Django REST framework

Lookup for vulnerable packages by Package URL.

Purl pkg:conan/openexr@2.5.0

Type conan

Namespace

Name openexr

Version 2.5.0

Qualifiers

Subpath

Is_vulnerable true

Next_non_vulnerable_version 2.4.0

Latest_non_vulnerable_version 2.5.2

Affected_by_vulnerabilities

url VCID-6tcg-kbbe-hkeg

vulnerability_id VCID-6tcg-kbbe-hkeg

summary denial of service

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2021-20296

reference_id

reference_type

scores

value	0.01014
scoring_system	epss
scoring_elements	0.77443
published_at	2026-05-30T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2021-20296

reference_url	https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=24854
reference_id
reference_type
scores
url	https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=24854

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1939141
reference_id
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1939141

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=986796
reference_id	986796
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=986796

reference_url

https://security.archlinux.org/AVG-1746

reference_id

AVG-1746

reference_type

scores

value	Low
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-1746

reference_url	https://nvd.nist.gov/vuln/detail/CVE-2021-20296
reference_id	CVE-2021-20296
reference_type
scores
url	https://nvd.nist.gov/vuln/detail/CVE-2021-20296

reference_url	https://security.gentoo.org/glsa/202107-27
reference_id	GLSA-202107-27
reference_type
scores
url	https://security.gentoo.org/glsa/202107-27

reference_url	https://usn.ubuntu.com/4996-1/
reference_id	USN-4996-1
reference_type
scores
url	https://usn.ubuntu.com/4996-1/

reference_url	https://usn.ubuntu.com/4996-2/
reference_id	USN-4996-2
reference_type
scores
url	https://usn.ubuntu.com/4996-2/

reference_url	https://usn.ubuntu.com/USN-5620-1/
reference_id	USN-USN-5620-1
reference_type
scores
url	https://usn.ubuntu.com/USN-5620-1/

fixed_packages

url	pkg:conan/openexr@2.5.4
purl	pkg:conan/openexr@2.5.4
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:conan/openexr@2.5.4

aliases CVE-2021-20296

risk_score 1.4

exploitability 0.5

weighted_severity 2.7

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-6tcg-kbbe-hkeg

url VCID-aamf-ffg7-3qgx

vulnerability_id VCID-aamf-ffg7-3qgx

summary denial of service

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2021-3477

reference_id

reference_type

scores

value	0.00364
scoring_system	epss
scoring_elements	0.58747
published_at	2026-05-30T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2021-3477

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1939159
reference_id
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1939159

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	5.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=986796
reference_id	986796
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=986796

reference_url

https://security.archlinux.org/AVG-1746

reference_id

AVG-1746

reference_type

scores

value	Low
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-1746

reference_url	https://nvd.nist.gov/vuln/detail/CVE-2021-3477
reference_id	CVE-2021-3477
reference_type
scores
url	https://nvd.nist.gov/vuln/detail/CVE-2021-3477

reference_url	https://security.gentoo.org/glsa/202107-27
reference_id	GLSA-202107-27
reference_type
scores
url	https://security.gentoo.org/glsa/202107-27

reference_url	https://usn.ubuntu.com/4900-1/
reference_id	USN-4900-1
reference_type
scores
url	https://usn.ubuntu.com/4900-1/

fixed_packages

url	pkg:conan/openexr@2.5.4
purl	pkg:conan/openexr@2.5.4
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:conan/openexr@2.5.4

aliases CVE-2021-3477

risk_score 1.4

exploitability 0.5

weighted_severity 2.7

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-aamf-ffg7-3qgx

url VCID-eqvs-xr9s-eyey

vulnerability_id VCID-eqvs-xr9s-eyey

summary denial of service

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2021-3474

reference_id

reference_type

scores

value	0.0101
scoring_system	epss
scoring_elements	0.7741
published_at	2026-05-30T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2021-3474

reference_url	https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=24831
reference_id
reference_type
scores
url	https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=24831

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1939142
reference_id
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1939142

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=986796
reference_id	986796
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=986796

reference_url

https://security.archlinux.org/AVG-1746

reference_id

AVG-1746

reference_type

scores

value	Low
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-1746

reference_url	https://nvd.nist.gov/vuln/detail/CVE-2021-3474
reference_id	CVE-2021-3474
reference_type
scores
url	https://nvd.nist.gov/vuln/detail/CVE-2021-3474

reference_url	https://security.gentoo.org/glsa/202107-27
reference_id	GLSA-202107-27
reference_type
scores
url	https://security.gentoo.org/glsa/202107-27

reference_url	https://usn.ubuntu.com/4900-1/
reference_id	USN-4900-1
reference_type
scores
url	https://usn.ubuntu.com/4900-1/

fixed_packages

url	pkg:conan/openexr@2.5.4
purl	pkg:conan/openexr@2.5.4
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:conan/openexr@2.5.4

aliases CVE-2021-3474

risk_score 1.4

exploitability 0.5

weighted_severity 2.7

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-eqvs-xr9s-eyey

url VCID-qfv1-3b1k-vbcg

vulnerability_id VCID-qfv1-3b1k-vbcg

summary denial of service

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2021-3476

reference_id

reference_type

scores

value	0.0101
scoring_system	epss
scoring_elements	0.7741
published_at	2026-05-30T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2021-3476

reference_url	https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=24787
reference_id
reference_type
scores
url	https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=24787

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1939145
reference_id
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1939145

