Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:apk/alpine/curl@8.5.0-r0?arch=s390x&distroversion=v3.21&reponame=main
Typeapk
Namespacealpine
Namecurl
Version8.5.0-r0
Qualifiers
arch s390x
distroversion v3.21
reponame main
Subpath
Is_vulnerablefalse
Next_non_vulnerable_version8.6.0-r0
Latest_non_vulnerable_version8.14.1-r2
Affected_by_vulnerabilities
Fixing_vulnerabilities
0
url VCID-85qb-zec7-subc
vulnerability_id VCID-85qb-zec7-subc
summary When saving HSTS data to an excessively long file name, curl could end up removing all contents, making subsequent requests using that file unaware of the HSTS status they should otherwise use.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-46219.json
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-46219.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2023-46219
reference_id
reference_type
scores
0
value 0.00139
scoring_system epss
scoring_elements 0.3365
published_at 2026-06-09T12:55:00Z
1
value 0.00139
scoring_system epss
scoring_elements 0.33683
published_at 2026-06-05T12:55:00Z
2
value 0.00139
scoring_system epss
scoring_elements 0.33697
published_at 2026-06-06T12:55:00Z
3
value 0.00139
scoring_system epss
scoring_elements 0.33663
published_at 2026-06-07T12:55:00Z
4
value 0.00139
scoring_system epss
scoring_elements 0.33628
published_at 2026-06-08T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2023-46219
2
reference_url https://curl.se/docs/CVE-2023-46219.html
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
1
value Low
scoring_system cvssv3.1
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-02T20:01:11Z/
url https://curl.se/docs/CVE-2023-46219.html
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-46219
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-46219
4
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
5
reference_url https://hackerone.com/reports/2236133
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-02T20:01:11Z/
url https://hackerone.com/reports/2236133
6
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1057645
reference_id 1057645
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1057645
7
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2252034
reference_id 2252034
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2252034
8
reference_url https://www.debian.org/security/2023/dsa-5587
reference_id dsa-5587
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-02T20:01:11Z/
url https://www.debian.org/security/2023/dsa-5587
9
reference_url https://security.gentoo.org/glsa/202409-20
reference_id GLSA-202409-20
reference_type
scores
url https://security.gentoo.org/glsa/202409-20
10
reference_url https://security.netapp.com/advisory/ntap-20240119-0007/
reference_id ntap-20240119-0007
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-02T20:01:11Z/
url https://security.netapp.com/advisory/ntap-20240119-0007/
11
reference_url https://access.redhat.com/errata/RHSA-2024:1316
reference_id RHSA-2024:1316
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:1316
12
reference_url https://access.redhat.com/errata/RHSA-2024:1317
reference_id RHSA-2024:1317
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:1317
13
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UOGXU25FMMT2X6UUITQ7EZZYMJ42YWWD/
reference_id UOGXU25FMMT2X6UUITQ7EZZYMJ42YWWD
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-02T20:01:11Z/
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UOGXU25FMMT2X6UUITQ7EZZYMJ42YWWD/
14
reference_url https://usn.ubuntu.com/6535-1/
reference_id USN-6535-1
reference_type
scores
url https://usn.ubuntu.com/6535-1/
fixed_packages
0
url pkg:apk/alpine/curl@8.5.0-r0?arch=s390x&distroversion=v3.21&reponame=main
purl pkg:apk/alpine/curl@8.5.0-r0?arch=s390x&distroversion=v3.21&reponame=main
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/curl@8.5.0-r0%3Farch=s390x&distroversion=v3.21&reponame=main
aliases CVE-2023-46219
risk_score 2.4
exploitability 0.5
weighted_severity 4.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-85qb-zec7-subc
1
url VCID-wmam-qmmg-6uay
vulnerability_id VCID-wmam-qmmg-6uay
summary This flaw allows a malicious HTTP server to set "super cookies" in curl that are then passed back to more origins than what is otherwise allowed or possible. This allows a site to set cookies that then would get sent to different and unrelated sites and domains. It could do this by exploiting a mixed case flaw in curl's function that verifies a given cookie domain against the Public Suffix List (PSL). For example a cookie could be set with `domain=co.UK` when the URL used a lower case hostname `curl.co.uk`, even though `co.uk` is listed as a PSL domain.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-46218.json
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-46218.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2023-46218
reference_id
reference_type
scores
0
value 0.00213
scoring_system epss
scoring_elements 0.43867
published_at 2026-06-09T12:55:00Z
1
value 0.00219
scoring_system epss
scoring_elements 0.44579
published_at 2026-06-07T12:55:00Z
2
value 0.00219
scoring_system epss
scoring_elements 0.44601
published_at 2026-06-06T12:55:00Z
3
value 0.00219
scoring_system epss
scoring_elements 0.44545
