Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:apk/alpine/ruby@2.7.3-r0?arch=aarch64&distroversion=v3.23&reponame=main
Typeapk
Namespacealpine
Nameruby
Version2.7.3-r0
Qualifiers
arch aarch64
distroversion v3.23
reponame main
Subpath
Is_vulnerablefalse
Next_non_vulnerable_version2.7.4-r0
Latest_non_vulnerable_version3.4.9-r0
Affected_by_vulnerabilities
Fixing_vulnerabilities
0
url VCID-etxg-4ytj-1kee
vulnerability_id VCID-etxg-4ytj-1kee
summary 
Path traversal in Tempfile on Windows
There is an unintentional directory creation vulnerability in tmpdir library
bundled with Ruby on Windows. And there is also an unintentional file
creation vulnerability in tempfile library bundled with Ruby on Windows,
because it uses tmpdir internally.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-28966
reference_id
reference_type
scores
0
value 0.00247
scoring_system epss
scoring_elements 0.4826
published_at 2026-06-05T12:55:00Z
1
value 0.00247
scoring_system epss
scoring_elements 0.48229
published_at 2026-06-09T12:55:00Z
2
value 0.00247
scoring_system epss
scoring_elements 0.48216
published_at 2026-06-08T12:55:00Z
3
value 0.00247
scoring_system epss
scoring_elements 0.48245
published_at 2026-06-07T12:55:00Z
4
value 0.00247
scoring_system epss
scoring_elements 0.48197
published_at 2026-06-04T12:55:00Z
5
value 0.00247
scoring_system epss
scoring_elements 0.48264
published_at 2026-06-06T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-28966
1
reference_url https://github.com/ruby/tmpdir
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/ruby/tmpdir
2
reference_url https://github.com/ruby/tmpdir/commit/93798c01cb7c10476e50a4d80130a329ba47f348
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/ruby/tmpdir/commit/93798c01cb7c10476e50a4d80130a329ba47f348
3
reference_url https://github.com/ruby/tmpdir/pull/8
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/ruby/tmpdir/pull/8
4
reference_url https://hackerone.com/reports/1131465
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://hackerone.com/reports/1131465
5
reference_url https://rubygems.org/gems/tmpdir
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://rubygems.org/gems/tmpdir
6
reference_url https://security.netapp.com/advisory/ntap-20210902-0004
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://security.netapp.com/advisory/ntap-20210902-0004
7
reference_url https://security.netapp.com/advisory/ntap-20210902-0004/
reference_id
reference_type
scores
url https://security.netapp.com/advisory/ntap-20210902-0004/
8
reference_url https://www.ruby-lang.org/en/news/2021/04/05/tempfile-path-traversal-on-windows-cve-2021-28966
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.ruby-lang.org/en/news/2021/04/05/tempfile-path-traversal-on-windows-cve-2021-28966
9
reference_url https://www.ruby-lang.org/en/news/2021/04/05/tempfile-path-traversal-on-windows-cve-2021-28966/
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements
url https://www.ruby-lang.org/en/news/2021/04/05/tempfile-path-traversal-on-windows-cve-2021-28966/
10
reference_url https://nvd.nist.gov/vuln/detail/CVE-2021-28966
reference_id CVE-2021-28966
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2021-28966
11
reference_url https://github.com/rubysec/ruby-advisory-db/blob/master/gems/tmpdir/CVE-2021-28966.yml
reference_id CVE-2021-28966.YML
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/rubysec/ruby-advisory-db/blob/master/gems/tmpdir/CVE-2021-28966.yml
12
reference_url https://github.com/advisories/GHSA-46f2-3v63-3xrp
reference_id GHSA-46f2-3v63-3xrp
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-46f2-3v63-3xrp
fixed_packages
0
url pkg:apk/alpine/ruby@2.7.3-r0?arch=aarch64&distroversion=v3.23&reponame=main
purl pkg:apk/alpine/ruby@2.7.3-r0?arch=aarch64&distroversion=v3.23&reponame=main
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/ruby@2.7.3-r0%3Farch=aarch64&distroversion=v3.23&reponame=main
aliases CVE-2021-28966, GHSA-46f2-3v63-3xrp
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-etxg-4ytj-1kee
1
url VCID-upuq-4pxh-8ueh
vulnerability_id VCID-upuq-4pxh-8ueh
summary incorrect calculation
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-28965.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-28965.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-28965
