Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:apk/alpine/python2@2.7.16-r3?arch=aarch64&distroversion=v3.12&reponame=main
Typeapk
Namespacealpine
Namepython2
Version2.7.16-r3
Qualifiers
arch aarch64
distroversion v3.12
reponame main
Subpath
Is_vulnerablefalse
Next_non_vulnerable_version2.7.17-r0
Latest_non_vulnerable_version2.7.18-r0
Affected_by_vulnerabilities
Fixing_vulnerabilities
0
url VCID-fwhj-bjfc-h3an
vulnerability_id VCID-fwhj-bjfc-h3an
summary An issue was discovered in Python through 2.7.16, 3.x through 3.5.7, 3.6.x through 3.6.9, and 3.7.x through 3.7.4. The email module wrongly parses email addresses that contain multiple @ characters. An application that uses the email module and implements some kind of checks on the From/To headers of a message could be tricked into accepting an email address that should be denied. An attack may be the same as in CVE-2019-11340; however, this CVE applies to Python more generally.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-16056.json
reference_id
reference_type
scores
0
value 7.3
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-16056.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2019-16056
reference_id
reference_type
scores
0
value 0.00894
scoring_system epss
scoring_elements 0.75957
published_at 2026-06-04T12:55:00Z
1
value 0.00894
scoring_system epss
scoring_elements 0.75982
published_at 2026-06-05T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2019-16056
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16056
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16056
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1749839
reference_id 1749839
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1749839
5
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=940901
reference_id 940901
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=940901
6
reference_url https://access.redhat.com/errata/RHSA-2019:3725
reference_id RHSA-2019:3725
reference_type
scores
url https://access.redhat.com/errata/RHSA-2019:3725
7
reference_url https://access.redhat.com/errata/RHSA-2019:3948
reference_id RHSA-2019:3948
reference_type
scores
url https://access.redhat.com/errata/RHSA-2019:3948
8
reference_url https://access.redhat.com/errata/RHSA-2020:1131
reference_id RHSA-2020:1131
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:1131
9
reference_url https://access.redhat.com/errata/RHSA-2020:1132
reference_id RHSA-2020:1132
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:1132
10
reference_url https://access.redhat.com/errata/RHSA-2020:1605
reference_id RHSA-2020:1605
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:1605
11
reference_url https://access.redhat.com/errata/RHSA-2020:1764
reference_id RHSA-2020:1764
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:1764
12
reference_url https://access.redhat.com/errata/RHSA-2020:2520
reference_id RHSA-2020:2520
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:2520
13
reference_url https://usn.ubuntu.com/4151-1/
reference_id USN-4151-1
reference_type
scores
url https://usn.ubuntu.com/4151-1/
14
reference_url https://usn.ubuntu.com/4151-2/
reference_id USN-4151-2
reference_type
scores
url https://usn.ubuntu.com/4151-2/
15
reference_url https://usn.ubuntu.com/6891-1/
reference_id USN-6891-1
reference_type
scores
url https://usn.ubuntu.com/6891-1/
fixed_packages
0
url pkg:apk/alpine/python2@2.7.16-r3?arch=aarch64&distroversion=v3.12&reponame=main
purl pkg:apk/alpine/python2@2.7.16-r3?arch=aarch64&distroversion=v3.12&reponame=main
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/python2@2.7.16-r3%3Farch=aarch64&distroversion=v3.12&reponame=main
aliases CVE-2019-16056
risk_score 3.3
exploitability 0.5
weighted_severity 6.6
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-fwhj-bjfc-h3an
1
url VCID-ru8s-bq99-9bhd
vulnerability_id VCID-ru8s-bq99-9bhd
summary The documentation XML-RPC server in Python through 2.7.16, 3.x through 3.6.9, and 3.7.x through 3.7.4 has XSS via the server_title field. This occurs in Lib/DocXMLRPCServer.py in Python 2.x, and in Lib/xmlrpc/server.py in Python 3.x. If set_server_title is called with untrusted input, arbitrary JavaScript can be delivered to clients that visit the http URL for this server.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-16935.json
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-16935.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2019-16935
reference_id
reference_type
scores
0
value 0.02456
scoring_system epss
scoring_elements 0.85499
published_at 2026-06-04T12:55:00Z
1
value 0.02456
scoring_system epss
scoring_elements 0.85523
published_at 2026-06-05T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2019-16935
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16935
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16935
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1027149
reference_id 1027149
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1027149
5
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1763229
reference_id 1763229
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1763229
6
reference_url https://access.redhat.com/errata/RHSA-2020:1605
reference_id RHSA-2020:1605
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:1605
7
reference_url https://access.redhat.com/errata/RHSA-2020:3888
reference_id RHSA-2020:3888
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:3888
8
reference_url https://access.redhat.com/errata/RHSA-2020:3911
reference_id RHSA-2020:3911
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:3911
9
reference_url https://access.redhat.com/errata/RHSA-2020:4285
reference_id RHSA-2020:4285
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:4285
10
reference_url https://access.redhat.com/errata/RHSA-2020:4433
reference_id RHSA-2020:4433
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:4433
11
reference_url https://access.redhat.com/errata/RHSA-2021:0949
reference_id RHSA-2021:0949
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:0949
12
reference_url https://usn.ubuntu.com/4151-1/
reference_id USN-4151-1
reference_type
scores
url https://usn.ubuntu.com/4151-1/
13
reference_url https://usn.ubuntu.com/4151-2/
reference_id USN-4151-2
reference_type
scores
url https://usn.ubuntu.com/4151-2/
14
reference_url https://usn.ubuntu.com/6891-1/
reference_id USN-6891-1
reference_type
scores
url https://usn.ubuntu.com/6891-1/
fixed_packages
0
url pkg:apk/alpine/python2@2.7.16-r3?arch=aarch64&distroversion=v3.12&reponame=main
purl pkg:apk/alpine/python2@2.7.16-r3?arch=aarch64&distroversion=v3.12&reponame=main
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/python2@2.7.16-r3%3Farch=aarch64&distroversion=v3.12&reponame=main
aliases CVE-2019-16935
risk_score 2.8
exploitability 0.5
weighted_severity 5.5
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ru8s-bq99-9bhd
Risk_scorenull
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:apk/alpine/python2@2.7.16-r3%3Farch=aarch64&distroversion=v3.12&reponame=main