Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:npm/serve@6.4.3
Typenpm
Namespace
Nameserve
Version6.4.3
Qualifiers
Subpath
Is_vulnerabletrue
Next_non_vulnerable_version10.1.2
Latest_non_vulnerable_version10.1.2
Affected_by_vulnerabilities
0
url VCID-b1jn-wqse-wqdk
vulnerability_id VCID-b1jn-wqse-wqdk
summary Path Traversal in serve
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2019-5415
reference_id
reference_type
scores
0
value 0.00318
scoring_system epss
scoring_elements 0.55312
published_at 2026-06-11T12:55:00Z
1
value 0.00318
scoring_system epss
scoring_elements 0.55436
published_at 2026-06-14T12:55:00Z
2
value 0.00318
scoring_system epss
scoring_elements 0.55449
published_at 2026-06-13T12:55:00Z
3
value 0.00318
scoring_system epss
scoring_elements 0.55434
published_at 2026-06-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2019-5415
1
reference_url https://hackerone.com/reports/330724
reference_id
reference_type
scores
0
value 9.3
scoring_system cvssv3
scoring_elements
1
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://hackerone.com/reports/330724
2
reference_url https://www.npmjs.com/advisories/1010
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.npmjs.com/advisories/1010
3
reference_url https://github.com/nodejs/security-wg/blob/main/vuln/npm/515.json
reference_id 515
reference_type
scores
0
value 9.3
scoring_system cvssv3
scoring_elements
url https://github.com/nodejs/security-wg/blob/main/vuln/npm/515.json
4
reference_url https://nvd.nist.gov/vuln/detail/CVE-2019-5415
reference_id CVE-2019-5415
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2019-5415
5
reference_url https://github.com/advisories/GHSA-v588-qcp3-jv46
reference_id GHSA-v588-qcp3-jv46
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/advisories/GHSA-v588-qcp3-jv46
fixed_packages
0
url pkg:npm/serve@7.0.0
purl pkg:npm/serve@7.0.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-gsha-1uc8-9fdb
1
vulnerability VCID-r6cv-1gqj-27dv
2
vulnerability VCID-y2zp-h76y-kkcj
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/serve@7.0.0
aliases CVE-2019-5415, GHSA-v588-qcp3-jv46
risk_score 4.2
exploitability 0.5
weighted_severity 8.4
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-b1jn-wqse-wqdk
1
url VCID-fagg-e2tb-zygy
vulnerability_id VCID-fagg-e2tb-zygy
summary Directory Traversal in serve
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2018-3712
reference_id
reference_type
scores
0
value 0.00678
scoring_system epss
scoring_elements 0.7211
published_at 2026-06-12T12:55:00Z
1
value 0.00678
scoring_system epss
scoring_elements 0.72025
published_at 2026-06-11T12:55:00Z
2
value 0.00678
scoring_system epss
scoring_elements 0.72117
published_at 2026-06-14T12:55:00Z
3
value 0.00678
scoring_system epss
scoring_elements 0.72122
published_at 2026-06-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2018-3712
1
reference_url https://github.com/vercel/serve
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/vercel/serve
2
reference_url https://github.com/vercel/serve/commit/6adad6881c61991da61ebc857857c53409544575
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/vercel/serve/commit/6adad6881c61991da61ebc857857c53409544575
3
reference_url https://github.com/zeit/serve/pull/316
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/zeit/serve/pull/316
4
reference_url https://hackerone.com/reports/307666
reference_id
reference_type
scores
0
value 9.3
scoring_system cvssv3
scoring_elements
1
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://hackerone.com/reports/307666
5
reference_url https://github.com/nodejs/security-wg/blob/main/vuln/npm/363.json
reference_id 363
reference_type
scores
0
value 9.3
scoring_system cvssv3
scoring_elements
url https://github.com/nodejs/security-wg/blob/main/vuln/npm/363.json
6
reference_url https://nvd.nist.gov/vuln/detail/CVE-2018-3712
reference_id CVE-2018-3712
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2018-3712
7
reference_url https://github.com/advisories/GHSA-q2qh-cgc2-qhr3
reference_id GHSA-q2qh-cgc2-qhr3
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-q2qh-cgc2-qhr3
fixed_packages
0
url pkg:npm/serve@6.4.9
purl pkg:npm/serve@6.4.9
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-b1jn-wqse-wqdk
1
vulnerability VCID-gsha-1uc8-9fdb
2
vulnerability VCID-r6cv-1gqj-27dv
3
vulnerability VCID-t7uu-35ze-3uas
4
vulnerability VCID-xkwm-jspu-77be
5
vulnerability VCID-y2zp-h76y-kkcj
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/serve@6.4.9
aliases CVE-2018-3712, GHSA-q2qh-cgc2-qhr3
risk_score 4.2
exploitability 0.5
weighted_severity 8.4
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-fagg-e2tb-zygy
2
url VCID-gsha-1uc8-9fdb
vulnerability_id VCID-gsha-1uc8-9fdb
summary Cross-Site Scripting in serve
references
0
reference_url https://hackerone.com/reports/398285
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://hackerone.com/reports/398285
1
reference_url https://www.npmjs.com/advisories/992
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.npmjs.com/advisories/992
2
reference_url https://github.com/advisories/GHSA-cpgr-wmr9-qxv4
reference_id GHSA-cpgr-wmr9-qxv4
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-cpgr-wmr9-qxv4
fixed_packages
0
url pkg:npm/serve@10.0.2
purl pkg:npm/serve@10.0.2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-r6cv-1gqj-27dv
