Django REST framework

Lookup for vulnerable packages by Package URL.

Purl pkg:deb/debian/kotlin@1.3.31%2Bds1-3?distro=trixie

Type deb

Namespace debian

Name kotlin

Version 1.3.31+ds1-3

Qualifiers

distro	trixie

Subpath

Is_vulnerable false

Next_non_vulnerable_version null

Latest_non_vulnerable_version null

Affected_by_vulnerabilities

Fixing_vulnerabilities

url VCID-1ht6-adqj-vye7

vulnerability_id VCID-1ht6-adqj-vye7

summary Improper Locking in JetBrains Kotlin

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-24329.json

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-24329.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2022-24329

reference_id

reference_type

scores

value	3e-05
scoring_system	epss
scoring_elements	0.0007
published_at	2026-06-11T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2022-24329

reference_url

https://blog.jetbrains.com

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://blog.jetbrains.com

reference_url

https://blog.jetbrains.com/blog/2022/02/08/jetbrains-security-bulletin-q4-2021

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://blog.jetbrains.com/blog/2022/02/08/jetbrains-security-bulletin-q4-2021

reference_url

https://github.com/JetBrains/kotlin

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/JetBrains/kotlin

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2074230
reference_id	2074230
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2074230

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2022-24329

reference_id

CVE-2022-24329

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2022-24329

reference_url

https://github.com/advisories/GHSA-2qp4-g3q3-f92w

reference_id

GHSA-2qp4-g3q3-f92w

reference_type

scores

value	MODERATE
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-2qp4-g3q3-f92w

fixed_packages

url	pkg:deb/debian/kotlin@0?distro=trixie
purl	pkg:deb/debian/kotlin@0?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/kotlin@0%3Fdistro=trixie

url pkg:deb/debian/kotlin@1.3.31%2Bds1-1?distro=trixie

purl pkg:deb/debian/kotlin@1.3.31%2Bds1-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-hcnk-qn4e-myb9

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/kotlin@1.3.31%252Bds1-1%3Fdistro=trixie

url	pkg:deb/debian/kotlin@1.3.31%2Bds1-3?distro=trixie
purl	pkg:deb/debian/kotlin@1.3.31%2Bds1-3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/kotlin@1.3.31%252Bds1-3%3Fdistro=trixie

aliases CVE-2022-24329, GHSA-2qp4-g3q3-f92w

risk_score 3.1

exploitability 0.5

weighted_severity 6.2

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-1ht6-adqj-vye7

url VCID-81rs-ubpc-1qeb

vulnerability_id VCID-81rs-ubpc-1qeb

summary JetBrains Kotlin versions before 1.3.30 were resolving artifacts using an http connection during the build process, potentially allowing an MITM attack.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2019-10101

reference_id

reference_type

scores

value	0.00012
scoring_system	epss
scoring_elements	0.01614
published_at	2026-06-11T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2019-10101

fixed_packages

url	pkg:deb/debian/kotlin@0?distro=trixie
purl	pkg:deb/debian/kotlin@0?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/kotlin@0%3Fdistro=trixie

url pkg:deb/debian/kotlin@1.3.31%2Bds1-1?distro=trixie

purl pkg:deb/debian/kotlin@1.3.31%2Bds1-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-hcnk-qn4e-myb9

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/kotlin@1.3.31%252Bds1-1%3Fdistro=trixie

url	pkg:deb/debian/kotlin@1.3.31%2Bds1-3?distro=trixie
purl	pkg:deb/debian/kotlin@1.3.31%2Bds1-3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/kotlin@1.3.31%252Bds1-3%3Fdistro=trixie

aliases CVE-2019-10101

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-81rs-ubpc-1qeb

url VCID-hcnk-qn4e-myb9

vulnerability_id VCID-hcnk-qn4e-myb9

summary Incorrect Default Permissions in JetBrains Kotlin

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-29582.json

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-29582.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2020-29582

