Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:apk/alpine/cifs-utils@0?arch=x86_64&distroversion=v3.15&reponame=main
Typeapk
Namespacealpine
Namecifs-utils
Version0
Qualifiers
arch x86_64
distroversion v3.15
reponame main
Subpath
Is_vulnerablefalse
Next_non_vulnerable_version6.13-r0
Latest_non_vulnerable_version6.13-r0
Affected_by_vulnerabilities
Fixing_vulnerabilities
0
url VCID-rf5a-6rvr-f7a9
vulnerability_id VCID-rf5a-6rvr-f7a9
summary It was found that cifs-utils' mount.cifs was invoking a shell when requesting the Samba password, which could be used to inject arbitrary commands. An attacker able to invoke mount.cifs with special permission, such as via sudo rules, could use this flaw to escalate their privileges.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-14342.json
reference_id
reference_type
scores
0
value 7.0
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-14342.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-14342
reference_id
reference_type
scores
0
value 0.00134
scoring_system epss
scoring_elements 0.32949
published_at 2026-06-04T12:55:00Z
1
value 0.00134
scoring_system epss
scoring_elements 0.33054
published_at 2026-06-05T12:55:00Z
2
value 0.00134
scoring_system epss
scoring_elements 0.33067
published_at 2026-06-06T12:55:00Z
3
value 0.00134
scoring_system epss
scoring_elements 0.3303
published_at 2026-06-07T12:55:00Z
4
value 0.00134
scoring_system epss
scoring_elements 0.32998
published_at 2026-06-08T12:55:00Z
5
value 0.00134
scoring_system epss
scoring_elements 0.33018
published_at 2026-06-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-14342
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14342
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14342
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 4.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1860884
reference_id 1860884
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1860884
5
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=970172
reference_id 970172
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=970172
6
reference_url https://security.gentoo.org/glsa/202009-16
reference_id GLSA-202009-16
reference_type
scores
url https://security.gentoo.org/glsa/202009-16
7
reference_url https://usn.ubuntu.com/5459-1/
reference_id USN-5459-1
reference_type
scores
url https://usn.ubuntu.com/5459-1/
8
reference_url https://usn.ubuntu.com/7688-1/
reference_id USN-7688-1
reference_type
scores
url https://usn.ubuntu.com/7688-1/
fixed_packages
0
url pkg:apk/alpine/cifs-utils@0?arch=x86_64&distroversion=v3.15&reponame=main
purl pkg:apk/alpine/cifs-utils@0?arch=x86_64&distroversion=v3.15&reponame=main
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/cifs-utils@0%3Farch=x86_64&distroversion=v3.15&reponame=main
aliases actually, affected,, applicable), CVE-2020-14342, (not, (Not, requires, --with-systemd)
risk_score 3.1
exploitability 0.5
weighted_severity 6.3
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-rf5a-6rvr-f7a9
Risk_scorenull
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:apk/alpine/cifs-utils@0%3Farch=x86_64&distroversion=v3.15&reponame=main