Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:apk/alpine/bind@9.18.19-r0?arch=x86_64&distroversion=v3.22&reponame=main
Typeapk
Namespacealpine
Namebind
Version9.18.19-r0
Qualifiers
arch x86_64
distroversion v3.22
reponame main
Subpath
Is_vulnerablefalse
Next_non_vulnerable_version9.18.24-r0
Latest_non_vulnerable_version9.20.23-r0
Affected_by_vulnerabilities
Fixing_vulnerabilities
0
url VCID-u4gb-737x-pych
vulnerability_id VCID-u4gb-737x-pych
summary A flaw in the networking code handling DNS-over-TLS queries may cause `named` to terminate unexpectedly due to an assertion failure. This happens when internal data structures are incorrectly reused under significant DNS-over-TLS query load. This issue affects BIND 9 versions 9.18.0 through 9.18.18 and 9.18.11-S1 through 9.18.18-S1.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-4236.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-4236.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2023-4236
reference_id
reference_type
scores
0
value 0.00177
scoring_system epss
scoring_elements 0.38991
published_at 2026-06-05T12:55:00Z
1
value 0.00177
scoring_system epss
scoring_elements 0.38995
published_at 2026-06-06T12:55:00Z
2
value 0.00177
scoring_system epss
scoring_elements 0.38967
published_at 2026-06-07T12:55:00Z
3
value 0.00177
scoring_system epss
scoring_elements 0.3894
published_at 2026-06-08T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2023-4236
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1052417
reference_id 1052417
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1052417
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2239661
reference_id 2239661
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2239661
5
reference_url https://usn.ubuntu.com/6390-1/
reference_id USN-6390-1
reference_type
scores
url https://usn.ubuntu.com/6390-1/
fixed_packages
0
url pkg:apk/alpine/bind@9.18.19-r0?arch=x86_64&distroversion=v3.22&reponame=main
purl pkg:apk/alpine/bind@9.18.19-r0?arch=x86_64&distroversion=v3.22&reponame=main
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/bind@9.18.19-r0%3Farch=x86_64&distroversion=v3.22&reponame=main
aliases CVE-2023-4236
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-u4gb-737x-pych
1
url VCID-v1sf-68f6-7ydu
vulnerability_id VCID-v1sf-68f6-7ydu
summary The code that processes control channel messages sent to `named` calls certain functions recursively during packet parsing. Recursion depth is only limited by the maximum accepted packet size; depending on the environment, this may cause the packet-parsing code to run out of available stack memory, causing `named` to terminate unexpectedly. Since each incoming control channel message is fully parsed before its contents are authenticated, exploiting this flaw does not require the attacker to hold a valid RNDC key; only network access to the control channel's configured TCP port is necessary. This issue affects BIND 9 versions 9.2.0 through 9.16.43, 9.18.0 through 9.18.18, 9.19.0 through 9.19.16, 9.9.3-S1 through 9.16.43-S1, and 9.18.0-S1 through 9.18.18-S1.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-3341.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-3341.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2023-3341
reference_id
reference_type
scores
0
value 0.00227
scoring_system epss
scoring_elements 0.45536
published_at 2026-06-08T12:55:00Z
1
value 0.00227
scoring_system epss
scoring_elements 0.45561
published_at 2026-06-07T12:55:00Z
2
value 0.00247
scoring_system epss
scoring_elements 0.48171
published_at 2026-06-05T12:55:00Z
3
value 0.00247
scoring_system epss
scoring_elements 0.48174
published_at 2026-06-06T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2023-3341
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-3341
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-3341
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1052416
reference_id 1052416
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1052416
5
reference_url http://www.openwall.com/lists/oss-security/2023/09/20/2
reference_id 2
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-03T16:03:26Z/
url http://www.openwall.com/lists/oss-security/2023/09/20/2
6
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2239621
reference_id 2239621
