Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:deb/debian/cacti@1.2.30%2Bds1-1
Typedeb
Namespacedebian
Namecacti
Version1.2.30+ds1-1
Qualifiers
Subpath
Is_vulnerablefalse
Next_non_vulnerable_versionnull
Latest_non_vulnerable_versionnull
Affected_by_vulnerabilities
Fixing_vulnerabilities
0
url VCID-4e5y-1s19-r7g7
vulnerability_id VCID-4e5y-1s19-r7g7
summary Cacti is an open source performance and fault management framework. Prior to 1.2.29, there is an input-validation flaw in the SNMP device configuration functionality. An authenticated Cacti user can supply crafted SNMP community strings containing control characters (including newlines) that are accepted, stored verbatim in the database, and later embedded into backend SNMP operations. In environments where downstream SNMP tooling or wrappers interpret newline-separated tokens as command boundaries, this can lead to unintended command execution with the privileges of the Cacti process. This vulnerability is fixed in 1.2.29.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-66399
reference_id
reference_type
scores
0
value 0.00319
scoring_system epss
scoring_elements 0.54907
published_at 2026-05-05T12:55:00Z
1
value 0.00319
scoring_system epss
scoring_elements 0.55052
published_at 2026-05-14T12:55:00Z
2
value 0.00319
scoring_system epss
scoring_elements 0.54992
published_at 2026-05-12T12:55:00Z
3
value 0.00319
scoring_system epss
scoring_elements 0.54966
published_at 2026-05-11T12:55:00Z
4
value 0.00319
scoring_system epss
scoring_elements 0.55007
published_at 2026-05-09T12:55:00Z
5
value 0.00319
scoring_system epss
scoring_elements 0.54949
published_at 2026-05-07T12:55:00Z
6
value 0.00353
scoring_system epss
scoring_elements 0.57639
published_at 2026-04-02T12:55:00Z
7
value 0.00456
scoring_system epss
scoring_elements 0.63923
published_at 2026-04-11T12:55:00Z
8
value 0.00456
scoring_system epss
scoring_elements 0.63909
published_at 2026-04-12T12:55:00Z
9
value 0.00456
scoring_system epss
scoring_elements 0.63876
published_at 2026-04-13T12:55:00Z
10
value 0.00456
scoring_system epss
scoring_elements 0.63912
published_at 2026-04-21T12:55:00Z
11
value 0.00456
scoring_system epss
scoring_elements 0.63921
published_at 2026-04-18T12:55:00Z
12
value 0.00456
scoring_system epss
scoring_elements 0.63927
published_at 2026-04-24T12:55:00Z
13
value 0.00456
scoring_system epss
scoring_elements 0.63939
published_at 2026-04-26T12:55:00Z
14
value 0.00456
scoring_system epss
scoring_elements 0.63937
published_at 2026-04-29T12:55:00Z
15
value 0.00456
scoring_system epss
scoring_elements 0.6391
published_at 2026-04-09T12:55:00Z
16
value 0.00456
scoring_system epss
scoring_elements 0.63893
published_at 2026-04-08T12:55:00Z
17
value 0.00456
scoring_system epss
scoring_elements 0.63842
published_at 2026-04-07T12:55:00Z
18
value 0.00456
scoring_system epss
scoring_elements 0.63885
published_at 2026-04-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-66399
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-66399
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-66399
2
reference_url https://github.com/Cacti/cacti/security/advisories/GHSA-c7rr-2h93-7gjf
reference_id GHSA-c7rr-2h93-7gjf
reference_type
scores
0
value 7.4
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P
1
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-12-02T18:25:47Z/
url https://github.com/Cacti/cacti/security/advisories/GHSA-c7rr-2h93-7gjf
fixed_packages
0
url pkg:deb/debian/cacti@1.2.30%2Bds1-1
purl pkg:deb/debian/cacti@1.2.30%2Bds1-1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/cacti@1.2.30%252Bds1-1
aliases CVE-2025-66399
risk_score 3.4
exploitability 0.5
weighted_severity 6.7
