Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:deb/debian/erlang@1:27.3.4.1%2Bdfsg-1?distro=trixie
Typedeb
Namespacedebian
Nameerlang
Version1:27.3.4.1+dfsg-1
Qualifiers
distro trixie
Subpath
Is_vulnerablefalse
Next_non_vulnerable_version1:27.3.4.3+dfsg-1
Latest_non_vulnerable_version1:27.3.4.10+dfsg-1
Affected_by_vulnerabilities
Fixing_vulnerabilities
0
url VCID-vqnt-uyex-87fn
vulnerability_id VCID-vqnt-uyex-87fn
summary Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Erlang OTP (stdlib modules) allows Absolute Path Traversal, File Manipulation. This vulnerability is associated with program files lib/stdlib/src/zip.erl and program routines zip:unzip/1, zip:unzip/2, zip:extract/1, zip:extract/2 unless the memory option is passed. This issue affects OTP from OTP 17.0 until OTP 28.0.1, OTP 27.3.4.1 and OTP 26.2.5.13, corresponding to stdlib from 2.0 until 7.0.1, 6.2.2.1 and 5.2.3.4.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-4748
reference_id
reference_type
scores
0
value 0.00092
scoring_system epss
scoring_elements 0.2609
published_at 2026-04-02T12:55:00Z
1
value 0.00092
scoring_system epss
scoring_elements 0.26131
published_at 2026-04-04T12:55:00Z
2
value 0.00108
scoring_system epss
scoring_elements 0.2905
published_at 2026-04-07T12:55:00Z
3
value 0.00108
scoring_system epss
scoring_elements 0.29161
published_at 2026-04-11T12:55:00Z
4
value 0.00108
scoring_system epss
scoring_elements 0.29155
published_at 2026-04-09T12:55:00Z
5
value 0.00108
scoring_system epss
scoring_elements 0.29113
published_at 2026-04-08T12:55:00Z
6
value 0.00375
scoring_system epss
scoring_elements 0.59144
published_at 2026-04-16T12:55:00Z
7
value 0.00375
scoring_system epss
scoring_elements 0.59107
published_at 2026-04-13T12:55:00Z
8
value 0.00375
scoring_system epss
scoring_elements 0.59126
published_at 2026-04-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-4748
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-4748
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-4748
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 4.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1107939
reference_id 1107939
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1107939
4
reference_url https://github.com/erlang/otp/commit/578d4001575aa7647ea1efd4b2b7e3afadcc99a5
reference_id 578d4001575aa7647ea1efd4b2b7e3afadcc99a5
reference_type
scores
0
value 4.8
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:N/VI:L/VA:L/SC:N/SI:L/SA:L
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-16T15:10:47Z/
url https://github.com/erlang/otp/commit/578d4001575aa7647ea1efd4b2b7e3afadcc99a5
5
reference_url https://github.com/erlang/otp/commit/5a55feec10c9b69189d56723d8f237afa58d5d4f
reference_id 5a55feec10c9b69189d56723d8f237afa58d5d4f
reference_type
scores
0
value 4.8
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:N/VI:L/VA:L/SC:N/SI:L/SA:L
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-16T15:10:47Z/
url https://github.com/erlang/otp/commit/5a55feec10c9b69189d56723d8f237afa58d5d4f
6
reference_url https://github.com/erlang/otp/pull/9941
reference_id 9941
reference_type
scores
0
value 4.8
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:N/VI:L/VA:L/SC:N/SI:L/SA:L
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-16T15:10:47Z/
url https://github.com/erlang/otp/pull/9941
7
reference_url https://security.archlinux.org/AVG-2900
reference_id AVG-2900
reference_type
scores
0
value Medium
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-2900
8
reference_url https://github.com/erlang/otp/commit/ba2f2bc5f45fcfd2d6201ba07990a678bbf4cc8f
reference_id ba2f2bc5f45fcfd2d6201ba07990a678bbf4cc8f
reference_type
scores
0
value 4.8
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:N/VI:L/VA:L/SC:N/SI:L/SA:L
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-16T15:10:47Z/
url https://github.com/erlang/otp/commit/ba2f2bc5f45fcfd2d6201ba07990a678bbf4cc8f
9
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:erlang:erlang\/otp:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:erlang:erlang\/otp:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:erlang:erlang\/otp:*:*:*:*:*:*:*:*
10
reference_url https://cna.erlef.org/cves/CVE-2025-4748.html
reference_id CVE-2025-4748.html
reference_type
scores
0
value 4.8
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:N/VI:L/VA:L/SC:N/SI:L/SA:L
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-16T15:10:47Z/
url https://cna.erlef.org/cves/CVE-2025-4748.html