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2239621
7
reference_url https://kb.isc.org/docs/cve-2023-3341
reference_id cve-2023-3341
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-03T16:03:26Z/
url https://kb.isc.org/docs/cve-2023-3341
8
reference_url https://www.debian.org/security/2023/dsa-5504
reference_id dsa-5504
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-03T16:03:26Z/
url https://www.debian.org/security/2023/dsa-5504
9
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IPJLLTJCSDJJII7IIZPLTBQNWP7MZH7F/
reference_id IPJLLTJCSDJJII7IIZPLTBQNWP7MZH7F
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-03T16:03:26Z/
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IPJLLTJCSDJJII7IIZPLTBQNWP7MZH7F/
10
reference_url https://lists.debian.org/debian-lts-announce/2024/01/msg00021.html
reference_id msg00021.html
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-03T16:03:26Z/
url https://lists.debian.org/debian-lts-announce/2024/01/msg00021.html
11
reference_url https://security.netapp.com/advisory/ntap-20231013-0003/
reference_id ntap-20231013-0003
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-03T16:03:26Z/
url https://security.netapp.com/advisory/ntap-20231013-0003/
12
reference_url https://access.redhat.com/errata/RHSA-2023:5460
reference_id RHSA-2023:5460
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:5460
13
reference_url https://access.redhat.com/errata/RHSA-2023:5473
reference_id RHSA-2023:5473
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:5473
14
reference_url https://access.redhat.com/errata/RHSA-2023:5474
reference_id RHSA-2023:5474
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:5474
15
reference_url https://access.redhat.com/errata/RHSA-2023:5526
reference_id RHSA-2023:5526
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:5526
16
reference_url https://access.redhat.com/errata/RHSA-2023:5527
reference_id RHSA-2023:5527
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:5527
17
reference_url https://access.redhat.com/errata/RHSA-2023:5529
reference_id RHSA-2023:5529
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:5529
18
reference_url https://access.redhat.com/errata/RHSA-2023:5689
reference_id RHSA-2023:5689
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:5689
19
reference_url https://access.redhat.com/errata/RHSA-2023:5690
reference_id RHSA-2023:5690
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:5690
20
reference_url https://access.redhat.com/errata/RHSA-2023:5691
reference_id RHSA-2023:5691
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:5691
21
reference_url https://access.redhat.com/errata/RHSA-2023:5771
reference_id RHSA-2023:5771
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:5771
22
reference_url https://access.redhat.com/errata/RHSA-2025:0039
reference_id RHSA-2025:0039
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:0039
23
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U35OARLQCPMVCBBPHWBXY5M6XJLD2TZ5/
reference_id U35OARLQCPMVCBBPHWBXY5M6XJLD2TZ5
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-03T16:03:26Z/
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U35OARLQCPMVCBBPHWBXY5M6XJLD2TZ5/
24
reference_url https://usn.ubuntu.com/6390-1/
reference_id USN-6390-1
reference_type
scores
url https://usn.ubuntu.com/6390-1/
25
reference_url https://usn.ubuntu.com/6421-1/
reference_id USN-6421-1
reference_type
scores
url https://usn.ubuntu.com/6421-1/
26
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VSK5V4W4OHPM3JTJGWAQD6CZW7SFD75B/
reference_id VSK5V4W4OHPM3JTJGWAQD6CZW7SFD75B
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-03T16:03:26Z/
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VSK5V4W4OHPM3JTJGWAQD6CZW7SFD75B/
fixed_packages
0
url pkg:apk/alpine/bind@9.18.19-r0?arch=x86_64&distroversion=v3.22&reponame=main
purl pkg:apk/alpine/bind@9.18.19-r0?arch=x86_64&distroversion=v3.22&reponame=main
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/bind@9.18.19-r0%3Farch=x86_64&distroversion=v3.22&reponame=main
aliases CVE-2023-3341
risk_score 3.4
exploitability 0.5
weighted_severity 6.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-v1sf-68f6-7ydu
Risk_scorenull
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:apk/alpine/bind@9.18.19-r0%3Farch=x86_64&distroversion=v3.22&reponame=main