Django REST framework

Lookup for vulnerable packages by Package URL.

Purl pkg:deb/debian/krb5@1.2.7-3?distro=trixie

Type deb

Namespace debian

Name krb5

Version 1.2.7-3

Qualifiers

distro	trixie

Subpath

Is_vulnerable false

Next_non_vulnerable_version 1.3-1

Latest_non_vulnerable_version 1.22.1-2.1

Affected_by_vulnerabilities

Fixing_vulnerabilities

url VCID-e5n1-g4p8-g7ec

vulnerability_id VCID-e5n1-g4p8-g7ec

summary Version 4 of the Kerberos protocol (krb4), as used in Heimdal and other packages, allows an attacker to impersonate any principal in a realm via a chosen-plaintext attack.

references

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2003-0138.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2003-0138.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2003-0138

reference_id

reference_type

scores

value	0.05644
scoring_system	epss
scoring_elements	0.90561
published_at	2026-06-11T12:55:00Z

value	0.05644
scoring_system	epss
scoring_elements	0.90591
published_at	2026-06-12T12:55:00Z

value	0.05644
scoring_system	epss
scoring_elements	0.90598
published_at	2026-06-13T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2003-0138

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-0138
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-0138

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1616981
reference_id	1616981
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1616981

reference_url	https://access.redhat.com/errata/RHSA-2003:051
reference_id	RHSA-2003:051
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2003:051

reference_url	https://access.redhat.com/errata/RHSA-2003:052
reference_id	RHSA-2003:052
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2003:052

reference_url	https://access.redhat.com/errata/RHSA-2003:091
reference_id	RHSA-2003:091
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2003:091

reference_url	https://access.redhat.com/errata/RHSA-2003:168
reference_id	RHSA-2003:168
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2003:168

fixed_packages

url	pkg:deb/debian/krb5@1.2.7-3?distro=trixie
purl	pkg:deb/debian/krb5@1.2.7-3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/krb5@1.2.7-3%3Fdistro=trixie

url	pkg:deb/debian/krb5@1.18.3-6%2Bdeb11u5?distro=trixie
purl	pkg:deb/debian/krb5@1.18.3-6%2Bdeb11u5?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/krb5@1.18.3-6%252Bdeb11u5%3Fdistro=trixie

url	pkg:deb/debian/krb5@1.20.1-2%2Bdeb12u4?distro=trixie
purl	pkg:deb/debian/krb5@1.20.1-2%2Bdeb12u4?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/krb5@1.20.1-2%252Bdeb12u4%3Fdistro=trixie

url	pkg:deb/debian/krb5@1.21.3-5?distro=trixie
purl	pkg:deb/debian/krb5@1.21.3-5?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/krb5@1.21.3-5%3Fdistro=trixie

url	pkg:deb/debian/krb5@1.22.1-2.1?distro=trixie
purl	pkg:deb/debian/krb5@1.22.1-2.1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/krb5@1.22.1-2.1%3Fdistro=trixie

aliases CVE-2003-0138

risk_score 0.1

exploitability 0.5

weighted_severity 0.1

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-e5n1-g4p8-g7ec

url VCID-mrrw-3rta-rffu

vulnerability_id VCID-mrrw-3rta-rffu

summary Certain weaknesses in the implementation of version 4 of the Kerberos protocol (krb4) in the krb5 distribution, when triple-DES keys are used to key krb4 services, allow an attacker to create krb4 tickets for unauthorized principals using a cut-and-paste attack and "ticket splicing."

references

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2003-0139.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2003-0139.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2003-0139

reference_id

reference_type

scores

value	0.04948
scoring_system	epss
scoring_elements	0.89878
published_at	2026-06-11T12:55:00Z

value	0.04948
scoring_system	epss
scoring_elements	0.89911
published_at	2026-06-12T12:55:00Z

value	0.04948
scoring_system	epss
scoring_elements	0.89919
published_at	2026-06-13T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2003-0139

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-0139
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-0139