reference_id
reference_type
scores
0
value 0.00576
scoring_system epss
scoring_elements 0.69203
published_at 2026-06-09T12:55:00Z
1
value 0.00576
scoring_system epss
scoring_elements 0.69185
published_at 2026-06-08T12:55:00Z
2
value 0.00576
scoring_system epss
scoring_elements 0.6916
published_at 2026-06-04T12:55:00Z
3
value 0.00576
scoring_system epss
scoring_elements 0.69208
published_at 2026-06-06T12:55:00Z
4
value 0.00576
scoring_system epss
scoring_elements 0.69199
published_at 2026-06-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-28965
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-28965
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-28965
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-31799
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-31799
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-31810
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-31810
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-32066
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-32066
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41817
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41817
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41819
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41819
8
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
9
reference_url https://github.com/ruby/rexml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/ruby/rexml
10
reference_url https://github.com/ruby/rexml/commit/2fe62e29094d95921d7e19abbd2e26b23d78dc5b
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/ruby/rexml/commit/2fe62e29094d95921d7e19abbd2e26b23d78dc5b
11
reference_url https://github.com/ruby/rexml/commit/3c137eb119550874b2b3e27d12b733ca67033377
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/ruby/rexml/commit/3c137eb119550874b2b3e27d12b733ca67033377
12
reference_url https://github.com/ruby/rexml/commit/6a250d2cd1194c2be72becbdd9c3e770aa16e752
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/ruby/rexml/commit/6a250d2cd1194c2be72becbdd9c3e770aa16e752
13
reference_url https://github.com/ruby/rexml/commit/9b311e59ae05749e082eb6bbefa1cb620d1a786e
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/ruby/rexml/commit/9b311e59ae05749e082eb6bbefa1cb620d1a786e
14
reference_url https://github.com/ruby/rexml/commit/a659c63e37414506dfb0d4655e031bb7a2e73fc8
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/ruby/rexml/commit/a659c63e37414506dfb0d4655e031bb7a2e73fc8
15
reference_url https://github.com/ruby/rexml/commit/f7bab8937513b1403cea5aff874cbf32fd5e8551
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/ruby/rexml/commit/f7bab8937513b1403cea5aff874cbf32fd5e8551
16
reference_url https://github.com/ruby/rexml/commit/f9d88e4948b4a43294c25dc0edb16815bd9d8618
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/ruby/rexml/commit/f9d88e4948b4a43294c25dc0edb16815bd9d8618
17
reference_url https://github.com/rubysec/ruby-advisory-db/blob/master/gems/rexml/CVE-2021-28965.yml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/rubysec/ruby-advisory-db/blob/master/gems/rexml/CVE-2021-28965.yml
18
reference_url https://hackerone.com/reports/1104077
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://hackerone.com/reports/1104077
19
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WTVFTLFVCSUE5CXHINJEUCKSHU4SWDMT
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WTVFTLFVCSUE5CXHINJEUCKSHU4SWDMT
20
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WTVFTLFVCSUE5CXHINJEUCKSHU4SWDMT/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WTVFTLFVCSUE5CXHINJEUCKSHU4SWDMT/
21
reference_url https://rubygems.org/gems/rexml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://rubygems.org/gems/rexml
22
reference_url https://security.netapp.com/advisory/ntap-20210528-0003
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://security.netapp.com/advisory/ntap-20210528-0003
23
reference_url https://security.netapp.com/advisory/ntap-20210528-0003/
reference_id
reference_type
scores
url https://security.netapp.com/advisory/ntap-20210528-0003/
24
reference_url https://www.ruby-lang.org/en/news/2021/04/05/xml-round-trip-vulnerability-in-rexml-cve-2021-28965