published_at 2026-06-08T12:55:00Z
4
value 0.00219
scoring_system epss
scoring_elements 0.44593
published_at 2026-06-05T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2023-46218
2
reference_url https://curl.se/docs/CVE-2023-46218.html
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
1
value Medium
scoring_system cvssv3.1
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-28T16:38:08Z/
url https://curl.se/docs/CVE-2023-46218.html
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-46218
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-46218
4
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 4.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
5
reference_url https://hackerone.com/reports/2212193
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-28T16:38:08Z/
url https://hackerone.com/reports/2212193
6
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1057646
reference_id 1057646
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1057646
7
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2252030
reference_id 2252030
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2252030
8
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3ZX3VW67N4ACRAPMV2QS2LVYGD7H2MVE/
reference_id 3ZX3VW67N4ACRAPMV2QS2LVYGD7H2MVE
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-28T16:38:08Z/
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3ZX3VW67N4ACRAPMV2QS2LVYGD7H2MVE/
9
reference_url https://www.debian.org/security/2023/dsa-5587
reference_id dsa-5587
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-28T16:38:08Z/
url https://www.debian.org/security/2023/dsa-5587
10
reference_url https://security.gentoo.org/glsa/202409-20
reference_id GLSA-202409-20
reference_type
scores
url https://security.gentoo.org/glsa/202409-20
11
reference_url https://lists.debian.org/debian-lts-announce/2023/12/msg00015.html
reference_id msg00015.html
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-28T16:38:08Z/
url https://lists.debian.org/debian-lts-announce/2023/12/msg00015.html
12
reference_url https://security.netapp.com/advisory/ntap-20240125-0007/
reference_id ntap-20240125-0007
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-28T16:38:08Z/
url https://security.netapp.com/advisory/ntap-20240125-0007/
13
reference_url https://access.redhat.com/errata/RHSA-2024:0428
reference_id RHSA-2024:0428
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:0428
14
reference_url https://access.redhat.com/errata/RHSA-2024:0434
reference_id RHSA-2024:0434
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:0434
15
reference_url https://access.redhat.com/errata/RHSA-2024:0452
reference_id RHSA-2024:0452
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:0452
16
reference_url https://access.redhat.com/errata/RHSA-2024:0585
reference_id RHSA-2024:0585
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:0585
17
reference_url https://access.redhat.com/errata/RHSA-2024:1129
reference_id RHSA-2024:1129
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:1129
18
reference_url https://access.redhat.com/errata/RHSA-2024:1316
reference_id RHSA-2024:1316
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:1316
19
reference_url https://access.redhat.com/errata/RHSA-2024:1317
reference_id RHSA-2024:1317
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:1317
20
reference_url https://access.redhat.com/errata/RHSA-2024:1383
reference_id RHSA-2024:1383
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:1383
21
reference_url https://access.redhat.com/errata/RHSA-2024:1601
reference_id RHSA-2024:1601
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:1601
22
reference_url https://access.redhat.com/errata/RHSA-2024:2092
reference_id RHSA-2024:2092
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:2092
23
reference_url https://access.redhat.com/errata/RHSA-2024:2093
reference_id RHSA-2024:2093
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:2093
24
reference_url https://access.redhat.com/errata/RHSA-2024:2094
reference_id RHSA-2024:2094
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:2094
25
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UOGXU25FMMT2X6UUITQ7EZZYMJ42YWWD/
reference_id UOGXU25FMMT2X6UUITQ7EZZYMJ42YWWD
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-28T16:38:08Z/
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UOGXU25FMMT2X6UUITQ7EZZYMJ42YWWD/
26
reference_url https://usn.ubuntu.com/6535-1/
reference_id USN-6535-1
reference_type
scores
url https://usn.ubuntu.com/6535-1/
27
reference_url https://usn.ubuntu.com/6641-1/
reference_id USN-6641-1
reference_type
scores
url https://usn.ubuntu.com/6641-1/
fixed_packages
0
url pkg:apk/alpine/curl@8.5.0-r0?arch=s390x&distroversion=v3.21&reponame=main
purl pkg:apk/alpine/curl@8.5.0-r0?arch=s390x&distroversion=v3.21&reponame=main
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/curl@8.5.0-r0%3Farch=s390x&distroversion=v3.21&reponame=main
aliases CVE-2023-46218
risk_score 3.0
exploitability 0.5
weighted_severity 5.9
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-wmam-qmmg-6uay
Risk_scorenull
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:apk/alpine/curl@8.5.0-r0%3Farch=s390x&distroversion=v3.21&reponame=main