Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:apk/alpine/pdns-recursor@4.0.7-r0?arch=s390x&distroversion=v3.16&reponame=community
Typeapk
Namespacealpine
Namepdns-recursor
Version4.0.7-r0
Qualifiers
arch s390x
distroversion v3.16
reponame community
Subpath
Is_vulnerablefalse
Next_non_vulnerable_version4.1.1-r0
Latest_non_vulnerable_version4.6.3-r0
Affected_by_vulnerabilities
Fixing_vulnerabilities
0
url VCID-6g9m-xqf1-nua1
vulnerability_id VCID-6g9m-xqf1-nua1
summary An issue has been found in the DNSSEC validation component of PowerDNS Recursor from 4.0.0 and up to and including 4.0.6, where the signatures might have been accepted as valid even if the signed data was not in bailiwick of the DNSKEY used to sign it. This allows an attacker in position of man-in-the-middle to alter the content of records by issuing a valid signature for the crafted records.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2017-15090
reference_id
reference_type
scores
0
value 1e-05
scoring_system epss
scoring_elements 0.0002
published_at 2026-06-06T12:55:00Z
1
value 1e-05
scoring_system epss
scoring_elements 0.00021
published_at 2026-06-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2017-15090
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15090
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15090
2
reference_url https://security.archlinux.org/ASA-201711-31
reference_id ASA-201711-31
reference_type
scores
url https://security.archlinux.org/ASA-201711-31
3
reference_url https://security.archlinux.org/AVG-520
reference_id AVG-520
reference_type
scores
0
value Medium
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-520
fixed_packages
0
url pkg:apk/alpine/pdns-recursor@4.0.7-r0?arch=s390x&distroversion=v3.16&reponame=community
purl pkg:apk/alpine/pdns-recursor@4.0.7-r0?arch=s390x&distroversion=v3.16&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/pdns-recursor@4.0.7-r0%3Farch=s390x&distroversion=v3.16&reponame=community
aliases CVE-2017-15090
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-6g9m-xqf1-nua1
1
url VCID-8c6p-nczh-83ce
vulnerability_id VCID-8c6p-nczh-83ce
summary A cross-site scripting issue has been found in the web interface of PowerDNS Recursor from 4.0.0 up to and including 4.0.6, where the qname of DNS queries was displayed without any escaping, allowing a remote attacker to inject HTML and Javascript code into the web interface, altering the content.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2017-15092
reference_id
reference_type
scores
0
value 2e-05
scoring_system epss
scoring_elements 0.00026
published_at 2026-06-09T12:55:00Z
1
value 2e-05
scoring_system epss
scoring_elements 0.00027
published_at 2026-06-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2017-15092
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15092
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15092
2
reference_url https://security.archlinux.org/ASA-201711-31
reference_id ASA-201711-31
reference_type
scores
url https://security.archlinux.org/ASA-201711-31
3
reference_url https://security.archlinux.org/AVG-520
reference_id AVG-520
reference_type
scores
0
value Medium
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-520
fixed_packages
0
url pkg:apk/alpine/pdns-recursor@4.0.7-r0?arch=s390x&distroversion=v3.16&reponame=community
purl pkg:apk/alpine/pdns-recursor@4.0.7-r0?arch=s390x&distroversion=v3.16&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/pdns-recursor@4.0.7-r0%3Farch=s390x&distroversion=v3.16&reponame=community
aliases CVE-2017-15092
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-8c6p-nczh-83ce
2
url VCID-dmr2-qydm-d3dt
vulnerability_id VCID-dmr2-qydm-d3dt
summary An issue has been found in the DNSSEC parsing code of PowerDNS Recursor from 4.0.0 up to and including 4.0.6 leading to a memory leak when parsing specially crafted DNSSEC ECDSA keys. These keys are only parsed when validation is enabled by setting dnssec to a value other than off or process-no-validate (default).
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2017-15094
reference_id
reference_type
scores
0
value 4e-05
scoring_system epss
scoring_elements 0.00199
published_at 2026-06-04T12:55:00Z
1
value 4e-05
scoring_system epss
scoring_elements 0.00198
published_at 2026-06-08T12:55:00Z
2
value 4e-05
scoring_system epss
scoring_elements 0.00197
published_at 2026-06-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2017-15094
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15094
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15094
2
reference_url https://security.archlinux.org/ASA-201711-31
reference_id ASA-201711-31
reference_type
scores
url https://security.archlinux.org/ASA-201711-31
3
reference_url https://security.archlinux.org/AVG-520
reference_id AVG-520
reference_type
scores
0
value Medium
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-520
fixed_packages
0
url pkg:apk/alpine/pdns-recursor@4.0.7-r0?arch=s390x&distroversion=v3.16&reponame=community
purl pkg:apk/alpine/pdns-recursor@4.0.7-r0?arch=s390x&distroversion=v3.16&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/pdns-recursor@4.0.7-r0%3Farch=s390x&distroversion=v3.16&reponame=community
aliases CVE-2017-15094
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-dmr2-qydm-d3dt
3
url VCID-wxe6-kebx-6qbc
vulnerability_id VCID-wxe6-kebx-6qbc
summary When api-config-dir is set to a non-empty value, which is not the case by default, the API in PowerDNS Recursor 4.x up to and including 4.0.6 and 3.x up to and including 3.7.4 allows an authorized user to update the Recursor's ACL by adding and removing netmasks, and to configure forward zones. It was discovered that the new netmask and IP addresses of forwarded zones were not sufficiently validated, allowing an authenticated user to inject new configuration directives into the Recursor's configuration.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2017-15093
reference_id
reference_type
scores
0
value 4e-05
scoring_system epss
scoring_elements 0.00165
published_at 2026-06-07T12:55:00Z
1
value 4e-05
scoring_system epss
scoring_elements 0.00166
published_at 2026-06-05T12:55:00Z
2
value 4e-05
scoring_system epss
scoring_elements 0.00167
published_at 2026-06-06T12:55:00Z
3
value 4e-05
scoring_system epss
scoring_elements 0.00164
published_at 2026-06-08T12:55:00Z
4
value 4e-05
scoring_system epss
scoring_elements 0.00163
published_at 2026-06-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2017-15093
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15093
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15093
2
reference_url https://security.archlinux.org/ASA-201711-31
reference_id ASA-201711-31
reference_type
scores
url https://security.archlinux.org/ASA-201711-31
3
reference_url https://security.archlinux.org/AVG-520
reference_id AVG-520
reference_type
scores
0
value Medium
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-520
fixed_packages
0
url pkg:apk/alpine/pdns-recursor@4.0.7-r0?arch=s390x&distroversion=v3.16&reponame=community
purl pkg:apk/alpine/pdns-recursor@4.0.7-r0?arch=s390x&distroversion=v3.16&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/pdns-recursor@4.0.7-r0%3Farch=s390x&distroversion=v3.16&reponame=community
aliases CVE-2017-15093
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-wxe6-kebx-6qbc
Risk_scorenull
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:apk/alpine/pdns-recursor@4.0.7-r0%3Farch=s390x&distroversion=v3.16&reponame=community