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.ruby-lang.org/en/news/2021/04/05/xml-round-trip-vulnerability-in-rexml-cve-2021-28965
25
reference_url https://www.ruby-lang.org/en/news/2021/04/05/xml-round-trip-vulnerability-in-rexml-cve-2021-28965/
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements
url https://www.ruby-lang.org/en/news/2021/04/05/xml-round-trip-vulnerability-in-rexml-cve-2021-28965/
26
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1947526
reference_id 1947526
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1947526
27
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=986807
reference_id 986807
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=986807
28
reference_url https://security.archlinux.org/ASA-202104-1
reference_id ASA-202104-1
reference_type
scores
url https://security.archlinux.org/ASA-202104-1
29
reference_url https://security.archlinux.org/AVG-1788
reference_id AVG-1788
reference_type
scores
0
value Critical
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-1788
30
reference_url https://security.archlinux.org/AVG-1789
reference_id AVG-1789
reference_type
scores
0
value Critical
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-1789
31
reference_url https://security.archlinux.org/AVG-1822
reference_id AVG-1822
reference_type
scores
0
value Critical
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-1822
32
reference_url https://nvd.nist.gov/vuln/detail/CVE-2021-28965
reference_id CVE-2021-28965
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2021-28965
33
reference_url https://github.com/advisories/GHSA-8cr8-4vfw-mr7h
reference_id GHSA-8cr8-4vfw-mr7h
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-8cr8-4vfw-mr7h
34
reference_url https://access.redhat.com/errata/RHSA-2021:2104
reference_id RHSA-2021:2104
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:2104
35
reference_url https://access.redhat.com/errata/RHSA-2021:2229
reference_id RHSA-2021:2229
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:2229
36
reference_url https://access.redhat.com/errata/RHSA-2021:2230
reference_id RHSA-2021:2230
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:2230
37
reference_url https://access.redhat.com/errata/RHSA-2021:2584
reference_id RHSA-2021:2584
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:2584
38
reference_url https://access.redhat.com/errata/RHSA-2021:2587
reference_id RHSA-2021:2587
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:2587
39
reference_url https://access.redhat.com/errata/RHSA-2021:2588
reference_id RHSA-2021:2588
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:2588
40
reference_url https://access.redhat.com/errata/RHSA-2022:0581
reference_id RHSA-2022:0581
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:0581
41
reference_url https://access.redhat.com/errata/RHSA-2022:0582
reference_id RHSA-2022:0582
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:0582
42
reference_url https://access.redhat.com/errata/RHSA-2026:7305
reference_id RHSA-2026:7305
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7305
43
reference_url https://access.redhat.com/errata/RHSA-2026:7307
reference_id RHSA-2026:7307
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7307
44
reference_url https://access.redhat.com/errata/RHSA-2026:8838
reference_id RHSA-2026:8838
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8838
45
reference_url https://usn.ubuntu.com/4922-1/
reference_id USN-4922-1
reference_type
scores
url https://usn.ubuntu.com/4922-1/
46
reference_url https://usn.ubuntu.com/4922-2/
reference_id USN-4922-2
reference_type
scores
url https://usn.ubuntu.com/4922-2/
fixed_packages
0
url pkg:apk/alpine/ruby@2.7.3-r0?arch=aarch64&distroversion=v3.23&reponame=main
purl pkg:apk/alpine/ruby@2.7.3-r0?arch=aarch64&distroversion=v3.23&reponame=main
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/ruby@2.7.3-r0%3Farch=aarch64&distroversion=v3.23&reponame=main
aliases CVE-2021-28965, GHSA-8cr8-4vfw-mr7h
risk_score 4.5
exploitability 0.5
weighted_severity 9.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-upuq-4pxh-8ueh
Risk_scorenull
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:apk/alpine/ruby@2.7.3-r0%3Farch=aarch64&distroversion=v3.23&reponame=main