Django REST framework

Lookup for vulnerable packages by Package URL.

Purl pkg:deb/debian/libcloud@3.8.0%2Brepack-6?distro=trixie

Type deb

Namespace debian

Name libcloud

Version 3.8.0+repack-6

Qualifiers

distro	trixie

Subpath

Is_vulnerable false

Next_non_vulnerable_version null

Latest_non_vulnerable_version null

Affected_by_vulnerabilities

Fixing_vulnerabilities

url VCID-1h9v-4gy1-4fdk

vulnerability_id VCID-1h9v-4gy1-4fdk

summary libcloud before 0.4.1 does not verify SSL certificates for HTTPS connections, which allows remote attackers to spoof certificates and bypass intended access restrictions via a man-in-the-middle (MITM) attack.

references

reference_url

http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=598463

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

value	8.7
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=598463

reference_url

http://mail-archives.apache.org/mod_mbox/incubator-libcloud/201009.mbox/%3C5860913.463891285776633273.JavaMail.jira@thor%3E

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

value	8.7
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

http://mail-archives.apache.org/mod_mbox/incubator-libcloud/201009.mbox/%3C5860913.463891285776633273.JavaMail.jira@thor%3E

reference_url

http://mail-archives.apache.org/mod_mbox/incubator-libcloud/201011.mbox/browser

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

value	8.7
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

http://mail-archives.apache.org/mod_mbox/incubator-libcloud/201011.mbox/browser

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2010-4340

reference_id

reference_type

scores

value	0.00185
scoring_system	epss
scoring_elements	0.40081
published_at	2026-06-11T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2010-4340

reference_url

https://bugs.python.org/issue1589

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

value	8.7
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://bugs.python.org/issue1589

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4340
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4340

reference_url	https://github.com/advisories/GHSA-w3j6-8j34-q43x
reference_id
reference_type
scores
url	https://github.com/advisories/GHSA-w3j6-8j34-q43x

reference_url

https://github.com/apache/libcloud

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

value	8.7
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/apache/libcloud

reference_url

https://github.com/apache/libcloud/commit/87ee61e6ba03a43dcefea2ce180988bec066b6fd

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

value	8.7
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/apache/libcloud/commit/87ee61e6ba03a43dcefea2ce180988bec066b6fd

reference_url

https://github.com/pypa/advisory-database/tree/main/vulns/apache-libcloud/PYSEC-2011-24.yaml

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

value	8.7
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/pypa/advisory-database/tree/main/vulns/apache-libcloud/PYSEC-2011-24.yaml

reference_url

https://issues.apache.org/jira/browse/LIBCLOUD-55

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

value	8.7
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://issues.apache.org/jira/browse/LIBCLOUD-55

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2010-4340

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

value	8.7
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2010-4340

reference_url

http://wiki.apache.org/incubator/LibcloudSSL

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

value	8.7
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

http://wiki.apache.org/incubator/LibcloudSSL

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=598463
reference_id	598463
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=598463

fixed_packages

url	pkg:deb/debian/libcloud@0.5.0-1?distro=trixie
purl	pkg:deb/debian/libcloud@0.5.0-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libcloud@0.5.0-1%3Fdistro=trixie

url	pkg:deb/debian/libcloud@3.2.0-2?distro=trixie
purl	pkg:deb/debian/libcloud@3.2.0-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libcloud@3.2.0-2%3Fdistro=trixie

url	pkg:deb/debian/libcloud@3.4.1-5?distro=trixie
purl	pkg:deb/debian/libcloud@3.4.1-5?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libcloud@3.4.1-5%3Fdistro=trixie

url	pkg:deb/debian/libcloud@3.8.0%2Brepack-4?distro=trixie
purl	pkg:deb/debian/libcloud@3.8.0%2Brepack-4?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libcloud@3.8.0%252Brepack-4%3Fdistro=trixie

url	pkg:deb/debian/libcloud@3.8.0%2Brepack-6?distro=trixie
purl	pkg:deb/debian/libcloud@3.8.0%2Brepack-6?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libcloud@3.8.0%252Brepack-6%3Fdistro=trixie

aliases CVE-2010-4340, GHSA-w3j6-8j34-q43x, PYSEC-2011-24

risk_score null

exploitability 0.5

weighted_severity 0.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-1h9v-4gy1-4fdk

url VCID-h1cz-7c9e-wfer

vulnerability_id VCID-h1cz-7c9e-wfer

summary Libcloud 0.12.3 through 0.13.2 does not set the scrub_data parameter for the destroy DigitalOcean API, which allows local users to obtain sensitive information by leveraging a new VM.

