Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:apk/alpine/cacti@1.2.26-r0?arch=aarch64&distroversion=edge&reponame=community
Typeapk
Namespacealpine
Namecacti
Version1.2.26-r0
Qualifiers
arch aarch64
distroversion edge
reponame community
Subpath
Is_vulnerablefalse
Next_non_vulnerable_version1.2.27-r0
Latest_non_vulnerable_version1.2.29-r0
Affected_by_vulnerabilities
Fixing_vulnerabilities
0
url VCID-8max-2avj-hkdt
vulnerability_id VCID-8max-2avj-hkdt
summary Cacti provides an operational monitoring and fault management framework. Version 1.2.25 has a Blind SQL Injection (SQLi) vulnerability within the SNMP Notification Receivers feature in the file `‘managers.php’`. An authenticated attacker with the “Settings/Utilities” permission can send a crafted HTTP GET request to the endpoint `‘/cacti/managers.php’` with an SQLi payload in the `‘selected_graphs_array’` HTTP GET parameter. As of time of publication, no patched versions exist.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2023-51448
reference_id
reference_type
scores
0
value 0.32076
scoring_system epss
scoring_elements 0.96804
published_at 2026-04-02T12:55:00Z
1
value 0.32076
scoring_system epss
scoring_elements 0.96806
published_at 2026-04-04T12:55:00Z
2
value 0.32076
scoring_system epss
scoring_elements 0.96809
published_at 2026-04-07T12:55:00Z
3
value 0.32076
scoring_system epss
scoring_elements 0.96817
published_at 2026-04-08T12:55:00Z
4
value 0.32076
scoring_system epss
scoring_elements 0.96818
published_at 2026-04-09T12:55:00Z
5
value 0.32076
scoring_system epss
scoring_elements 0.9682
published_at 2026-04-11T12:55:00Z
6
value 0.32076
scoring_system epss
scoring_elements 0.96821
published_at 2026-04-12T12:55:00Z
7
value 0.32076
scoring_system epss
scoring_elements 0.96822
published_at 2026-04-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2023-51448
fixed_packages
0
url pkg:apk/alpine/cacti@1.2.26-r0?arch=aarch64&distroversion=edge&reponame=community
purl pkg:apk/alpine/cacti@1.2.26-r0?arch=aarch64&distroversion=edge&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/cacti@1.2.26-r0%3Farch=aarch64&distroversion=edge&reponame=community
aliases CVE-2023-51448
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-8max-2avj-hkdt
1
url VCID-ay5a-nkmf-5yar
vulnerability_id VCID-ay5a-nkmf-5yar
summary security update
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2023-49086
reference_id
reference_type
scores
0
value 0.00949
scoring_system epss
scoring_elements 0.76305
published_at 2026-04-02T12:55:00Z
1
value 0.00949
scoring_system epss
scoring_elements 0.76335
published_at 2026-04-04T12:55:00Z
2
value 0.00949
scoring_system epss
scoring_elements 0.76314
published_at 2026-04-07T12:55:00Z
3
value 0.00949
scoring_system epss
scoring_elements 0.76347
published_at 2026-04-08T12:55:00Z
4
value 0.00949
scoring_system epss
scoring_elements 0.76361
published_at 2026-04-09T12:55:00Z
5
value 0.00949
scoring_system epss
scoring_elements 0.76387
published_at 2026-04-11T12:55:00Z
6
value 0.00949
scoring_system epss
scoring_elements 0.76365
published_at 2026-04-12T12:55:00Z
7
value 0.00949
scoring_system epss
scoring_elements 0.7636
published_at 2026-04-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2023-49086
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39360
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39360
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39513
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39513
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-49084
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-49084
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-49085
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-49085
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-49086
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-49086
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-49088
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-49088
7
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1059254
reference_id 1059254
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1059254
fixed_packages
0
url pkg:apk/alpine/cacti@1.2.26-r0?arch=aarch64&distroversion=edge&reponame=community
purl pkg:apk/alpine/cacti@1.2.26-r0?arch=aarch64&distroversion=edge&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/cacti@1.2.26-r0%3Farch=aarch64&distroversion=edge&reponame=community
aliases CVE-2023-49086
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ay5a-nkmf-5yar
2
url VCID-d7db-n89n-qyd8
vulnerability_id VCID-d7db-n89n-qyd8
summary security update
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2023-49084
