Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:apk/alpine/varnish@7.7.2-r0?arch=x86&distroversion=edge&reponame=main
Typeapk
Namespacealpine
Namevarnish
Version7.7.2-r0
Qualifiers
arch x86
distroversion edge
reponame main
Subpath
Is_vulnerablefalse
Next_non_vulnerable_versionnull
Latest_non_vulnerable_versionnull
Affected_by_vulnerabilities
Fixing_vulnerabilities
0
url VCID-v38t-9zb6-suhf
vulnerability_id VCID-v38t-9zb6-suhf
summary A mismatch caused by client-triggered server-sent stream resets between HTTP/2 specifications and the internal architectures of some HTTP/2 implementations may result in excessive server resource consumption leading to denial-of-service (DoS). By opening streams and then rapidly triggering the server to reset them—using malformed frames or flow control errors—an attacker can exploit incorrect stream accounting. Streams reset by the server are considered closed at the protocol level, even though backend processing continues. This allows a client to cause the server to handle an unbounded number of concurrent streams on a single connection. This CVE will be updated as affected product details are released.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-8671.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-8671.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-8671
reference_id
reference_type
scores
0
value 0.00928
scoring_system epss
scoring_elements 0.7649
published_at 2026-06-05T12:55:00Z
1
value 0.00928
scoring_system epss
scoring_elements 0.76475
published_at 2026-06-08T12:55:00Z
2
value 0.00928
scoring_system epss
scoring_elements 0.76485
published_at 2026-06-07T12:55:00Z
3
value 0.00928
scoring_system epss
scoring_elements 0.76496
published_at 2026-06-06T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-8671
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-8671
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-8671
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2388222
reference_id 2388222
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2388222
5
reference_url https://www.fastlystatus.com/incident/377810
reference_id 377810
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-08-13T18:34:19Z/
url https://www.fastlystatus.com/incident/377810
6
reference_url https://github.com/h2o/h2o/commit/4729b661e3c6654198d2cc62997e1af58bef4b80
reference_id 4729b661e3c6654198d2cc62997e1af58bef4b80
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-08-13T18:34:19Z/
url https://github.com/h2o/h2o/commit/4729b661e3c6654198d2cc62997e1af58bef4b80
7
reference_url https://gitlab.isc.org/isc-projects/bind9/-/issues/5325
reference_id 5325
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-08-13T18:34:19Z/
url https://gitlab.isc.org/isc-projects/bind9/-/issues/5325
8
reference_url https://github.com/h2o/h2o/security/advisories/GHSA-mrjm-qq9m-9mjq
reference_id GHSA-mrjm-qq9m-9mjq
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-08-13T18:34:19Z/
url https://github.com/h2o/h2o/security/advisories/GHSA-mrjm-qq9m-9mjq
9
reference_url https://www.suse.com/support/kb/doc/?id=000021980
reference_id ?id=000021980
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-08-13T18:34:19Z/
url https://www.suse.com/support/kb/doc/?id=000021980
10
reference_url https://support2.windriver.com/index.php?page=security-notices
reference_id index.php?page=security-notices
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-08-13T18:34:19Z/
url https://support2.windriver.com/index.php?page=security-notices
11
reference_url https://galbarnahum.com/made-you-reset
reference_id made-you-reset
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-08-13T18:34:19Z/
url https://galbarnahum.com/made-you-reset
12
reference_url https://usn.ubuntu.com/8037-1/
reference_id USN-8037-1
reference_type
scores
url https://usn.ubuntu.com/8037-1/
13
reference_url https://varnish-cache.org/security/VSV00017.html
reference_id VSV00017.html
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-08-13T18:34:19Z/
url https://varnish-cache.org/security/VSV00017.html
fixed_packages
0
url pkg:apk/alpine/varnish@7.7.2-r0?arch=x86&distroversion=edge&reponame=main
purl pkg:apk/alpine/varnish@7.7.2-r0?arch=x86&distroversion=edge&reponame=main
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/varnish@7.7.2-r0%3Farch=x86&distroversion=edge&reponame=main
aliases CVE-2025-8671, VSV00017
risk_score 3.4
exploitability 0.5
weighted_severity 6.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-v38t-9zb6-suhf
Risk_scorenull
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:apk/alpine/varnish@7.7.2-r0%3Farch=x86&distroversion=edge&reponame=main