Django REST framework

Lookup for vulnerable packages by Package URL.

Purl pkg:apk/alpine/bind@9.20.18-r0?arch=s390x&distroversion=v3.23&reponame=main

Type apk

Namespace alpine

Name bind

Version 9.20.18-r0

Qualifiers

arch	s390x
distroversion	v3.23
reponame	main

Subpath

Is_vulnerable false

Next_non_vulnerable_version 9.20.21-r0

Latest_non_vulnerable_version 9.20.23-r0

Affected_by_vulnerabilities

Fixing_vulnerabilities

url VCID-rf88-5q4d-h3am

vulnerability_id VCID-rf88-5q4d-h3am

summary Malformed BRID/HHIT records can cause `named` to terminate unexpectedly. This issue affects BIND 9 versions 9.18.40 through 9.18.43, 9.20.13 through 9.20.17, 9.21.12 through 9.21.16, 9.18.40-S1 through 9.18.43-S1, and 9.20.13-S1 through 9.20.17-S1.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-13878.json

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-13878.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2025-13878

reference_id

reference_type

scores

value	0.00047
scoring_system	epss
scoring_elements	0.1499
published_at	2026-06-09T12:55:00Z

value	0.00047
scoring_system	epss
scoring_elements	0.15097
published_at	2026-06-05T12:55:00Z

value	0.00047
scoring_system	epss
scoring_elements	0.15088
published_at	2026-06-06T12:55:00Z

value	0.00047
scoring_system	epss
scoring_elements	0.15048
published_at	2026-06-07T12:55:00Z

value	0.00047
scoring_system	epss
scoring_elements	0.14965
published_at	2026-06-08T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2025-13878

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2431600
reference_id	2431600
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2431600

reference_url

https://downloads.isc.org/isc/bind9/9.18.44

reference_id

9.18.44

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-01-21T14:57:50Z/

url

https://downloads.isc.org/isc/bind9/9.18.44

reference_url

https://downloads.isc.org/isc/bind9/9.20.18

reference_id

9.20.18

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-01-21T14:57:50Z/

url

https://downloads.isc.org/isc/bind9/9.20.18

reference_url

https://downloads.isc.org/isc/bind9/9.21.17

reference_id

9.21.17

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-01-21T14:57:50Z/

url

https://downloads.isc.org/isc/bind9/9.21.17

reference_url

https://kb.isc.org/docs/cve-2025-13878

reference_id

cve-2025-13878

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-01-21T14:57:50Z/

url

https://kb.isc.org/docs/cve-2025-13878

reference_url	https://access.redhat.com/errata/RHSA-2026:6935
reference_id	RHSA-2026:6935
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:6935

fixed_packages

url	pkg:apk/alpine/bind@9.20.18-r0?arch=s390x&distroversion=v3.23&reponame=main
purl	pkg:apk/alpine/bind@9.20.18-r0?arch=s390x&distroversion=v3.23&reponame=main
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/bind@9.20.18-r0%3Farch=s390x&distroversion=v3.23&reponame=main

aliases CVE-2025-13878

risk_score 3.4

exploitability 0.5

weighted_severity 6.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-rf88-5q4d-h3am

Risk_score null

Resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/bind@9.20.18-r0%3Farch=s390x&distroversion=v3.23&reponame=main

Package Instance