Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:deb/debian/php-getid3@1.9.22%2Bdfsg-1?distro=trixie
Typedeb
Namespacedebian
Namephp-getid3
Version1.9.22+dfsg-1
Qualifiers
distro trixie
Subpath
Is_vulnerablefalse
Next_non_vulnerable_version1.9.23+dfsg-1
Latest_non_vulnerable_version1.9.25+dfsg-1
Affected_by_vulnerabilities
Fixing_vulnerabilities
0
url VCID-1twr-du4b-h7h6
vulnerability_id VCID-1twr-du4b-h7h6
summary 
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Cross-site scripting (XSS) vulnerability in getID3 and allows remote attackers to inject arbitrary web script or HTML via the showtagfiles parameter.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-40926
reference_id
reference_type
scores
0
value 0.00284
scoring_system epss
scoring_elements 0.51704
published_at 2026-04-29T12:55:00Z
1
value 0.00284
scoring_system epss
scoring_elements 0.51696
published_at 2026-04-07T12:55:00Z
2
value 0.00284
scoring_system epss
scoring_elements 0.51751
published_at 2026-04-08T12:55:00Z
3
value 0.00284
scoring_system epss
scoring_elements 0.51747
published_at 2026-04-09T12:55:00Z
4
value 0.00284
scoring_system epss
scoring_elements 0.51797
published_at 2026-04-11T12:55:00Z
5
value 0.00284
scoring_system epss
scoring_elements 0.51776
published_at 2026-04-12T12:55:00Z
6
value 0.00284
scoring_system epss
scoring_elements 0.51759
published_at 2026-04-13T12:55:00Z
7
value 0.00284
scoring_system epss
scoring_elements 0.518
published_at 2026-04-16T12:55:00Z
8
value 0.00284
scoring_system epss
scoring_elements 0.51807
published_at 2026-04-18T12:55:00Z
9
value 0.00284
scoring_system epss
scoring_elements 0.51788
published_at 2026-04-21T12:55:00Z
10
value 0.00284
scoring_system epss
scoring_elements 0.51738
published_at 2026-04-24T12:55:00Z
11
value 0.00284
scoring_system epss
scoring_elements 0.51743
published_at 2026-04-26T12:55:00Z
12
value 0.00284
scoring_system epss
scoring_elements 0.5166
published_at 2026-04-01T12:55:00Z
13
value 0.00284
scoring_system epss
scoring_elements 0.5171
published_at 2026-04-02T12:55:00Z
14
value 0.00284
scoring_system epss
scoring_elements 0.51736
published_at 2026-04-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-40926
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-40926
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-40926
2
reference_url https://github.com/JamesHeinrich/getID3
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/JamesHeinrich/getID3
3
reference_url https://github.com/JamesHeinrich/getID3/issues/341
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/JamesHeinrich/getID3/issues/341
4
reference_url https://github.com/JamesHeinrich/getID3/pull/342
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/JamesHeinrich/getID3/pull/342
5
reference_url https://github.com/JamesHeinrich/getID3/releases/tag/v1.9.21
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/JamesHeinrich/getID3/releases/tag/v1.9.21
6
reference_url https://nvd.nist.gov/vuln/detail/CVE-2021-40926
reference_id CVE-2021-40926
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2021-40926
7
reference_url https://github.com/advisories/GHSA-x2gw-85w6-fjjw
reference_id GHSA-x2gw-85w6-fjjw
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-x2gw-85w6-fjjw
fixed_packages
0
url pkg:deb/debian/php-getid3@1.9.21%2Bdfsg-1?distro=trixie
purl pkg:deb/debian/php-getid3@1.9.21%2Bdfsg-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/php-getid3@1.9.21%252Bdfsg-1%3Fdistro=trixie
1
url pkg:deb/debian/php-getid3@1.9.22%2Bdfsg-1?distro=trixie
purl pkg:deb/debian/php-getid3@1.9.22%2Bdfsg-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/php-getid3@1.9.22%252Bdfsg-1%3Fdistro=trixie
2
url pkg:deb/debian/php-getid3@1.9.23%2Bdfsg-1?distro=trixie
purl pkg:deb/debian/php-getid3@1.9.23%2Bdfsg-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/php-getid3@1.9.23%252Bdfsg-1%3Fdistro=trixie
3
url pkg:deb/debian/php-getid3@1.9.25%2Bdfsg-1?distro=trixie
purl pkg:deb/debian/php-getid3@1.9.25%2Bdfsg-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/php-getid3@1.9.25%252Bdfsg-1%3Fdistro=trixie
aliases CVE-2021-40926, GHSA-x2gw-85w6-fjjw
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-1twr-du4b-h7h6
1
url VCID-95zd-g97m-ekh3
vulnerability_id VCID-95zd-g97m-ekh3
summary 
getID3 is vulnerable to XML External Entity (XXE)
getID3() before 1.9.9, as used in ownCloud Server before 5.0.15 and 6.0.x before 6.0.2, allows remote attackers to read arbitrary files, cause a denial of service, or possibly have other impact via an XML External Entity (XXE) attack.
