Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:deb/debian/devscripts@2.14.11~bpo70%2B1
Typedeb
Namespacedebian
Namedevscripts
Version2.14.11~bpo70+1
Qualifiers
Subpath
Is_vulnerabletrue
Next_non_vulnerable_version2.19.5+deb10u1
Latest_non_vulnerable_version2.19.5+deb10u1
Affected_by_vulnerabilities
0
url VCID-1z79-jx8a-zkcm
vulnerability_id VCID-1z79-jx8a-zkcm
summary Argument injection vulnerability in devscripts before 2.15.7 allows remote attackers to write to arbitrary files via a crafted symlink and crafted filename.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2015-5705
reference_id
reference_type
scores
0
value 0.00829
scoring_system epss
scoring_elements 0.74881
published_at 2026-06-04T12:55:00Z
1
value 0.00829
scoring_system epss
scoring_elements 0.7491
published_at 2026-06-05T12:55:00Z
2
value 0.00829
scoring_system epss
scoring_elements 0.74915
published_at 2026-06-06T12:55:00Z
3
value 0.00829
scoring_system epss
scoring_elements 0.74907
published_at 2026-06-07T12:55:00Z
4
value 0.00829
scoring_system epss
scoring_elements 0.74892
published_at 2026-06-08T12:55:00Z
5
value 0.00829
scoring_system epss
scoring_elements 0.74918
published_at 2026-06-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2015-5705
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5705
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5705
2
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=794365
reference_id 794365
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=794365
fixed_packages
0
url pkg:deb/debian/devscripts@2.17.6~bpo8%2B1
purl pkg:deb/debian/devscripts@2.17.6~bpo8%2B1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-mgfq-yh9z-tkg3
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/devscripts@2.17.6~bpo8%252B1
aliases CVE-2015-5705
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-1z79-jx8a-zkcm
1
url VCID-cysk-j1yr-3qdv
vulnerability_id VCID-cysk-j1yr-3qdv
summary scripts/licensecheck.pl in devscripts before 2.15.7 allows local users to execute arbitrary shell commands.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2015-5704
reference_id
reference_type
scores
0
value 0.00051
scoring_system epss
scoring_elements 0.16426
published_at 2026-06-04T12:55:00Z
1
value 0.00051
scoring_system epss
scoring_elements 0.16508
published_at 2026-06-05T12:55:00Z
2
value 0.00051
scoring_system epss
scoring_elements 0.16504
published_at 2026-06-06T12:55:00Z
3
value 0.00051
scoring_system epss
scoring_elements 0.16463
published_at 2026-06-07T12:55:00Z
4
value 0.00051
scoring_system epss
scoring_elements 0.16382
published_at 2026-06-08T12:55:00Z
5
value 0.00051
scoring_system epss
scoring_elements 0.16398
published_at 2026-06-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2015-5704
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5704
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5704
2
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=794260
reference_id 794260
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=794260
fixed_packages
0
url pkg:deb/debian/devscripts@2.17.6~bpo8%2B1
purl pkg:deb/debian/devscripts@2.17.6~bpo8%2B1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-mgfq-yh9z-tkg3
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/devscripts@2.17.6~bpo8%252B1
aliases CVE-2015-5704
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-cysk-j1yr-3qdv
2
url VCID-mgfq-yh9z-tkg3
vulnerability_id VCID-mgfq-yh9z-tkg3
summary scripts/grep-excuses.pl in Debian devscripts through 2.18.3 allows code execution through unsafe YAML loading because YAML::Syck is used without a configuration that prevents unintended blessing.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2018-13043
reference_id
reference_type
scores
0
value 0.01212
scoring_system epss
scoring_elements 0.79325
published_at 2026-06-04T12:55:00Z
1
value 0.01212
scoring_system epss
scoring_elements 0.79351
published_at 2026-06-05T12:55:00Z
2
value 0.01212
scoring_system epss
scoring_elements 0.79356
published_at 2026-06-06T12:55:00Z
3
value 0.01212
scoring_system epss
scoring_elements 0.79349
published_at 2026-06-07T12:55:00Z
4
value 0.01212
scoring_system epss
scoring_elements 0.79339
published_at 2026-06-08T12:55:00Z
5
value 0.01212
scoring_system epss
scoring_elements 0.79358
published_at 2026-06-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2018-13043
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-13043
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-13043
2
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=902409
reference_id 902409
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=902409
3
reference_url https://usn.ubuntu.com/3704-1/
reference_id USN-3704-1
reference_type
scores
url https://usn.ubuntu.com/3704-1/
fixed_packages
0
url pkg:deb/debian/devscripts@2.19.5%2Bdeb10u1