references

reference_url

http://libcloud.apache.org/security.html

reference_id

reference_type

scores

value	LOW
scoring_system	generic_textual
scoring_elements

url

http://libcloud.apache.org/security.html

reference_url

http://lists.opensuse.org/opensuse-updates/2014-02/msg00015.html

reference_id

reference_type

scores

value	LOW
scoring_system	generic_textual
scoring_elements

url

http://lists.opensuse.org/opensuse-updates/2014-02/msg00015.html

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2013-6480

reference_id

reference_type

scores

value	0.00565
scoring_system	epss
scoring_elements	0.68911
published_at	2026-06-11T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2013-6480

reference_url	https://digitalocean.com/blog_posts/transparency-regarding-data-security
reference_id
reference_type
scores
url	https://digitalocean.com/blog_posts/transparency-regarding-data-security

reference_url	http://seclists.org/bugtraq/2014/Jan/5
reference_id
reference_type
scores
url	http://seclists.org/bugtraq/2014/Jan/5

reference_url	https://github.com/advisories/GHSA-g892-9h8m-r69r
reference_id
reference_type
scores
url	https://github.com/advisories/GHSA-g892-9h8m-r69r

reference_url

https://github.com/apache/libcloud

reference_id

reference_type

scores

value	LOW
scoring_system	generic_textual
scoring_elements

url

https://github.com/apache/libcloud

reference_url

https://github.com/apache/libcloud/blob/abba8c1719a8bda6db8efde2d46fd1b423ae4304/CHANGES.rst#compute-48

reference_id

reference_type

scores

value	LOW
scoring_system	generic_textual
scoring_elements

url

https://github.com/apache/libcloud/blob/abba8c1719a8bda6db8efde2d46fd1b423ae4304/CHANGES.rst#compute-48

reference_url

https://github.com/apache/libcloud/commit/4449e165a00756dc61430e6ad9520f005b045d29

reference_id

reference_type

scores

value	LOW
scoring_system	generic_textual
scoring_elements

url

https://github.com/apache/libcloud/commit/4449e165a00756dc61430e6ad9520f005b045d29

reference_url

https://github.com/fog/fog/issues/2525

reference_id

reference_type

scores

value	LOW
scoring_system	generic_textual
scoring_elements

url

https://github.com/fog/fog/issues/2525

reference_url

https://github.com/pypa/advisory-database/tree/main/vulns/apache-libcloud/PYSEC-2014-97.yaml

reference_id

reference_type

scores

value	LOW
scoring_system	generic_textual
scoring_elements

url

https://github.com/pypa/advisory-database/tree/main/vulns/apache-libcloud/PYSEC-2014-97.yaml

reference_url

https://issues.apache.org/jira/browse/LIBCLOUD-487

reference_id

reference_type

scores

value	LOW
scoring_system	generic_textual
scoring_elements

url

https://issues.apache.org/jira/browse/LIBCLOUD-487

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2013-6480

reference_id

reference_type

scores

value	LOW
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2013-6480

reference_url

https://web.archive.org/web/20131230232003/https://digitalocean.com/blog_posts/transparency-regarding-data-security

reference_id

reference_type

scores

value	LOW
scoring_system	generic_textual
scoring_elements

url

https://web.archive.org/web/20131230232003/https://digitalocean.com/blog_posts/transparency-regarding-data-security

reference_url

https://web.archive.org/web/20140129025443/http://www.securityfocus.com/bid/64617

reference_id

reference_type

scores

value	LOW
scoring_system	generic_textual
scoring_elements

url

https://web.archive.org/web/20140129025443/http://www.securityfocus.com/bid/64617

reference_url

https://web.archive.org/web/20201209074449/http://www.securityfocus.com/archive/1/530624/100/0/threaded

reference_id

reference_type

scores

value	LOW
scoring_system	generic_textual
scoring_elements

url

https://web.archive.org/web/20201209074449/http://www.securityfocus.com/archive/1/530624/100/0/threaded

reference_url	http://www.securityfocus.com/archive/1/530624/100/0/threaded
reference_id
reference_type
scores
url	http://www.securityfocus.com/archive/1/530624/100/0/threaded

reference_url	http://www.securityfocus.com/bid/64617
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/64617

reference_url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/local/38937.txt
reference_id	CVE-2013-6480;OSVDB-102434
reference_type	exploit
scores
url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/local/38937.txt

