Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:deb/debian/dmidecode@3.3-2
Typedeb
Namespacedebian
Namedmidecode
Version3.3-2
Qualifiers
Subpath
Is_vulnerabletrue
Next_non_vulnerable_version3.6-2
Latest_non_vulnerable_version3.6-2
Affected_by_vulnerabilities
0
url VCID-wz4t-vyet-rfet
vulnerability_id VCID-wz4t-vyet-rfet
summary Dmidecode before 3.5 allows -dump-bin to overwrite a local file. This has security relevance because, for example, execution of Dmidecode via Sudo is plausible. NOTE: Some third parties have indicated the fix in 3.5 does not adequately address the vulnerability. The argument is that the proposed patch prevents dmidecode from writing to an existing file. However, there are multiple attack vectors that would not require overwriting an existing file that would provide the same level of unauthorized privilege escalation (e.g. creating a new file in /etc/cron.hourly).
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-30630.json
reference_id
reference_type
scores
0
value 7.1
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-30630.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2023-30630
reference_id
reference_type
scores
0
value 0.00047
scoring_system epss
scoring_elements 0.14919
published_at 2026-06-09T12:55:00Z
1
value 0.00047
scoring_system epss
scoring_elements 0.15028
published_at 2026-06-05T12:55:00Z
2
value 0.00047
scoring_system epss
scoring_elements 0.15016
published_at 2026-06-06T12:55:00Z
3
value 0.00047
scoring_system epss
scoring_elements 0.14975
published_at 2026-06-07T12:55:00Z
4
value 0.00047
scoring_system epss
scoring_elements 0.14893
published_at 2026-06-08T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2023-30630
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-30630
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-30630
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1034483
reference_id 1034483
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1034483
5
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2186669
reference_id 2186669
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2186669
6
reference_url https://github.com/adamreiser/dmiwrite
reference_id dmiwrite
reference_type
scores
0
value 7.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-07T16:21:53Z/
url https://github.com/adamreiser/dmiwrite
7
reference_url https://security.gentoo.org/glsa/202407-26
reference_id GLSA-202407-26
reference_type
scores
url https://security.gentoo.org/glsa/202407-26
8
reference_url https://git.savannah.nongnu.org/cgit/dmidecode.git/commit/?id=6ca381c1247c81f74e1ca4e7706f70bdda72e6f2
reference_id ?id=6ca381c1247c81f74e1ca4e7706f70bdda72e6f2
reference_type
scores
0
value 7.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-07T16:21:53Z/
url https://git.savannah.nongnu.org/cgit/dmidecode.git/commit/?id=6ca381c1247c81f74e1ca4e7706f70bdda72e6f2
9
reference_url https://git.savannah.nongnu.org/cgit/dmidecode.git/commit/?id=d8cfbc808f387e87091c25e7d5b8c2bb348bb206
reference_id ?id=d8cfbc808f387e87091c25e7d5b8c2bb348bb206
reference_type
scores
0
value 7.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-07T16:21:53Z/
url https://git.savannah.nongnu.org/cgit/dmidecode.git/commit/?id=d8cfbc808f387e87091c25e7d5b8c2bb348bb206
10
reference_url https://lists.nongnu.org/archive/html/dmidecode-devel/2023-03/msg00003.html
reference_id msg00003.html
reference_type
scores
0
value 7.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-07T16:21:53Z/
url https://lists.nongnu.org/archive/html/dmidecode-devel/2023-03/msg00003.html
11
reference_url https://access.redhat.com/errata/RHSA-2023:5061
reference_id RHSA-2023:5061
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:5061
12
reference_url https://access.redhat.com/errata/RHSA-2023:5252
reference_id RHSA-2023:5252
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:5252
fixed_packages
0
url pkg:deb/debian/dmidecode@3.6-2
purl pkg:deb/debian/dmidecode@3.6-2
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/dmidecode@3.6-2
aliases CVE-2023-30630
risk_score 3.2
exploitability 0.5
weighted_severity 6.4
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-wz4t-vyet-rfet
Fixing_vulnerabilities
Risk_score3.2
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:deb/debian/dmidecode@3.3-2