purl pkg:deb/debian/devscripts@2.19.5%2Bdeb10u1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/devscripts@2.19.5%252Bdeb10u1
aliases CVE-2018-13043
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-mgfq-yh9z-tkg3
Fixing_vulnerabilities
0
url VCID-9p7y-4219-hqct
vulnerability_id VCID-9p7y-4219-hqct
summary Directory traversal vulnerability in uupdate in devscripts 2.14.1 allows remote attackers to modify arbitrary files via a crafted .orig.tar file, related to a symlink.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2014-1833
reference_id
reference_type
scores
0
value 0.00647
scoring_system epss
scoring_elements 0.71214
published_at 2026-06-06T12:55:00Z
1
value 0.00647
scoring_system epss
scoring_elements 0.71207
published_at 2026-06-09T12:55:00Z
2
value 0.00647
scoring_system epss
scoring_elements 0.71208
published_at 2026-06-05T12:55:00Z
3
value 0.00647
scoring_system epss
scoring_elements 0.71164
published_at 2026-06-04T12:55:00Z
4
value 0.00647
scoring_system epss
scoring_elements 0.71197
published_at 2026-06-07T12:55:00Z
5
value 0.00647
scoring_system epss
scoring_elements 0.71182
published_at 2026-06-08T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2014-1833
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1833
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1833
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=737160
reference_id 737160
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=737160
4
reference_url https://usn.ubuntu.com/2649-1/
reference_id USN-2649-1
reference_type
scores
url https://usn.ubuntu.com/2649-1/
fixed_packages
0
url pkg:deb/debian/devscripts@2.14.11~bpo70%2B1
purl pkg:deb/debian/devscripts@2.14.11~bpo70%2B1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1z79-jx8a-zkcm
1
vulnerability VCID-cysk-j1yr-3qdv
2
vulnerability VCID-mgfq-yh9z-tkg3
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/devscripts@2.14.11~bpo70%252B1
aliases CVE-2014-1833
risk_score 1.4
exploitability 0.5
weighted_severity 2.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-9p7y-4219-hqct
1
url VCID-etcn-cjk5-6qg9
vulnerability_id VCID-etcn-cjk5-6qg9
summary Uscan in devscripts 2.13.5, when USCAN_EXCLUSION is enabled, allows remote attackers to delete arbitrary files via a whitespace character in a filename.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2013-7085
reference_id
reference_type
scores
0
value 0.00995
scoring_system epss
scoring_elements 0.77284
published_at 2026-06-04T12:55:00Z
1
value 0.00995
scoring_system epss
scoring_elements 0.77314
published_at 2026-06-05T12:55:00Z
2
value 0.00995
scoring_system epss
scoring_elements 0.77324
published_at 2026-06-06T12:55:00Z
3
value 0.00995
scoring_system epss
scoring_elements 0.77313
published_at 2026-06-07T12:55:00Z
4
value 0.00995
scoring_system epss
scoring_elements 0.77304
published_at 2026-06-08T12:55:00Z
5
value 0.00995
scoring_system epss
scoring_elements 0.77325
published_at 2026-06-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2013-7085
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7085
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7085
2
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=732006
reference_id 732006
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=732006
fixed_packages
0
url pkg:deb/debian/devscripts@2.14.11~bpo70%2B1
purl pkg:deb/debian/devscripts@2.14.11~bpo70%2B1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1z79-jx8a-zkcm
1
vulnerability VCID-cysk-j1yr-3qdv
2
vulnerability VCID-mgfq-yh9z-tkg3
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/devscripts@2.14.11~bpo70%252B1
aliases CVE-2013-7085
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-etcn-cjk5-6qg9
2
url VCID-gqmx-evc6-g7bg
vulnerability_id VCID-gqmx-evc6-g7bg
summary An issue exists in uscan in devscripts before 2.13.19, which could let a remote malicious user execute arbitrary code via a crafted tarball.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2013-7325
reference_id
reference_type
scores
0
value 0.00514
scoring_system epss
scoring_elements 0.66932
published_at 2026-06-04T12:55:00Z
1
value 0.00514
scoring_system epss
scoring_elements 0.66973
published_at 2026-06-05T12:55:00Z
2
value 0.00514
scoring_system epss
scoring_elements 0.66981
published_at 2026-06-06T12:55:00Z
3
value 0.00514
scoring_system epss
scoring_elements 0.66965
published_at 2026-06-07T12:55:00Z
4
value 0.00514
scoring_system epss
scoring_elements 0.66949
published_at 2026-06-08T12:55:00Z
5
value 0.00514
scoring_system epss
scoring_elements 0.66966
published_at 2026-06-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2013-7325
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6888
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6888
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7325
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7325
fixed_packages
0
url pkg:deb/debian/devscripts@2.12.6%2Bdeb7u2