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-4e5y-1s19-r7g7
1
url VCID-pxqa-nkv3-jqfs
vulnerability_id VCID-pxqa-nkv3-jqfs
summary Multiple vulnerabilities have been discovered in Cacti, the worst of which can lead to privilege escalation.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2023-30534
reference_id
reference_type
scores
0
value 0.48534
scoring_system epss
scoring_elements 0.97733
published_at 2026-04-02T12:55:00Z
1
value 0.48534
scoring_system epss
scoring_elements 0.97735
published_at 2026-04-07T12:55:00Z
2
value 0.48534
scoring_system epss
scoring_elements 0.9774
published_at 2026-04-08T12:55:00Z
3
value 0.48534
scoring_system epss
scoring_elements 0.97744
published_at 2026-04-09T12:55:00Z
4
value 0.48534
scoring_system epss
scoring_elements 0.97746
published_at 2026-04-11T12:55:00Z
5
value 0.48534
scoring_system epss
scoring_elements 0.97749
published_at 2026-04-12T12:55:00Z
6
value 0.48534
scoring_system epss
scoring_elements 0.9775
published_at 2026-04-13T12:55:00Z
7
value 0.48534
scoring_system epss
scoring_elements 0.97756
published_at 2026-04-16T12:55:00Z
8
value 0.48534
scoring_system epss
scoring_elements 0.97759
published_at 2026-04-26T12:55:00Z
9
value 0.48534
scoring_system epss
scoring_elements 0.97758
published_at 2026-04-24T12:55:00Z
10
value 0.5495
scoring_system epss
scoring_elements 0.98065
published_at 2026-05-07T12:55:00Z
11
value 0.5495
scoring_system epss
scoring_elements 0.98066
published_at 2026-05-11T12:55:00Z
12
value 0.5495
scoring_system epss
scoring_elements 0.98069
published_at 2026-05-12T12:55:00Z
13
value 0.5495
scoring_system epss
scoring_elements 0.98074
published_at 2026-05-14T12:55:00Z
14
value 0.5495
scoring_system epss
scoring_elements 0.9806
published_at 2026-04-29T12:55:00Z
15
value 0.5495
scoring_system epss
scoring_elements 0.98068
published_at 2026-05-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2023-30534
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-30534
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-30534
2
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CFH3J2WVBKY4ZJNMARVOWJQK6PSLPHFH/
reference_id CFH3J2WVBKY4ZJNMARVOWJQK6PSLPHFH
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-26T19:08:26Z/
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CFH3J2WVBKY4ZJNMARVOWJQK6PSLPHFH/
3
reference_url https://www.fastly.com/blog/cve-2023-30534-insecure-deserialization-in-cacti-prior-to-1-2-25
reference_id cve-2023-30534-insecure-deserialization-in-cacti-prior-to-1-2-25
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-26T19:08:26Z/
url https://www.fastly.com/blog/cve-2023-30534-insecure-deserialization-in-cacti-prior-to-1-2-25
4
reference_url https://github.com/Cacti/cacti/security/advisories/GHSA-77rf-774j-6h3p
reference_id GHSA-77rf-774j-6h3p
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-26T19:08:26Z/
url https://github.com/Cacti/cacti/security/advisories/GHSA-77rf-774j-6h3p
5
reference_url https://security.gentoo.org/glsa/202412-02
reference_id GLSA-202412-02
reference_type
scores
url https://security.gentoo.org/glsa/202412-02
6
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WOQFYGLZBAWT4AWNMO7DU73QXWPXTCKH/
reference_id WOQFYGLZBAWT4AWNMO7DU73QXWPXTCKH
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-26T19:08:26Z/
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WOQFYGLZBAWT4AWNMO7DU73QXWPXTCKH/
7
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WZGB2UXJEUYWWA6IWVFQ3ZTP22FIHMGN/
reference_id WZGB2UXJEUYWWA6IWVFQ3ZTP22FIHMGN
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-26T19:08:26Z/
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WZGB2UXJEUYWWA6IWVFQ3ZTP22FIHMGN/
fixed_packages
0