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/serve@10.0.2
aliases GHSA-cpgr-wmr9-qxv4, GMS-2020-774
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-gsha-1uc8-9fdb
3
url VCID-r6cv-1gqj-27dv
vulnerability_id VCID-r6cv-1gqj-27dv
summary Path Traversal in serve
references
0
reference_url https://hackerone.com/reports/486933
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url https://hackerone.com/reports/486933
1
reference_url https://www.npmjs.com/advisories/965
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.npmjs.com/advisories/965
2
reference_url https://github.com/advisories/GHSA-48gc-5j93-5cfq
reference_id GHSA-48gc-5j93-5cfq
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-48gc-5j93-5cfq
fixed_packages
0
url pkg:npm/serve@10.1.2
purl pkg:npm/serve@10.1.2
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/serve@10.1.2
aliases GHSA-48gc-5j93-5cfq, GMS-2020-773
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-r6cv-1gqj-27dv
4
url VCID-t7uu-35ze-3uas
vulnerability_id VCID-t7uu-35ze-3uas
summary Byass due to validation before canonicalization in serve
references
0
reference_url https://hackerone.com/reports/308721
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url https://hackerone.com/reports/308721
1
reference_url https://www.npmjs.com/advisories/594
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.npmjs.com/advisories/594
2
reference_url https://github.com/advisories/GHSA-wm7q-rxch-43mx
reference_id GHSA-wm7q-rxch-43mx
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-wm7q-rxch-43mx
fixed_packages
0
url pkg:npm/serve@6.5.2
purl pkg:npm/serve@6.5.2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-b1jn-wqse-wqdk
1
vulnerability VCID-gsha-1uc8-9fdb
2
vulnerability VCID-r6cv-1gqj-27dv
3
vulnerability VCID-y2zp-h76y-kkcj
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/serve@6.5.2
aliases GHSA-wm7q-rxch-43mx, GMS-2020-775
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-t7uu-35ze-3uas
5
url VCID-xkwm-jspu-77be
vulnerability_id VCID-xkwm-jspu-77be
summary
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2018-3718
reference_id
reference_type
scores
0
value 0.00243
scoring_system epss
scoring_elements 0.47775
published_at 2026-06-11T12:55:00Z
1
value 0.00243
scoring_system epss
scoring_elements 0.47916
published_at 2026-06-14T12:55:00Z
2
value 0.00243
scoring_system epss
scoring_elements 0.47932
published_at 2026-06-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2018-3718
1
reference_url https://github.com/vercel/serve
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/vercel/serve
2
reference_url https://hackerone.com/reports/308721
reference_id
reference_type
scores
0
value 9.3
scoring_system cvssv3
scoring_elements
1
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://hackerone.com/reports/308721
3
reference_url https://nvd.nist.gov/vuln/detail/CVE-2018-3718
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2018-3718
4
reference_url https://github.com/nodejs/security-wg/blob/main/vuln/npm/389.json
reference_id 389
reference_type
scores
0
value 9.3
scoring_system cvssv3
scoring_elements
url https://github.com/nodejs/security-wg/blob/main/vuln/npm/389.json
5
reference_url https://github.com/advisories/GHSA-5rc4-8qqh-vq7f
reference_id GHSA-5rc4-8qqh-vq7f
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-5rc4-8qqh-vq7f
fixed_packages
0
url pkg:npm/serve@6.5.2
purl pkg:npm/serve@6.5.2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-b1jn-wqse-wqdk
1
vulnerability VCID-gsha-1uc8-9fdb
2
vulnerability VCID-r6cv-1gqj-27dv
3
vulnerability VCID-y2zp-h76y-kkcj
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/serve@6.5.2
aliases CVE-2018-3718, GHSA-5rc4-8qqh-vq7f
risk_score 4.2
exploitability 0.5
weighted_severity 8.4
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-xkwm-jspu-77be
6
url VCID-y2zp-h76y-kkcj
vulnerability_id VCID-y2zp-h76y-kkcj
summary Cross-Site Scripting in serve
references
0
reference_url https://github.com/zeit/serve-handler
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/zeit/serve-handler
1
reference_url https://github.com/zeit/serve-handler/commit/65b4d4183a31a8076c78c40118acb0ca1b64f620
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/zeit/serve-handler/commit/65b4d4183a31a8076c78c40118acb0ca1b64f620
2
reference_url https://hackerone.com/reports/358641
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url https://hackerone.com/reports/358641
3
reference_url https://hackerone.com/reports/398285
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url https://hackerone.com/reports/398285
4
reference_url https://www.npmjs.com/advisories/971
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.npmjs.com/advisories/971
5
reference_url https://github.com/advisories/GHSA-xw79-hhv6-578c
reference_id GHSA-xw79-hhv6-578c
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-xw79-hhv6-578c
fixed_packages
0
url pkg:npm/serve@10.0.2
purl pkg:npm/serve@10.0.2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-r6cv-1gqj-27dv
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/serve@10.0.2
aliases GHSA-xw79-hhv6-578c, GMS-2020-776
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-y2zp-h76y-kkcj
Fixing_vulnerabilities
Risk_score4.2
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:npm/serve@6.4.3