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=986796
reference_id	986796
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=986796

reference_url

https://security.archlinux.org/AVG-1746

reference_id

AVG-1746

reference_type

scores

value	Low
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-1746

reference_url	https://nvd.nist.gov/vuln/detail/CVE-2021-3476
reference_id	CVE-2021-3476
reference_type
scores
url	https://nvd.nist.gov/vuln/detail/CVE-2021-3476

reference_url	https://security.gentoo.org/glsa/202107-27
reference_id	GLSA-202107-27
reference_type
scores
url	https://security.gentoo.org/glsa/202107-27

reference_url	https://usn.ubuntu.com/4900-1/
reference_id	USN-4900-1
reference_type
scores
url	https://usn.ubuntu.com/4900-1/

fixed_packages

url	pkg:conan/openexr@2.5.4
purl	pkg:conan/openexr@2.5.4
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:conan/openexr@2.5.4

aliases CVE-2021-3476

risk_score 1.4

exploitability 0.5

weighted_severity 2.7

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-qfv1-3b1k-vbcg

url VCID-r7j4-kqnb-tuax

vulnerability_id VCID-r7j4-kqnb-tuax

summary denial of service

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2021-3475

reference_id

reference_type

scores

value	0.01016
scoring_system	epss
scoring_elements	0.77472
published_at	2026-05-30T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2021-3475

reference_url	https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=25297
reference_id
reference_type
scores
url	https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=25297

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1939144
reference_id
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1939144

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=986796
reference_id	986796
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=986796

reference_url

https://security.archlinux.org/AVG-1746

reference_id

AVG-1746

reference_type

scores

value	Low
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-1746

reference_url	https://nvd.nist.gov/vuln/detail/CVE-2021-3475
reference_id	CVE-2021-3475
reference_type
scores
url	https://nvd.nist.gov/vuln/detail/CVE-2021-3475

reference_url	https://security.gentoo.org/glsa/202107-27
reference_id	GLSA-202107-27
reference_type
scores
url	https://security.gentoo.org/glsa/202107-27

reference_url	https://usn.ubuntu.com/4900-1/
reference_id	USN-4900-1
reference_type
scores
url	https://usn.ubuntu.com/4900-1/

fixed_packages

url	pkg:conan/openexr@2.5.4
purl	pkg:conan/openexr@2.5.4
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:conan/openexr@2.5.4

aliases CVE-2021-3475

risk_score 1.4

exploitability 0.5

weighted_severity 2.7

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-r7j4-kqnb-tuax

url VCID-th58-xvkx-q7h8

vulnerability_id VCID-th58-xvkx-q7h8

summary denial of service

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2021-3478

reference_id

reference_type

scores

value	0.00364
scoring_system	epss
scoring_elements	0.58747
published_at	2026-05-30T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2021-3478

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1939160
reference_id
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1939160

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	5.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=986796
reference_id	986796
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=986796

reference_url

https://security.archlinux.org/AVG-1746

reference_id

AVG-1746

reference_type

scores

value	Low
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-1746

reference_url	https://nvd.nist.gov/vuln/detail/CVE-2021-3478
reference_id	CVE-2021-3478
reference_type
scores
url	https://nvd.nist.gov/vuln/detail/CVE-2021-3478

reference_url	https://security.gentoo.org/glsa/202107-27
reference_id	GLSA-202107-27
reference_type
scores
url	https://security.gentoo.org/glsa/202107-27

reference_url	https://usn.ubuntu.com/4900-1/
reference_id	USN-4900-1
reference_type
scores
url	https://usn.ubuntu.com/4900-1/

fixed_packages

url	pkg:conan/openexr@2.5.4
purl	pkg:conan/openexr@2.5.4
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:conan/openexr@2.5.4

aliases CVE-2021-3478

risk_score 1.4

exploitability 0.5

weighted_severity 2.7

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-th58-xvkx-q7h8

url VCID-tsz8-juh2-13ew

vulnerability_id VCID-tsz8-juh2-13ew

summary denial of service

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2021-3479

reference_id

reference_type

scores

value	0.0053
scoring_system	epss
scoring_elements	0.67522
published_at	2026-05-30T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2021-3479

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1939149
reference_id
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1939149

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=986796
reference_id	986796
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=986796

reference_url

https://security.archlinux.org/AVG-1746

reference_id

AVG-1746

reference_type

scores

value	Low
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-1746

reference_url	https://nvd.nist.gov/vuln/detail/CVE-2021-3479
reference_id	CVE-2021-3479
reference_type
scores
url	https://nvd.nist.gov/vuln/detail/CVE-2021-3479

reference_url	https://security.gentoo.org/glsa/202107-27
reference_id	GLSA-202107-27
reference_type
scores
url	https://security.gentoo.org/glsa/202107-27

reference_url	https://usn.ubuntu.com/4900-1/
reference_id	USN-4900-1
reference_type
scores
url	https://usn.ubuntu.com/4900-1/

fixed_packages

url	pkg:conan/openexr@2.5.4
purl	pkg:conan/openexr@2.5.4
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:conan/openexr@2.5.4

aliases CVE-2021-3479

risk_score 1.4

exploitability 0.5

weighted_severity 2.7

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-tsz8-juh2-13ew

Fixing_vulnerabilities

Risk_score null

Resource_url http://public2.vulnerablecode.io/packages/pkg:conan/openexr@2.5.0

Package Instance