purl pkg:deb/debian/devscripts@2.12.6%2Bdeb7u2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1z79-jx8a-zkcm
1
vulnerability VCID-9p7y-4219-hqct
2
vulnerability VCID-cysk-j1yr-3qdv
3
vulnerability VCID-etcn-cjk5-6qg9
4
vulnerability VCID-gqmx-evc6-g7bg
5
vulnerability VCID-gxym-pwy8-8qar
6
vulnerability VCID-mgfq-yh9z-tkg3
7
vulnerability VCID-qt1f-96zf-xbfw
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/devscripts@2.12.6%252Bdeb7u2
1
url pkg:deb/debian/devscripts@2.14.11~bpo70%2B1
purl pkg:deb/debian/devscripts@2.14.11~bpo70%2B1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1z79-jx8a-zkcm
1
vulnerability VCID-cysk-j1yr-3qdv
2
vulnerability VCID-mgfq-yh9z-tkg3
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/devscripts@2.14.11~bpo70%252B1
aliases CVE-2013-7325
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-gqmx-evc6-g7bg
3
url VCID-gxym-pwy8-8qar
vulnerability_id VCID-gxym-pwy8-8qar
summary Uscan in devscripts before 2.13.9 allows remote attackers to execute arbitrary code via a crafted tarball.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2013-6888
reference_id
reference_type
scores
0
value 0.02539
scoring_system epss
scoring_elements 0.85735
published_at 2026-06-04T12:55:00Z
1
value 0.02539
scoring_system epss
scoring_elements 0.85757
published_at 2026-06-05T12:55:00Z
2
value 0.02539
scoring_system epss
scoring_elements 0.85759
published_at 2026-06-06T12:55:00Z
3
value 0.02539
scoring_system epss
scoring_elements 0.85756
published_at 2026-06-07T12:55:00Z
4
value 0.02539
scoring_system epss
scoring_elements 0.8574
published_at 2026-06-08T12:55:00Z
5
value 0.02539
scoring_system epss
scoring_elements 0.85754
published_at 2026-06-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2013-6888
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6888
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6888
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7325
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7325
3
reference_url https://usn.ubuntu.com/2084-1/
reference_id USN-2084-1
reference_type
scores
url https://usn.ubuntu.com/2084-1/
fixed_packages
0
url pkg:deb/debian/devscripts@2.12.6%2Bdeb7u2
purl pkg:deb/debian/devscripts@2.12.6%2Bdeb7u2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1z79-jx8a-zkcm
1
vulnerability VCID-9p7y-4219-hqct
2
vulnerability VCID-cysk-j1yr-3qdv
3
vulnerability VCID-etcn-cjk5-6qg9
4
vulnerability VCID-gqmx-evc6-g7bg
5
vulnerability VCID-gxym-pwy8-8qar
6
vulnerability VCID-mgfq-yh9z-tkg3
7
vulnerability VCID-qt1f-96zf-xbfw
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/devscripts@2.12.6%252Bdeb7u2
1
url pkg:deb/debian/devscripts@2.14.11~bpo70%2B1
purl pkg:deb/debian/devscripts@2.14.11~bpo70%2B1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1z79-jx8a-zkcm
1
vulnerability VCID-cysk-j1yr-3qdv
2
vulnerability VCID-mgfq-yh9z-tkg3
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/devscripts@2.14.11~bpo70%252B1
aliases CVE-2013-6888
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-gxym-pwy8-8qar
4
url VCID-qt1f-96zf-xbfw
vulnerability_id VCID-qt1f-96zf-xbfw
summary The get_main_source_dir function in scripts/uscan.pl in devscripts before 2.13.8, when using USCAN_EXCLUSION, allows remote attackers to execute arbitrary commands via shell metacharacters in a directory name.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2013-7050
reference_id
reference_type
scores
0
value 0.00839
scoring_system epss
scoring_elements 0.75058
published_at 2026-06-04T12:55:00Z
1
value 0.00839
scoring_system epss
scoring_elements 0.75088
published_at 2026-06-05T12:55:00Z
2
value 0.00839
scoring_system epss
scoring_elements 0.75092
published_at 2026-06-06T12:55:00Z
3
value 0.00839
scoring_system epss
scoring_elements 0.75084
published_at 2026-06-07T12:55:00Z
4
value 0.00839
scoring_system epss
scoring_elements 0.7507
published_at 2026-06-08T12:55:00Z
5
value 0.00839
scoring_system epss
scoring_elements 0.75097
published_at 2026-06-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2013-7050
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7050
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7050
2
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=731849
reference_id 731849
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=731849
fixed_packages
0
url pkg:deb/debian/devscripts@2.14.11~bpo70%2B1
purl pkg:deb/debian/devscripts@2.14.11~bpo70%2B1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1z79-jx8a-zkcm
1
vulnerability VCID-cysk-j1yr-3qdv
2
vulnerability VCID-mgfq-yh9z-tkg3
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/devscripts@2.14.11~bpo70%252B1
aliases CVE-2013-7050
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-qt1f-96zf-xbfw
Risk_scorenull
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:deb/debian/devscripts@2.14.11~bpo70%252B1