reference_id
reference_type
scores
0
value 0.88341
scoring_system epss
scoring_elements 0.99488
published_at 2026-04-02T12:55:00Z
1
value 0.88341
scoring_system epss
scoring_elements 0.9949
published_at 2026-04-04T12:55:00Z
2
value 0.88341
scoring_system epss
scoring_elements 0.99492
published_at 2026-04-07T12:55:00Z
3
value 0.88341
scoring_system epss
scoring_elements 0.99493
published_at 2026-04-08T12:55:00Z
4
value 0.88341
scoring_system epss
scoring_elements 0.99494
published_at 2026-04-09T12:55:00Z
5
value 0.88341
scoring_system epss
scoring_elements 0.99495
published_at 2026-04-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2023-49084
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39360
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39360
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39513
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39513
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-49084
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-49084
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-49085
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-49085
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-49086
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-49086
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-49088
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-49088
7
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1059254
reference_id 1059254
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1059254
fixed_packages
0
url pkg:apk/alpine/cacti@1.2.26-r0?arch=aarch64&distroversion=edge&reponame=community
purl pkg:apk/alpine/cacti@1.2.26-r0?arch=aarch64&distroversion=edge&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/cacti@1.2.26-r0%3Farch=aarch64&distroversion=edge&reponame=community
aliases CVE-2023-49084
risk_score 1.6
exploitability 2.0
weighted_severity 0.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-d7db-n89n-qyd8
3
url VCID-h3qa-svy4-1fcr
vulnerability_id VCID-h3qa-svy4-1fcr
summary security update
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2023-49085
reference_id
reference_type
scores
0
value 0.91404
scoring_system epss
scoring_elements 0.99656
published_at 2026-04-02T12:55:00Z
1
value 0.91404
scoring_system epss
scoring_elements 0.99658
published_at 2026-04-04T12:55:00Z
2
value 0.91404
scoring_system epss
scoring_elements 0.99659
published_at 2026-04-07T12:55:00Z
3
value 0.91404
scoring_system epss
scoring_elements 0.9966
published_at 2026-04-09T12:55:00Z
4
value 0.91404
scoring_system epss
scoring_elements 0.99661
published_at 2026-04-12T12:55:00Z
5
value 0.91404
scoring_system epss
scoring_elements 0.99662
published_at 2026-04-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2023-49085
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39360
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39360
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39513
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39513
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-49084
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-49084
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-49085
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-49085
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-49086
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-49086
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-49088
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-49088
fixed_packages
0
url pkg:apk/alpine/cacti@1.2.26-r0?arch=aarch64&distroversion=edge&reponame=community
purl pkg:apk/alpine/cacti@1.2.26-r0?arch=aarch64&distroversion=edge&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/cacti@1.2.26-r0%3Farch=aarch64&distroversion=edge&reponame=community
aliases CVE-2023-49085
risk_score 1.6
exploitability 2.0
weighted_severity 0.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-h3qa-svy4-1fcr
4
url VCID-mwbm-aphc-akgu
vulnerability_id VCID-mwbm-aphc-akgu
summary Cacti is an open source operational monitoring and fault management framework. A reflection cross-site scripting vulnerability was discovered in version 1.2.25. Attackers can exploit this vulnerability to perform actions on behalf of other users. The vulnerability is found in `templates_import.php.` When uploading an xml template file, if the XML file does not pass the check, the server will give a JavaScript pop-up prompt, which contains unfiltered xml template file name, resulting in XSS. An attacker exploiting this vulnerability could execute actions on behalf of other users. This ability to impersonate users could lead to unauthorized changes to settings. As of time of publication, no patched versions are available.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2023-50250