reference_url	https://www.securityfocus.com/bid/64617/info
reference_id	CVE-2013-6480;OSVDB-102434
reference_type	exploit
scores
url	https://www.securityfocus.com/bid/64617/info

fixed_packages

url	pkg:deb/debian/libcloud@0?distro=trixie
purl	pkg:deb/debian/libcloud@0?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libcloud@0%3Fdistro=trixie

url	pkg:deb/debian/libcloud@3.2.0-2?distro=trixie
purl	pkg:deb/debian/libcloud@3.2.0-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libcloud@3.2.0-2%3Fdistro=trixie

url	pkg:deb/debian/libcloud@3.4.1-5?distro=trixie
purl	pkg:deb/debian/libcloud@3.4.1-5?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libcloud@3.4.1-5%3Fdistro=trixie

url	pkg:deb/debian/libcloud@3.8.0%2Brepack-4?distro=trixie
purl	pkg:deb/debian/libcloud@3.8.0%2Brepack-4?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libcloud@3.8.0%252Brepack-4%3Fdistro=trixie

url	pkg:deb/debian/libcloud@3.8.0%2Brepack-6?distro=trixie
purl	pkg:deb/debian/libcloud@3.8.0%2Brepack-6?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libcloud@3.8.0%252Brepack-6%3Fdistro=trixie

aliases CVE-2013-6480, GHSA-g892-9h8m-r69r, PYSEC-2014-97

risk_score null

exploitability 0.5

weighted_severity 0.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-h1cz-7c9e-wfer

url VCID-qs6b-39bx-qbda

vulnerability_id VCID-qs6b-39bx-qbda

summary Apache Libcloud before 0.11.1 uses an incorrect regular expression during verification of whether the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via a crafted certificate.

references

reference_url	http://libcloud.apache.org/security.html
reference_id
reference_type
scores
url	http://libcloud.apache.org/security.html

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2012-3446

reference_id

reference_type

scores

value	0.00336
scoring_system	epss
scoring_elements	0.56841
published_at	2026-06-11T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2012-3446

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3446
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3446

reference_url	https://github.com/advisories/GHSA-prcq-52f8-fp44
reference_id
reference_type
scores
url	https://github.com/advisories/GHSA-prcq-52f8-fp44

reference_url

https://github.com/apache/libcloud

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/apache/libcloud

reference_url

https://github.com/apache/libcloud/commit/f2af5502dae3ac63e656dd1b7d5f29cc82ded401

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/apache/libcloud/commit/f2af5502dae3ac63e656dd1b7d5f29cc82ded401

reference_url

https://github.com/pypa/advisory-database/tree/main/vulns/apache-libcloud/PYSEC-2012-12.yaml

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/pypa/advisory-database/tree/main/vulns/apache-libcloud/PYSEC-2012-12.yaml

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2012-3446

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2012-3446

reference_url

https://svn.apache.org/repos/asf/libcloud/trunk/CHANGES

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://svn.apache.org/repos/asf/libcloud/trunk/CHANGES

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=683927
reference_id	683927
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=683927

fixed_packages

url	pkg:deb/debian/libcloud@0.5.0-1.1?distro=trixie
purl	pkg:deb/debian/libcloud@0.5.0-1.1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libcloud@0.5.0-1.1%3Fdistro=trixie

url	pkg:deb/debian/libcloud@3.2.0-2?distro=trixie
purl	pkg:deb/debian/libcloud@3.2.0-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libcloud@3.2.0-2%3Fdistro=trixie

url	pkg:deb/debian/libcloud@3.4.1-5?distro=trixie
purl	pkg:deb/debian/libcloud@3.4.1-5?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libcloud@3.4.1-5%3Fdistro=trixie

url	pkg:deb/debian/libcloud@3.8.0%2Brepack-4?distro=trixie
purl	pkg:deb/debian/libcloud@3.8.0%2Brepack-4?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libcloud@3.8.0%252Brepack-4%3Fdistro=trixie

url	pkg:deb/debian/libcloud@3.8.0%2Brepack-6?distro=trixie
purl	pkg:deb/debian/libcloud@3.8.0%2Brepack-6?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libcloud@3.8.0%252Brepack-6%3Fdistro=trixie

aliases CVE-2012-3446, GHSA-prcq-52f8-fp44, PYSEC-2012-12

risk_score null

exploitability 0.5

weighted_severity 0.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-qs6b-39bx-qbda

Risk_score null

Resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libcloud@3.8.0%252Brepack-6%3Fdistro=trixie

Package Instance