11
reference_url https://osv.dev/vulnerability/EEF-CVE-2025-4748
reference_id EEF-CVE-2025-4748
reference_type
scores
0
value 4.8
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:N/VI:L/VA:L/SC:N/SI:L/SA:L
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-16T15:10:47Z/
url https://osv.dev/vulnerability/EEF-CVE-2025-4748
12
reference_url https://github.com/erlang/otp/security/advisories/GHSA-9g37-pgj9-wrhc
reference_id GHSA-9g37-pgj9-wrhc
reference_type
scores
0
value 4.8
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:N/VI:L/VA:L/SC:N/SI:L/SA:L
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-16T15:10:47Z/
url https://github.com/erlang/otp/security/advisories/GHSA-9g37-pgj9-wrhc
13
reference_url https://usn.ubuntu.com/7656-1/
reference_id USN-7656-1
reference_type
scores
url https://usn.ubuntu.com/7656-1/
14
reference_url https://www.erlang.org/doc/system/versions.html#order-of-versions
reference_id versions.html#order-of-versions
reference_type
scores
0
value 4.8
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:N/VI:L/VA:L/SC:N/SI:L/SA:L
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-16T15:10:47Z/
url https://www.erlang.org/doc/system/versions.html#order-of-versions
fixed_packages
0
url pkg:deb/debian/erlang@1:23.2.6%2Bdfsg-1%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/erlang@1:23.2.6%2Bdfsg-1%2Bdeb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-28fj-t5hy-x3gn
1
vulnerability VCID-gcn7-ak4r-eba3
2
vulnerability VCID-h1k4-x8vr-5bch
3
vulnerability VCID-j7t3-nrjj-pfgp
4
vulnerability VCID-s9qn-9qdm-j7ej
5
vulnerability VCID-w9yj-xg82-kyac
6
vulnerability VCID-wwcj-hwqc-f3g7
7
vulnerability VCID-xcks-117s-v3dd
8
vulnerability VCID-z6gs-aq96-gkaw
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/erlang@1:23.2.6%252Bdfsg-1%252Bdeb11u1%3Fdistro=trixie
1
url pkg:deb/debian/erlang@1:23.2.6%2Bdfsg-1%2Bdeb11u3?distro=trixie
purl pkg:deb/debian/erlang@1:23.2.6%2Bdfsg-1%2Bdeb11u3?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/erlang@1:23.2.6%252Bdfsg-1%252Bdeb11u3%3Fdistro=trixie
2
url pkg:deb/debian/erlang@1:25.2.3%2Bdfsg-1%2Bdeb12u2?distro=trixie
purl pkg:deb/debian/erlang@1:25.2.3%2Bdfsg-1%2Bdeb12u2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/erlang@1:25.2.3%252Bdfsg-1%252Bdeb12u2%3Fdistro=trixie
3
url pkg:deb/debian/erlang@1:25.2.3%2Bdfsg-1%2Bdeb12u3?distro=trixie
purl pkg:deb/debian/erlang@1:25.2.3%2Bdfsg-1%2Bdeb12u3?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1283-nvxm-r7cw
1
vulnerability VCID-28fj-t5hy-x3gn
2
vulnerability VCID-c3vm-u9jn-83cs
3
vulnerability VCID-gcn7-ak4r-eba3
4
vulnerability VCID-h1k4-x8vr-5bch
5
vulnerability VCID-j7t3-nrjj-pfgp
6
vulnerability VCID-jxzt-8wru-6yhk
7
vulnerability VCID-s9qn-9qdm-j7ej
8
vulnerability VCID-w9yj-xg82-kyac
9
vulnerability VCID-wwcj-hwqc-f3g7
10
vulnerability VCID-xcks-117s-v3dd
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/erlang@1:25.2.3%252Bdfsg-1%252Bdeb12u3%3Fdistro=trixie
4
url pkg:deb/debian/erlang@1:27.3.4.1%2Bdfsg-1?distro=trixie
purl pkg:deb/debian/erlang@1:27.3.4.1%2Bdfsg-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/erlang@1:27.3.4.1%252Bdfsg-1%3Fdistro=trixie
5
url pkg:deb/debian/erlang@1:27.3.4.1%2Bdfsg-1%2Bdeb13u1?distro=trixie
purl pkg:deb/debian/erlang@1:27.3.4.1%2Bdfsg-1%2Bdeb13u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-gcn7-ak4r-eba3
1
vulnerability VCID-h1k4-x8vr-5bch
2
vulnerability VCID-j7t3-nrjj-pfgp
3
vulnerability VCID-s9qn-9qdm-j7ej
4
vulnerability VCID-w9yj-xg82-kyac
5
vulnerability VCID-wwcj-hwqc-f3g7
6
vulnerability VCID-zegc-rj1x-ryau
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/erlang@1:27.3.4.1%252Bdfsg-1%252Bdeb13u1%3Fdistro=trixie
6
url pkg:deb/debian/erlang@1:27.3.4.9%2Bdfsg-1?distro=trixie
purl pkg:deb/debian/erlang@1:27.3.4.9%2Bdfsg-1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-gcn7-ak4r-eba3
1
vulnerability VCID-j7t3-nrjj-pfgp
2
vulnerability VCID-zegc-rj1x-ryau
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/erlang@1:27.3.4.9%252Bdfsg-1%3Fdistro=trixie
7
url pkg:deb/debian/erlang@1:27.3.4.10%2Bdfsg-1?distro=trixie
purl pkg:deb/debian/erlang@1:27.3.4.10%2Bdfsg-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/erlang@1:27.3.4.10%252Bdfsg-1%3Fdistro=trixie
aliases CVE-2025-4748
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-vqnt-uyex-87fn
Risk_scorenull
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:deb/debian/erlang@1:27.3.4.1%252Bdfsg-1%3Fdistro=trixie