Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:apk/alpine/gst-plugins-bad@1.26.3-r0?arch=aarch64&distroversion=v3.23&reponame=community
Typeapk
Namespacealpine
Namegst-plugins-bad
Version1.26.3-r0
Qualifiers
arch aarch64
distroversion v3.23
reponame community
Subpath
Is_vulnerablefalse
Next_non_vulnerable_versionnull
Latest_non_vulnerable_versionnull
Affected_by_vulnerabilities
Fixing_vulnerabilities
0
url VCID-4vpj-knhb-j3fj
vulnerability_id VCID-4vpj-knhb-j3fj
summary GStreamer H266 Codec Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. Interaction with this library is required to exploit this vulnerability but attack vectors may vary depending on the implementation. The specific flaw exists within the parsing of H266 sei messages. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-27381.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-6663.json
reference_id
reference_type
scores
0
value 7.8
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-6663.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-6663
reference_id
reference_type
scores
0
value 0.00159
scoring_system epss
scoring_elements 0.36521
published_at 2026-06-09T12:55:00Z
1
value 0.00159
scoring_system epss
scoring_elements 0.36576
published_at 2026-06-05T12:55:00Z
2
value 0.00159
scoring_system epss
scoring_elements 0.36585
published_at 2026-06-06T12:55:00Z
3
value 0.00159
scoring_system epss
scoring_elements 0.36548
published_at 2026-06-07T12:55:00Z
4
value 0.00159
scoring_system epss
scoring_elements 0.36511
published_at 2026-06-08T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-6663
2
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1108973
reference_id 1108973
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1108973
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2376845
reference_id 2376845
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2376845
4
reference_url https://gitlab.freedesktop.org/tpm/gstreamer/-/commit/eedd01ac3dfeb60e36a44bb61a6d0418454e8416
reference_id eedd01ac3dfeb60e36a44bb61a6d0418454e8416
reference_type
scores
0
value 7.8
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-07-07T15:11:33Z/
url https://gitlab.freedesktop.org/tpm/gstreamer/-/commit/eedd01ac3dfeb60e36a44bb61a6d0418454e8416
5
reference_url https://www.zerodayinitiative.com/advisories/ZDI-25-467/
reference_id ZDI-25-467
reference_type
scores
0
value 7.8
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-07-07T15:11:33Z/
url https://www.zerodayinitiative.com/advisories/ZDI-25-467/
fixed_packages
0
url pkg:apk/alpine/gst-plugins-bad@1.26.3-r0?arch=aarch64&distroversion=v3.23&reponame=community
purl pkg:apk/alpine/gst-plugins-bad@1.26.3-r0?arch=aarch64&distroversion=v3.23&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/gst-plugins-bad@1.26.3-r0%3Farch=aarch64&distroversion=v3.23&reponame=community
aliases CVE-2025-6663
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-4vpj-knhb-j3fj
Risk_scorenull
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:apk/alpine/gst-plugins-bad@1.26.3-r0%3Farch=aarch64&distroversion=v3.23&reponame=community