references
0
reference_url http://getid3.sourceforge.net/source/changelog.txt
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url http://getid3.sourceforge.net/source/changelog.txt
1
reference_url http://owncloud.org/about/security/advisories/oC-SA-2014-006
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url http://owncloud.org/about/security/advisories/oC-SA-2014-006
2
reference_url https://api.first.org/data/v1/epss?cve=CVE-2014-2053
reference_id
reference_type
scores
0
value 0.0197
scoring_system epss
scoring_elements 0.83546
published_at 2026-04-11T12:55:00Z
1
value 0.0197
scoring_system epss
scoring_elements 0.83531
published_at 2026-04-09T12:55:00Z
2
value 0.0197
scoring_system epss
scoring_elements 0.83521
published_at 2026-04-08T12:55:00Z
3
value 0.0197
scoring_system epss
scoring_elements 0.83497
published_at 2026-04-07T12:55:00Z
4
value 0.0197
scoring_system epss
scoring_elements 0.8347
published_at 2026-04-01T12:55:00Z
5
value 0.0197
scoring_system epss
scoring_elements 0.83483
published_at 2026-04-02T12:55:00Z
6
value 0.0197
scoring_system epss
scoring_elements 0.8354
published_at 2026-04-12T12:55:00Z
7
value 0.03481
scoring_system epss
scoring_elements 0.87607
published_at 2026-04-29T12:55:00Z
8
value 0.03481
scoring_system epss
scoring_elements 0.87571
published_at 2026-04-13T12:55:00Z
9
value 0.03481
scoring_system epss
scoring_elements 0.87585
published_at 2026-04-16T12:55:00Z
10
value 0.03481
scoring_system epss
scoring_elements 0.87586
published_at 2026-04-18T12:55:00Z
11
value 0.03481
scoring_system epss
scoring_elements 0.87584
published_at 2026-04-21T12:55:00Z
12
value 0.03481
scoring_system epss
scoring_elements 0.87602
published_at 2026-04-24T12:55:00Z
13
value 0.03481
scoring_system epss
scoring_elements 0.87609
published_at 2026-04-26T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2014-2053
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2053
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2053
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5204
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5204
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5205
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5205
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5240
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5240
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5265
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5265
8
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5266
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5266
9
reference_url http://secunia.com/advisories/58002
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url http://secunia.com/advisories/58002
10
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/james-heinrich/getid3/CVE-2014-2053.yaml
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/james-heinrich/getid3/CVE-2014-2053.yaml
11
reference_url https://github.com/JamesHeinrich/getID3
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/JamesHeinrich/getID3
12
reference_url https://github.com/JamesHeinrich/getID3/commit/afbdaa044a9a0a9dff2f800bd670e231b3ec99b2
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/JamesHeinrich/getID3/commit/afbdaa044a9a0a9dff2f800bd670e231b3ec99b2
13
reference_url https://nvd.nist.gov/vuln/detail/CVE-2014-2053
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2014-2053
14
reference_url https://wordpress.org/news/2014/08/wordpress-3-9-2
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url https://wordpress.org/news/2014/08/wordpress-3-9-2
15
reference_url http://www.debian.org/security/2014/dsa-3001
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.debian.org/security/2014/dsa-3001
16
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=757312
reference_id 757312
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=757312
17
reference_url https://github.com/advisories/GHSA-5v43-55m5-qr8f
reference_id GHSA-5v43-55m5-qr8f
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-5v43-55m5-qr8f
fixed_packages
0
url pkg:deb/debian/php-getid3@1.9.7-2?distro=trixie
purl pkg:deb/debian/php-getid3@1.9.7-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/php-getid3@1.9.7-2%3Fdistro=trixie
1
url pkg:deb/debian/php-getid3@1.9.20%2Bdfsg-1?distro=trixie
purl pkg:deb/debian/php-getid3@1.9.20%2Bdfsg-1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1twr-du4b-h7h6
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/php-getid3@1.9.20%252Bdfsg-1%3Fdistro=trixie
2
url pkg:deb/debian/php-getid3@1.9.22%2Bdfsg-1?distro=trixie
purl pkg:deb/debian/php-getid3@1.9.22%2Bdfsg-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/php-getid3@1.9.22%252Bdfsg-1%3Fdistro=trixie
3
url pkg:deb/debian/php-getid3@1.9.23%2Bdfsg-1?distro=trixie
purl pkg:deb/debian/php-getid3@1.9.23%2Bdfsg-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/php-getid3@1.9.23%252Bdfsg-1%3Fdistro=trixie
4
url pkg:deb/debian/php-getid3@1.9.25%2Bdfsg-1?distro=trixie
purl pkg:deb/debian/php-getid3@1.9.25%2Bdfsg-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/php-getid3@1.9.25%252Bdfsg-1%3Fdistro=trixie
aliases CVE-2014-2053, GHSA-5v43-55m5-qr8f
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-95zd-g97m-ekh3
Risk_scorenull
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:deb/debian/php-getid3@1.9.22%252Bdfsg-1%3Fdistro=trixie