reference_id

reference_type

scores

value	4e-05
scoring_system	epss
scoring_elements	0.00164
published_at	2026-06-11T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2020-29582

reference_url

https://blog.jetbrains.com

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://blog.jetbrains.com

reference_url

https://blog.jetbrains.com/blog/2021/02/03/jetbrains-security-bulletin-q4-2020

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://blog.jetbrains.com/blog/2021/02/03/jetbrains-security-bulletin-q4-2020

reference_url	https://blog.jetbrains.com/blog/2021/02/03/jetbrains-security-bulletin-q4-2020/
reference_id
reference_type
scores
url	https://blog.jetbrains.com/blog/2021/02/03/jetbrains-security-bulletin-q4-2020/

reference_url

https://lists.apache.org/thread.html/r2721aba31a8562639c4b937150897e24f78f747cdbda8641c0f659fe@%3Cusers.kafka.apache.org%3E

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/r2721aba31a8562639c4b937150897e24f78f747cdbda8641c0f659fe@%3Cusers.kafka.apache.org%3E

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1001037
reference_id	1001037
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1001037

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1930291
reference_id	1930291
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1930291

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2020-29582

reference_id

CVE-2020-29582

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2020-29582

reference_url

https://github.com/advisories/GHSA-cqj8-47ch-rvvq

reference_id

GHSA-cqj8-47ch-rvvq

reference_type

scores

value	MODERATE
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-cqj8-47ch-rvvq

reference_url	https://access.redhat.com/errata/RHSA-2021:3205
reference_id	RHSA-2021:3205
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:3205

reference_url	https://access.redhat.com/errata/RHSA-2021:3207
reference_id	RHSA-2021:3207
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:3207

reference_url	https://access.redhat.com/errata/RHSA-2022:5532
reference_id	RHSA-2022:5532
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:5532

fixed_packages

url	pkg:deb/debian/kotlin@1.3.31%2Bds1-3?distro=trixie
purl	pkg:deb/debian/kotlin@1.3.31%2Bds1-3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/kotlin@1.3.31%252Bds1-3%3Fdistro=trixie

aliases CVE-2020-29582, GHSA-cqj8-47ch-rvvq

risk_score 3.1

exploitability 0.5

weighted_severity 6.2

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-hcnk-qn4e-myb9

url VCID-xh2t-yx4k-mket

vulnerability_id VCID-xh2t-yx4k-mket

summary In JetBrains Kotlin from 1.4-M1 to 1.4-RC (as Kotlin 1.3.7x is not affected by the issue. Fixed version is 1.4.0) there is a script-cache privilege escalation vulnerability due to kotlin-main-kts cached scripts in the system temp directory, which is shared by all users by default.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-15824.json

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-15824.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2020-15824

reference_id

reference_type

scores

value	0.00022
scoring_system	epss
scoring_elements	0.06485
published_at	2026-06-11T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2020-15824

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1930297
reference_id	1930297
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1930297

fixed_packages

url	pkg:deb/debian/kotlin@0?distro=trixie
purl	pkg:deb/debian/kotlin@0?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/kotlin@0%3Fdistro=trixie

url pkg:deb/debian/kotlin@1.3.31%2Bds1-1?distro=trixie

purl pkg:deb/debian/kotlin@1.3.31%2Bds1-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-hcnk-qn4e-myb9

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/kotlin@1.3.31%252Bds1-1%3Fdistro=trixie

url	pkg:deb/debian/kotlin@1.3.31%2Bds1-3?distro=trixie
purl	pkg:deb/debian/kotlin@1.3.31%2Bds1-3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/kotlin@1.3.31%252Bds1-3%3Fdistro=trixie

aliases CVE-2020-15824

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-xh2t-yx4k-mket

Risk_score null

Resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/kotlin@1.3.31%252Bds1-3%3Fdistro=trixie

Package Instance