reference_id
reference_type
scores
0
value 0.02686
scoring_system epss
scoring_elements 0.85793
published_at 2026-04-02T12:55:00Z
1
value 0.02686
scoring_system epss
scoring_elements 0.85811
published_at 2026-04-04T12:55:00Z
2
value 0.03596
scoring_system epss
scoring_elements 0.87735
published_at 2026-04-07T12:55:00Z
3
value 0.03596
scoring_system epss
scoring_elements 0.87756
published_at 2026-04-08T12:55:00Z
4
value 0.03596
scoring_system epss
scoring_elements 0.87762
published_at 2026-04-09T12:55:00Z
5
value 0.03596
scoring_system epss
scoring_elements 0.87773
published_at 2026-04-11T12:55:00Z
6
value 0.03596
scoring_system epss
scoring_elements 0.87768
published_at 2026-04-12T12:55:00Z
7
value 0.03596
scoring_system epss
scoring_elements 0.87766
published_at 2026-04-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2023-50250
fixed_packages
0
url pkg:apk/alpine/cacti@1.2.26-r0?arch=aarch64&distroversion=edge&reponame=community
purl pkg:apk/alpine/cacti@1.2.26-r0?arch=aarch64&distroversion=edge&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/cacti@1.2.26-r0%3Farch=aarch64&distroversion=edge&reponame=community
aliases CVE-2023-50250
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-mwbm-aphc-akgu
5
url VCID-xkkm-ss3p-1udc
vulnerability_id VCID-xkkm-ss3p-1udc
summary SQL Injection vulnerability in Cacti v1.2.25 allows a remote attacker to obtain sensitive information via the form_actions() function in the managers.php function.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2023-46490
reference_id
reference_type
scores
0
value 0.00207
scoring_system epss
scoring_elements 0.43075
published_at 2026-04-13T12:55:00Z
1
value 0.00207
scoring_system epss
scoring_elements 0.43124
published_at 2026-04-11T12:55:00Z
2
value 0.00207
scoring_system epss
scoring_elements 0.43071
published_at 2026-04-02T12:55:00Z
3
value 0.00207
scoring_system epss
scoring_elements 0.43098
published_at 2026-04-04T12:55:00Z
4
value 0.00207
scoring_system epss
scoring_elements 0.43037
published_at 2026-04-07T12:55:00Z
5
value 0.00207
scoring_system epss
scoring_elements 0.4309
published_at 2026-04-12T12:55:00Z
6
value 0.00207
scoring_system epss
scoring_elements 0.43102
published_at 2026-04-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2023-46490
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-46490
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-46490
2
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1059286
reference_id 1059286
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1059286
3
reference_url https://gist.github.com/ISHGARD-2/a95632111138fcd7ccf7432ccb145b53
reference_id a95632111138fcd7ccf7432ccb145b53
reference_type
scores
0
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-10T14:48:55Z/
url https://gist.github.com/ISHGARD-2/a95632111138fcd7ccf7432ccb145b53
4
reference_url https://github.com/Cacti/cacti/security/advisories/GHSA-f4r3-53jr-654c
reference_id GHSA-f4r3-53jr-654c
reference_type
scores
0
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-10T14:48:55Z/
url https://github.com/Cacti/cacti/security/advisories/GHSA-f4r3-53jr-654c
fixed_packages
0
url pkg:apk/alpine/cacti@1.2.26-r0?arch=aarch64&distroversion=edge&reponame=community
purl pkg:apk/alpine/cacti@1.2.26-r0?arch=aarch64&distroversion=edge&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/cacti@1.2.26-r0%3Farch=aarch64&distroversion=edge&reponame=community
aliases CVE-2023-46490
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-xkkm-ss3p-1udc
6
url VCID-zkmp-kgyq-tfeh
vulnerability_id VCID-zkmp-kgyq-tfeh
summary Rejected reason: DO NOT USE THIS CVE RECORD. Consult IDs: CVE-2023-50250. Reason: This record is a reservation duplicate of CVE-2023-50250. Notes: All CVE users should reference CVE-2023-50250 instead of this record. All references and descriptions in this record have been removed to prevent accidental usage.
references
fixed_packages
0
url pkg:apk/alpine/cacti@1.2.26-r0?arch=aarch64&distroversion=edge&reponame=community
purl pkg:apk/alpine/cacti@1.2.26-r0?arch=aarch64&distroversion=edge&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/cacti@1.2.26-r0%3Farch=aarch64&distroversion=edge&reponame=community
aliases CVE-2023-50569
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-zkmp-kgyq-tfeh
Risk_scorenull
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:apk/alpine/cacti@1.2.26-r0%3Farch=aarch64&distroversion=edge&reponame=community