Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:ebuild/app-crypt/gnupg@1.4.6
Typeebuild
Namespaceapp-crypt
Namegnupg
Version1.4.6
Qualifiers
Subpath
Is_vulnerablefalse
Next_non_vulnerable_version1.4.21
Latest_non_vulnerable_version2.4.4
Affected_by_vulnerabilities
Fixing_vulnerabilities
0
url VCID-3h7c-hper-cuez
vulnerability_id VCID-3h7c-hper-cuez
summary A "stack overwrite" vulnerability in GnuPG (gpg) 1.x before 1.4.6, 2.x before 2.0.2, and 1.9.0 through 1.9.95 allows attackers to execute arbitrary code via crafted OpenPGP packets that cause GnuPG to dereference a function pointer from deallocated stack memory.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2006-6235.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2006-6235.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2006-6235
reference_id
reference_type
scores
0
value 0.08898
scoring_system epss
scoring_elements 0.92712
published_at 2026-06-04T12:55:00Z
1
value 0.08898
scoring_system epss
scoring_elements 0.92724
published_at 2026-06-05T12:55:00Z
2
value 0.08898
scoring_system epss
scoring_elements 0.9272
published_at 2026-06-06T12:55:00Z
3
value 0.08898
scoring_system epss
scoring_elements 0.92715
published_at 2026-06-07T12:55:00Z
4
value 0.08898
scoring_system epss
scoring_elements 0.92713
published_at 2026-06-08T12:55:00Z
5
value 0.08898
scoring_system epss
scoring_elements 0.9273
published_at 2026-06-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2006-6235
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-6235
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-6235
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1618242
reference_id 1618242
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1618242
4
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=401895
reference_id 401895
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=401895
5
reference_url https://security.gentoo.org/glsa/200612-03
reference_id GLSA-200612-03
reference_type
scores
url https://security.gentoo.org/glsa/200612-03
6
reference_url https://access.redhat.com/errata/RHSA-2006:0754
reference_id RHSA-2006:0754
reference_type
scores
url https://access.redhat.com/errata/RHSA-2006:0754
7
reference_url https://usn.ubuntu.com/393-1/
reference_id USN-393-1
reference_type
scores
url https://usn.ubuntu.com/393-1/
8
reference_url https://usn.ubuntu.com/393-2/
reference_id USN-393-2
reference_type
scores
url https://usn.ubuntu.com/393-2/
fixed_packages
0
url pkg:ebuild/app-crypt/gnupg@1.4.6
purl pkg:ebuild/app-crypt/gnupg@1.4.6
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/app-crypt/gnupg@1.4.6
aliases CVE-2006-6235
risk_score 0.1
exploitability 0.5
weighted_severity 0.1
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-3h7c-hper-cuez
1
url VCID-epuz-6fw1-h7gq
vulnerability_id VCID-epuz-6fw1-h7gq
summary Heap-based buffer overflow in the ask_outfile_name function in openfile.c for GnuPG (gpg) 1.4 and 2.0, when running interactively, might allow attackers to execute arbitrary code via messages with "C-escape" expansions, which cause the make_printable_string function to return a longer string than expected while constructing a prompt.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2006-6169.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2006-6169.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2006-6169
reference_id
reference_type
scores
0
value 0.02645
scoring_system epss
scoring_elements 0.86012
published_at 2026-06-04T12:55:00Z
1
value 0.02645
scoring_system epss
scoring_elements 0.86033
published_at 2026-06-05T12:55:00Z
2
value 0.02645
scoring_system epss
scoring_elements 0.86036
published_at 2026-06-06T12:55:00Z
3
value 0.02645
scoring_system epss
scoring_elements 0.86032
published_at 2026-06-07T12:55:00Z
4
value 0.02645
scoring_system epss
scoring_elements 0.8602
published_at 2026-06-08T12:55:00Z
5
value 0.02645
scoring_system epss
scoring_elements 0.86034
published_at 2026-06-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2006-6169
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-6169
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-6169
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=217950
reference_id 217950
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=217950
4
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=400777
reference_id 400777
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=400777
5
reference_url https://security.gentoo.org/glsa/200612-03
reference_id GLSA-200612-03
reference_type
scores
url https://security.gentoo.org/glsa/200612-03
6
reference_url https://access.redhat.com/errata/RHSA-2006:0754
reference_id RHSA-2006:0754
reference_type
scores
url https://access.redhat.com/errata/RHSA-2006:0754
7
reference_url https://usn.ubuntu.com/393-2/
reference_id USN-393-2
reference_type
scores
url https://usn.ubuntu.com/393-2/
fixed_packages
0
url pkg:ebuild/app-crypt/gnupg@1.4.6
purl pkg:ebuild/app-crypt/gnupg@1.4.6
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/app-crypt/gnupg@1.4.6
aliases CVE-2006-6169
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-epuz-6fw1-h7gq
Risk_scorenull
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:ebuild/app-crypt/gnupg@1.4.6