url pkg:deb/debian/cacti@1.2.30%2Bds1-1
purl pkg:deb/debian/cacti@1.2.30%2Bds1-1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/cacti@1.2.30%252Bds1-1
aliases CVE-2023-30534
risk_score 1.9
exploitability 0.5
weighted_severity 3.9
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-pxqa-nkv3-jqfs
2
url VCID-xkkm-ss3p-1udc
vulnerability_id VCID-xkkm-ss3p-1udc
summary SQL Injection vulnerability in Cacti v1.2.25 allows a remote attacker to obtain sensitive information via the form_actions() function in the managers.php function.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2023-46490
reference_id
reference_type
scores
0
value 0.00207
scoring_system epss
scoring_elements 0.42908
published_at 2026-05-14T12:55:00Z
1
value 0.00207
scoring_system epss
scoring_elements 0.42842
published_at 2026-05-12T12:55:00Z
2
value 0.00207
scoring_system epss
scoring_elements 0.43071
published_at 2026-04-02T12:55:00Z
3
value 0.00207
scoring_system epss
scoring_elements 0.43098
published_at 2026-04-04T12:55:00Z
4
value 0.00207
scoring_system epss
scoring_elements 0.43037
published_at 2026-04-07T12:55:00Z
5
value 0.00207
scoring_system epss
scoring_elements 0.4309
published_at 2026-04-12T12:55:00Z
6
value 0.00207
scoring_system epss
scoring_elements 0.43102
published_at 2026-04-09T12:55:00Z
7
value 0.00207
scoring_system epss
scoring_elements 0.43124
published_at 2026-04-11T12:55:00Z
8
value 0.00207
scoring_system epss
scoring_elements 0.43075
published_at 2026-04-13T12:55:00Z
9
value 0.00207
scoring_system epss
scoring_elements 0.43135
published_at 2026-04-16T12:55:00Z
10
value 0.00207
scoring_system epss
scoring_elements 0.43125
published_at 2026-04-18T12:55:00Z
11
value 0.00207
scoring_system epss
scoring_elements 0.4306
published_at 2026-04-21T12:55:00Z
12
value 0.00207
scoring_system epss
scoring_elements 0.42994
published_at 2026-04-24T12:55:00Z
13
value 0.00207
scoring_system epss
scoring_elements 0.42996
published_at 2026-04-26T12:55:00Z
14
value 0.00207
scoring_system epss
scoring_elements 0.42915
published_at 2026-04-29T12:55:00Z
15
value 0.00207
scoring_system epss
scoring_elements 0.42778
published_at 2026-05-05T12:55:00Z
16
value 0.00207
scoring_system epss
scoring_elements 0.42855
published_at 2026-05-07T12:55:00Z
17
value 0.00207
scoring_system epss
scoring_elements 0.42873
published_at 2026-05-09T12:55:00Z
18
value 0.00207
scoring_system epss
scoring_elements 0.42813
published_at 2026-05-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2023-46490
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-46490
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-46490
2
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1059286
reference_id 1059286
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1059286
3
reference_url https://gist.github.com/ISHGARD-2/a95632111138fcd7ccf7432ccb145b53
reference_id a95632111138fcd7ccf7432ccb145b53
reference_type
scores
0
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-10T14:48:55Z/
url https://gist.github.com/ISHGARD-2/a95632111138fcd7ccf7432ccb145b53
4
reference_url https://github.com/Cacti/cacti/security/advisories/GHSA-f4r3-53jr-654c
reference_id GHSA-f4r3-53jr-654c
reference_type
scores
0
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-10T14:48:55Z/
url https://github.com/Cacti/cacti/security/advisories/GHSA-f4r3-53jr-654c
fixed_packages
0
url pkg:deb/debian/cacti@1.2.30%2Bds1-1
purl pkg:deb/debian/cacti@1.2.30%2Bds1-1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/cacti@1.2.30%252Bds1-1
aliases CVE-2023-46490
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-xkkm-ss3p-1udc
Risk_scorenull
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:deb/debian/cacti@1.2.30%252Bds1-1