Django REST framework

Lookup for vulnerable packages by Package URL.

Purl pkg:apk/alpine/spice@0.12.8-r3?arch=armv7&distroversion=v3.9&reponame=main

Type apk

Namespace alpine

Name spice

Version 0.12.8-r3

Qualifiers

arch	armv7
distroversion	v3.9
reponame	main

Subpath

Is_vulnerable false

Next_non_vulnerable_version 0.12.8-r4

Latest_non_vulnerable_version 0.14.1-r4

Affected_by_vulnerabilities

Fixing_vulnerabilities

url VCID-rz64-p338-4fg6

vulnerability_id VCID-rz64-p338-4fg6

summary A vulnerability was discovered in SPICE before 0.13.90 in the server's protocol handling. An attacker able to connect to the SPICE server could send crafted messages which would cause the process to crash.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9578.json

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9578.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2016-9578

reference_id

reference_type

scores

value	0.03335
scoring_system	epss
scoring_elements	0.87519
published_at	2026-06-04T12:55:00Z

value	0.03335
scoring_system	epss
scoring_elements	0.8754
published_at	2026-06-05T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2016-9578

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9577
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9577

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9578
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9578

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	5
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:N/I:N/A:P

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1399566
reference_id	1399566
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1399566

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=854336
reference_id	854336
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=854336

reference_url	https://access.redhat.com/errata/RHSA-2017:0253
reference_id	RHSA-2017:0253
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2017:0253

reference_url	https://access.redhat.com/errata/RHSA-2017:0254
reference_id	RHSA-2017:0254
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2017:0254

reference_url	https://access.redhat.com/errata/RHSA-2017:0549
reference_id	RHSA-2017:0549
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2017:0549

reference_url	https://access.redhat.com/errata/RHSA-2017:0552
reference_id	RHSA-2017:0552
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2017:0552

reference_url	https://usn.ubuntu.com/3202-1/
reference_id	USN-3202-1
reference_type
scores
url	https://usn.ubuntu.com/3202-1/

fixed_packages

url	pkg:apk/alpine/spice@0.12.8-r3?arch=armv7&distroversion=v3.9&reponame=main
purl	pkg:apk/alpine/spice@0.12.8-r3?arch=armv7&distroversion=v3.9&reponame=main
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/spice@0.12.8-r3%3Farch=armv7&distroversion=v3.9&reponame=main

aliases CVE-2016-9578

risk_score 3.4

exploitability 0.5

weighted_severity 6.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-rz64-p338-4fg6

url VCID-v3r8-sy2r-gfcw

vulnerability_id VCID-v3r8-sy2r-gfcw

summary A vulnerability was discovered in SPICE before 0.13.90 in the server's protocol handling. An authenticated attacker could send crafted messages to the SPICE server causing a heap overflow leading to a crash or possible code execution.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9577.json

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9577.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2016-9577

reference_id

reference_type

scores

value	0.06999
scoring_system	epss
scoring_elements	0.91615
published_at	2026-06-04T12:55:00Z

value	0.06999
scoring_system	epss
scoring_elements	0.91628
published_at	2026-06-05T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2016-9577

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9577
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9577

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9578
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9578

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	10
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:C/I:C/A:C

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1401603
reference_id	1401603
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1401603

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=854336
reference_id	854336
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=854336

reference_url	https://access.redhat.com/errata/RHSA-2017:0253
reference_id	RHSA-2017:0253
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2017:0253

reference_url	https://access.redhat.com/errata/RHSA-2017:0254
reference_id	RHSA-2017:0254
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2017:0254

reference_url	https://access.redhat.com/errata/RHSA-2017:0549
reference_id	RHSA-2017:0549
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2017:0549

reference_url	https://access.redhat.com/errata/RHSA-2017:0552
reference_id	RHSA-2017:0552
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2017:0552

reference_url	https://usn.ubuntu.com/3202-1/
reference_id	USN-3202-1
reference_type
scores
url	https://usn.ubuntu.com/3202-1/

fixed_packages

url	pkg:apk/alpine/spice@0.12.8-r3?arch=armv7&distroversion=v3.9&reponame=main
purl	pkg:apk/alpine/spice@0.12.8-r3?arch=armv7&distroversion=v3.9&reponame=main
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/spice@0.12.8-r3%3Farch=armv7&distroversion=v3.9&reponame=main

aliases CVE-2016-9577

risk_score 3.4

exploitability 0.5

weighted_severity 6.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-v3r8-sy2r-gfcw

Risk_score null

Resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/spice@0.12.8-r3%3Farch=armv7&distroversion=v3.9&reponame=main

Package Instance