Django REST framework

Lookup for vulnerable packages by Package URL.

Purl pkg:deb/debian/nginx@1.6.2-5%2Bdeb8u1~bpo70%2B1

Type deb

Namespace debian

Name nginx

Version 1.6.2-5+deb8u1~bpo70+1

Qualifiers

Subpath

Is_vulnerable true

Next_non_vulnerable_version 1.14.2-2+deb10u4

Latest_non_vulnerable_version 1.14.2-2+deb10u4

Affected_by_vulnerabilities

url VCID-3mcc-5mw8-tfc9

vulnerability_id VCID-3mcc-5mw8-tfc9

summary information disclosure

references

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7529
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7529

reference_url

https://mailman.nginx.org/pipermail/nginx-announce/2017/000200.html

reference_id

reference_type

scores

value	medium
scoring_system	generic_textual
scoring_elements

url

https://mailman.nginx.org/pipermail/nginx-announce/2017/000200.html

reference_url	https://nginx.org/download/patch.2017.ranges.txt
reference_id
reference_type
scores
url	https://nginx.org/download/patch.2017.ranges.txt

reference_url	https://nginx.org/download/patch.2017.ranges.txt.asc
reference_id
reference_type
scores
url	https://nginx.org/download/patch.2017.ranges.txt.asc

reference_url	https://security.archlinux.org/ASA-201707-11
reference_id	ASA-201707-11
reference_type
scores
url	https://security.archlinux.org/ASA-201707-11

reference_url	https://security.archlinux.org/ASA-201707-12
reference_id	ASA-201707-12
reference_type
scores
url	https://security.archlinux.org/ASA-201707-12

reference_url

https://security.archlinux.org/AVG-345

reference_id

AVG-345

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-345

reference_url

https://security.archlinux.org/AVG-346

reference_id

AVG-346

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-346

reference_url	https://nvd.nist.gov/vuln/detail/CVE-2017-7529
reference_id	CVE-2017-7529
reference_type
scores
url	https://nvd.nist.gov/vuln/detail/CVE-2017-7529

fixed_packages

url pkg:deb/debian/nginx@1.6.2-5%2Bdeb8u5

purl pkg:deb/debian/nginx@1.6.2-5%2Bdeb8u5

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-3mcc-5mw8-tfc9

vulnerability	VCID-6hfk-j9e8-7uf2

vulnerability	VCID-tdbz-96pr-z3az

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.6.2-5%252Bdeb8u5

url pkg:deb/debian/nginx@1.10.3-1%2Bdeb9u4

purl pkg:deb/debian/nginx@1.10.3-1%2Bdeb9u4

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-3mcc-5mw8-tfc9

vulnerability	VCID-tdbz-96pr-z3az

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.10.3-1%252Bdeb9u4

url	pkg:deb/debian/nginx@1.14.2-2%2Bdeb10u4
purl	pkg:deb/debian/nginx@1.14.2-2%2Bdeb10u4
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.14.2-2%252Bdeb10u4

aliases CVE-2017-7529

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-3mcc-5mw8-tfc9

url VCID-6hfk-j9e8-7uf2

vulnerability_id VCID-6hfk-j9e8-7uf2

summary privilege escalation

references

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1247
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1247

reference_url	https://security.archlinux.org/ASA-201701-23
reference_id	ASA-201701-23
reference_type
scores
url	https://security.archlinux.org/ASA-201701-23

reference_url	https://security.archlinux.org/ASA-201701-24
reference_id	ASA-201701-24
reference_type
scores
url	https://security.archlinux.org/ASA-201701-24

reference_url

https://security.archlinux.org/AVG-138

reference_id

AVG-138

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-138

reference_url

https://security.archlinux.org/AVG-139

reference_id

AVG-139

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-139

fixed_packages

url pkg:deb/debian/nginx@1.6.2-5%2Bdeb8u5

purl pkg:deb/debian/nginx@1.6.2-5%2Bdeb8u5

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-3mcc-5mw8-tfc9

vulnerability	VCID-6hfk-j9e8-7uf2

vulnerability	VCID-tdbz-96pr-z3az

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.6.2-5%252Bdeb8u5

url pkg:deb/debian/nginx@1.10.3-1%2Bdeb9u1~bpo8%2B2

purl pkg:deb/debian/nginx@1.10.3-1%2Bdeb9u1~bpo8%2B2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-3mcc-5mw8-tfc9

vulnerability	VCID-tdbz-96pr-z3az

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.10.3-1%252Bdeb9u1~bpo8%252B2

aliases CVE-2016-1247

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-6hfk-j9e8-7uf2

url VCID-tdbz-96pr-z3az

vulnerability_id VCID-tdbz-96pr-z3az

summary arbitrary code execution

references

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23017
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23017

reference_url

https://mailman.nginx.org/pipermail/nginx-announce/2021/000300.html

reference_id

reference_type

scores

value	medium
scoring_system	generic_textual
scoring_elements

url

https://mailman.nginx.org/pipermail/nginx-announce/2021/000300.html

reference_url	https://nginx.org/download/patch.2021.resolver.txt
reference_id
reference_type
scores
url	https://nginx.org/download/patch.2021.resolver.txt

reference_url	https://nginx.org/download/patch.2021.resolver.txt.asc
reference_id
reference_type
scores
url	https://nginx.org/download/patch.2021.resolver.txt.asc

reference_url	https://security.archlinux.org/ASA-202106-36
reference_id	ASA-202106-36
reference_type
scores
url	https://security.archlinux.org/ASA-202106-36

reference_url	https://security.archlinux.org/ASA-202106-48
reference_id	ASA-202106-48
reference_type
scores
url	https://security.archlinux.org/ASA-202106-48

reference_url

https://security.archlinux.org/AVG-1987

reference_id

AVG-1987

reference_type

scores

value	Medium
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-1987

reference_url

https://security.archlinux.org/AVG-1988

reference_id

AVG-1988

reference_type

scores

value	Medium
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-1988

reference_url	https://nvd.nist.gov/vuln/detail/CVE-2021-23017
reference_id	CVE-2021-23017
reference_type
scores
url	https://nvd.nist.gov/vuln/detail/CVE-2021-23017

fixed_packages

url	pkg:deb/debian/nginx@1.14.2-2%2Bdeb10u4
purl	pkg:deb/debian/nginx@1.14.2-2%2Bdeb10u4
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.14.2-2%252Bdeb10u4

aliases CVE-2021-23017

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-tdbz-96pr-z3az

Fixing_vulnerabilities

Risk_score null

Resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.6.2-5%252Bdeb8u1~bpo70%252B1

Package Instance