Django REST framework

Lookup for vulnerable packages by Package URL.

Purl pkg:pypi/mercurial@4.7.1

Type pypi

Namespace

Name mercurial

Version 4.7.1

Qualifiers

Subpath

Is_vulnerable true

Next_non_vulnerable_version 4.9

Latest_non_vulnerable_version 4.9

Affected_by_vulnerabilities

url VCID-663k-g738-cfgk

vulnerability_id VCID-663k-g738-cfgk

summary

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-17983.json

reference_id

reference_type

scores

value	4.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-17983.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2018-17983

reference_id

reference_type

scores

value	0.00425
scoring_system	epss
scoring_elements	0.6275
published_at	2026-06-12T12:55:00Z

value	0.00425
scoring_system	epss
scoring_elements	0.62648
published_at	2026-06-11T12:55:00Z

value	0.00425
scoring_system	epss
scoring_elements	0.62762
published_at	2026-06-13T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2018-17983

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-17983
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-17983

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

https://github.com/advisories/GHSA-p575-cf9h-wv42

reference_id

reference_type

scores

value	HIGH
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-p575-cf9h-wv42

reference_url

https://github.com/pypa/advisory-database/tree/main/vulns/mercurial/PYSEC-2018-91.yaml

reference_id

reference_type

scores

value	9.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H

value	8.8
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:H/SC:N/SI:N/SA:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/pypa/advisory-database/tree/main/vulns/mercurial/PYSEC-2018-91.yaml

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2018-17983

reference_id

reference_type

scores

value	9.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H

value	8.8
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:H/SC:N/SI:N/SA:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2018-17983

reference_url

https://www.mercurial-scm.org/repo/hg/rev/5405cb1a7901

reference_id

reference_type

scores

value	9.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H

value	8.8
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:H/SC:N/SI:N/SA:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://www.mercurial-scm.org/repo/hg/rev/5405cb1a7901

reference_url

https://www.mercurial-scm.org/wiki/WhatsNew#Mercurial_4.7.2_.282018-10-01.29

reference_id

reference_type

scores

value	9.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H

value	8.8
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:H/SC:N/SI:N/SA:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://www.mercurial-scm.org/wiki/WhatsNew#Mercurial_4.7.2_.282018-10-01.29

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1637556
reference_id	1637556
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1637556

reference_url	https://usn.ubuntu.com/5102-1/
reference_id	USN-5102-1
reference_type
scores
url	https://usn.ubuntu.com/5102-1/

reference_url	https://usn.ubuntu.com/USN-5102-2/
reference_id	USN-USN-5102-2
reference_type
scores
url	https://usn.ubuntu.com/USN-5102-2/

fixed_packages

url pkg:pypi/mercurial@4.7.2

purl pkg:pypi/mercurial@4.7.2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-svk4-c8je-cug1

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/mercurial@4.7.2

aliases CVE-2018-17983, GHSA-p575-cf9h-wv42, PYSEC-2018-91

risk_score 4.1

exploitability 0.5

weighted_severity 8.2

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-663k-g738-cfgk

url VCID-svk4-c8je-cug1

vulnerability_id VCID-svk4-c8je-cug1

summary

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-3902.json

reference_id

reference_type

scores

value	5.1
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-3902.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2019-3902

reference_id

reference_type

scores

value	0.00541
scoring_system	epss
scoring_elements	0.68208
published_at	2026-06-13T12:55:00Z

value	0.00541
scoring_system	epss
scoring_elements	0.68107
published_at	2026-06-11T12:55:00Z

value	0.00541
scoring_system	epss
scoring_elements	0.68196
published_at	2026-06-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2019-3902

reference_url

https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3902

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3902

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-3902
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-3902

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

https://github.com/pypa/advisory-database/tree/main/vulns/mercurial/PYSEC-2019-188.yaml

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/pypa/advisory-database/tree/main/vulns/mercurial/PYSEC-2019-188.yaml

reference_url

https://lists.debian.org/debian-lts-announce/2019/04/msg00024.html

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://lists.debian.org/debian-lts-announce/2019/04/msg00024.html

reference_url

https://lists.debian.org/debian-lts-announce/2020/07/msg00032.html

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://lists.debian.org/debian-lts-announce/2020/07/msg00032.html

reference_url

https://usn.ubuntu.com/4086-1

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://usn.ubuntu.com/4086-1

reference_url	https://usn.ubuntu.com/4086-1/
reference_id
reference_type
scores
url	https://usn.ubuntu.com/4086-1/

reference_url

https://www.mercurial-scm.org/wiki/WhatsNew#Mercurial_4.9_.282019-02-01.29

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://www.mercurial-scm.org/wiki/WhatsNew#Mercurial_4.9_.282019-02-01.29

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1696025
reference_id	1696025
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1696025

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=927674
reference_id	927674
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=927674

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2019-3902

reference_id

CVE-2019-3902

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2019-3902

reference_url

https://github.com/advisories/GHSA-mq66-vcfc-8246

reference_id

GHSA-mq66-vcfc-8246

reference_type

scores

value	MODERATE
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-mq66-vcfc-8246

reference_url	https://usn.ubuntu.com/5102-1/
reference_id	USN-5102-1
reference_type
scores
url	https://usn.ubuntu.com/5102-1/

reference_url	https://usn.ubuntu.com/USN-5102-2/
reference_id	USN-USN-5102-2
reference_type
scores
url	https://usn.ubuntu.com/USN-5102-2/

fixed_packages

url	pkg:pypi/mercurial@4.9
purl	pkg:pypi/mercurial@4.9
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:pypi/mercurial@4.9

aliases CVE-2019-3902, GHSA-mq66-vcfc-8246, PYSEC-2019-188

risk_score 3.1

exploitability 0.5

weighted_severity 6.2

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-svk4-c8je-cug1

Fixing_vulnerabilities

Risk_score 4.1

Resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/mercurial@4.7.1

Package Instance