Django REST framework

Lookup for vulnerable packages by Package URL.

Purl pkg:gem/sprockets@3.3.5

Type gem

Namespace

Name sprockets

Version 3.3.5

Qualifiers

Subpath

Is_vulnerable true

Next_non_vulnerable_version 3.7.2

Latest_non_vulnerable_version 4.0.0.beta8

Affected_by_vulnerabilities

url VCID-773n-as9y-rkhu

vulnerability_id VCID-773n-as9y-rkhu

summary

references

reference_url

https://access.redhat.com/errata/RHSA-2018:2244

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://access.redhat.com/errata/RHSA-2018:2244

reference_url

https://access.redhat.com/errata/RHSA-2018:2245

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://access.redhat.com/errata/RHSA-2018:2245

reference_url

https://access.redhat.com/errata/RHSA-2018:2561

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://access.redhat.com/errata/RHSA-2018:2561

reference_url

https://access.redhat.com/errata/RHSA-2018:2745

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://access.redhat.com/errata/RHSA-2018:2745

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-3760.json

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-3760.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2018-3760

reference_id

reference_type

scores

value	0.93887
scoring_system	epss
scoring_elements	0.99883
published_at	2026-06-12T12:55:00Z

value	0.93887
scoring_system	epss
scoring_elements	0.99882
published_at	2026-06-11T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2018-3760

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-3760
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-3760

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

https://github.com/rails/sprockets

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/rails/sprockets

reference_url

https://github.com/rails/sprockets/commit/18b8a7f07a50c245e9aee7854ecdbe606bbd8bb5

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/rails/sprockets/commit/18b8a7f07a50c245e9aee7854ecdbe606bbd8bb5

reference_url

https://github.com/rails/sprockets/commit/9c34fa05900b968d74f08ccf40917848a7be9441

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/rails/sprockets/commit/9c34fa05900b968d74f08ccf40917848a7be9441

reference_url

https://github.com/rails/sprockets/commit/c09131cf5b2c479263939c8582e22b98ed616c5f

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/rails/sprockets/commit/c09131cf5b2c479263939c8582e22b98ed616c5f

reference_url

https://groups.google.com/d/msg/rubyonrails-security/ft_J--l55fM/7roDfQ50BwAJ

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://groups.google.com/d/msg/rubyonrails-security/ft_J--l55fM/7roDfQ50BwAJ

reference_url

https://groups.google.com/forum/#!topic/ruby-security-ann/2S9Pwz2i16k

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3
scoring_elements

url

https://groups.google.com/forum/#!topic/ruby-security-ann/2S9Pwz2i16k

reference_url	https://groups.google.com/g/ruby-security-ann/c/2S9Pwz2i16k
reference_id
reference_type
scores
url	https://groups.google.com/g/ruby-security-ann/c/2S9Pwz2i16k

reference_url

https://www.debian.org/security/2018/dsa-4242

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://www.debian.org/security/2018/dsa-4242

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1593058
reference_id	1593058
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1593058

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=901913
reference_id	901913
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=901913

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2018-3760

reference_id

CVE-2018-3760

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2018-3760

reference_url

https://github.com/advisories/GHSA-pr3h-jjhj-573x

reference_id

GHSA-pr3h-jjhj-573x

reference_type

scores

value	HIGH
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-pr3h-jjhj-573x

fixed_packages

url	pkg:gem/sprockets@3.7.2
purl	pkg:gem/sprockets@3.7.2
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:gem/sprockets@3.7.2

url	pkg:gem/sprockets@4.0.0.beta8
purl	pkg:gem/sprockets@4.0.0.beta8
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:gem/sprockets@4.0.0.beta8

aliases CVE-2018-3760, GHSA-pr3h-jjhj-573x

risk_score 10.0

exploitability 2.0

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-773n-as9y-rkhu

Fixing_vulnerabilities

Risk_score 10.0

Resource_url http://public2.vulnerablecode.io/packages/pkg:gem/sprockets@3.3.5

Package Instance