
value 0.13895
scoring_system epss
scoring_elements 0.94451
published_at 2026-06-05T12:55:00Z
4
value 0.13895
scoring_system epss
scoring_elements 0.94453
published_at 2026-06-06T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2023-42114
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-42114
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-42114
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-42115
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-42115
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-42116
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-42116
5
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2241538
reference_id 2241538
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2241538
6
reference_url https://security.gentoo.org/glsa/202402-18
reference_id GLSA-202402-18
reference_type
scores
url https://security.gentoo.org/glsa/202402-18
7
reference_url https://usn.ubuntu.com/6411-1/
reference_id USN-6411-1
reference_type
scores
url https://usn.ubuntu.com/6411-1/
8
reference_url https://www.zerodayinitiative.com/advisories/ZDI-23-1468/
reference_id ZDI-23-1468
reference_type
scores
0
value 3.7
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-03T17:07:34Z/
url https://www.zerodayinitiative.com/advisories/ZDI-23-1468/
fixed_packages
0
url pkg:apk/alpine/exim@4.96.1-r0?arch=x86&distroversion=v3.21&reponame=community
purl pkg:apk/alpine/exim@4.96.1-r0?arch=x86&distroversion=v3.21&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/exim@4.96.1-r0%3Farch=x86&distroversion=v3.21&reponame=community
aliases CVE-2023-42114
risk_score 1.6
exploitability 0.5
weighted_severity 3.3
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-x3kg-j8ew-zkay
Risk_scorenull
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:apk/alpine/exim@4.96.1-r0%3Farch=x86&distroversion=v3.21&reponame=community