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1616982
reference_id	1616982
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1616982

reference_url	https://access.redhat.com/errata/RHSA-2003:051
reference_id	RHSA-2003:051
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2003:051

reference_url	https://access.redhat.com/errata/RHSA-2003:052
reference_id	RHSA-2003:052
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2003:052

reference_url	https://access.redhat.com/errata/RHSA-2003:091
reference_id	RHSA-2003:091
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2003:091

reference_url	https://access.redhat.com/errata/RHSA-2003:168
reference_id	RHSA-2003:168
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2003:168

fixed_packages

url	pkg:deb/debian/krb5@1.2.7-3?distro=trixie
purl	pkg:deb/debian/krb5@1.2.7-3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/krb5@1.2.7-3%3Fdistro=trixie

url	pkg:deb/debian/krb5@1.18.3-6%2Bdeb11u5?distro=trixie
purl	pkg:deb/debian/krb5@1.18.3-6%2Bdeb11u5?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/krb5@1.18.3-6%252Bdeb11u5%3Fdistro=trixie

url	pkg:deb/debian/krb5@1.20.1-2%2Bdeb12u4?distro=trixie
purl	pkg:deb/debian/krb5@1.20.1-2%2Bdeb12u4?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/krb5@1.20.1-2%252Bdeb12u4%3Fdistro=trixie

url	pkg:deb/debian/krb5@1.21.3-5?distro=trixie
purl	pkg:deb/debian/krb5@1.21.3-5?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/krb5@1.21.3-5%3Fdistro=trixie

url	pkg:deb/debian/krb5@1.22.1-2.1?distro=trixie
purl	pkg:deb/debian/krb5@1.22.1-2.1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/krb5@1.22.1-2.1%3Fdistro=trixie

aliases CVE-2003-0139

risk_score null

exploitability 0.5

weighted_severity 0.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-mrrw-3rta-rffu

url VCID-ytwy-gfmk-f3a6

vulnerability_id VCID-ytwy-gfmk-f3a6

summary The Key Distribution Center (KDC) in Kerberos 5 (krb5) 1.2.7 and earlier allows remote, authenticated attackers to cause a denial of service (crash) on KDCs within the same realm using a certain protocol request that causes an out-of-bounds read of an array (aka "array overrun").

references

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2003-0072.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2003-0072.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2003-0072

reference_id

reference_type

scores

value	0.01252
scoring_system	epss
scoring_elements	0.79751
published_at	2026-06-11T12:55:00Z

value	0.01252
scoring_system	epss
scoring_elements	0.79816
published_at	2026-06-12T12:55:00Z

value	0.01252
scoring_system	epss
scoring_elements	0.79833
published_at	2026-06-13T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2003-0072

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-0072
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-0072

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1616953
reference_id	1616953
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1616953

reference_url	https://access.redhat.com/errata/RHSA-2003:051
reference_id	RHSA-2003:051
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2003:051

reference_url	https://access.redhat.com/errata/RHSA-2003:052
reference_id	RHSA-2003:052
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2003:052

reference_url	https://access.redhat.com/errata/RHSA-2003:168
reference_id	RHSA-2003:168
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2003:168

fixed_packages

url	pkg:deb/debian/krb5@1.2.7-3?distro=trixie
purl	pkg:deb/debian/krb5@1.2.7-3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/krb5@1.2.7-3%3Fdistro=trixie

url	pkg:deb/debian/krb5@1.18.3-6%2Bdeb11u5?distro=trixie
purl	pkg:deb/debian/krb5@1.18.3-6%2Bdeb11u5?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/krb5@1.18.3-6%252Bdeb11u5%3Fdistro=trixie

url	pkg:deb/debian/krb5@1.20.1-2%2Bdeb12u4?distro=trixie
purl	pkg:deb/debian/krb5@1.20.1-2%2Bdeb12u4?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/krb5@1.20.1-2%252Bdeb12u4%3Fdistro=trixie

url	pkg:deb/debian/krb5@1.21.3-5?distro=trixie
purl	pkg:deb/debian/krb5@1.21.3-5?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/krb5@1.21.3-5%3Fdistro=trixie

url	pkg:deb/debian/krb5@1.22.1-2.1?distro=trixie
purl	pkg:deb/debian/krb5@1.22.1-2.1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/krb5@1.22.1-2.1%3Fdistro=trixie

aliases CVE-2003-0072

risk_score null

exploitability 0.5

weighted_severity 0.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ytwy-gfmk-f3a6

Risk_score null

Resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/krb5@1.2.7-3%3Fdistro=trixie

Package Instance