Django REST framework

Lookup for vulnerable packages by Package URL.

Purl pkg:deb/debian/vlc@2.0.7-1?distro=trixie

Type deb

Namespace debian

Name vlc

Version 2.0.7-1

Qualifiers

distro	trixie

Subpath

Is_vulnerable false

Next_non_vulnerable_version 2.1.0-1

Latest_non_vulnerable_version 3.0.23-3

Affected_by_vulnerabilities

Fixing_vulnerabilities

url VCID-fkhy-sgyz-cke9

vulnerability_id VCID-fkhy-sgyz-cke9

summary

Multiple vulnerabilities have been found in VLC, the worst of which
    could lead to user-assisted execution of arbitrary code.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2013-3245

reference_id

reference_type

scores

value	0.01865
scoring_system	epss
scoring_elements	0.82996
published_at	2026-04-01T12:55:00Z

value	0.01865
scoring_system	epss
scoring_elements	0.83012
published_at	2026-04-02T12:55:00Z

value	0.01865
scoring_system	epss
scoring_elements	0.83026
published_at	2026-04-04T12:55:00Z

value	0.01865
scoring_system	epss
scoring_elements	0.83024
published_at	2026-04-07T12:55:00Z

value	0.01865
scoring_system	epss
scoring_elements	0.83048
published_at	2026-04-08T12:55:00Z

value	0.01865
scoring_system	epss
scoring_elements	0.83055
published_at	2026-04-09T12:55:00Z

value	0.01865
scoring_system	epss
scoring_elements	0.83071
published_at	2026-04-11T12:55:00Z

value	0.01865
scoring_system	epss
scoring_elements	0.83065
published_at	2026-04-12T12:55:00Z

value	0.01865
scoring_system	epss
scoring_elements	0.83061
published_at	2026-04-13T12:55:00Z

value	0.01865
scoring_system	epss
scoring_elements	0.83099
published_at	2026-04-16T12:55:00Z

value	0.01865
scoring_system	epss
scoring_elements	0.831
published_at	2026-04-18T12:55:00Z

value	0.01865
scoring_system	epss
scoring_elements	0.83103
published_at	2026-04-21T12:55:00Z

value	0.01865
scoring_system	epss
scoring_elements	0.83126
published_at	2026-04-24T12:55:00Z

value	0.01865
scoring_system	epss
scoring_elements	0.83134
published_at	2026-04-26T12:55:00Z

value	0.01865
scoring_system	epss
scoring_elements	0.83141
published_at	2026-04-29T12:55:00Z

value	0.01865
scoring_system	epss
scoring_elements	0.83165
published_at	2026-05-05T12:55:00Z

value	0.01865
scoring_system	epss
scoring_elements	0.83187
published_at	2026-05-07T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2013-3245

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-3245
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-3245

reference_url

http://seclists.org/fulldisclosure/2013/Jul/71

reference_id

reference_type

scores

value	6.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-22T20:20:26Z/

url

http://seclists.org/fulldisclosure/2013/Jul/71

reference_url

http://seclists.org/fulldisclosure/2013/Jul/77

reference_id

reference_type

scores

value	6.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-22T20:20:26Z/

url

http://seclists.org/fulldisclosure/2013/Jul/77

reference_url

http://seclists.org/fulldisclosure/2013/Jul/79

reference_id

reference_type

scores

value	6.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-22T20:20:26Z/

url

http://seclists.org/fulldisclosure/2013/Jul/79

reference_url

http://secunia.com/advisories/52956

reference_id

reference_type

scores

value	6.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-22T20:20:26Z/

url

http://secunia.com/advisories/52956

reference_url

http://secunia.com/blog/372/

reference_id

reference_type

scores

value	6.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-22T20:20:26Z/

url

http://secunia.com/blog/372/

reference_url

http://www.jbkempf.com/blog/post/2013/More-lies-from-Secunia

reference_id

reference_type

scores

value	6.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-22T20:20:26Z/

url

http://www.jbkempf.com/blog/post/2013/More-lies-from-Secunia

reference_url

http://www.securityfocus.com/bid/61032

reference_id

reference_type

scores

value	6.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-22T20:20:26Z/

url

http://www.securityfocus.com/bid/61032

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:videolan:vlc_media_player:2.0.7:::::::*
reference_id	cpe:2.3:a:videolan:vlc_media_player:2.0.7:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:videolan:vlc_media_player:2.0.7:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2013-3245

reference_id

CVE-2013-3245

reference_type

scores

value	6.8
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:P/I:P/A:P

value	6.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L

url

https://nvd.nist.gov/vuln/detail/CVE-2013-3245

reference_url	https://security.gentoo.org/glsa/201411-01
reference_id	GLSA-201411-01
reference_type
scores
url	https://security.gentoo.org/glsa/201411-01

fixed_packages

url	pkg:deb/debian/vlc@2.0.7-1?distro=trixie
purl	pkg:deb/debian/vlc@2.0.7-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@2.0.7-1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.21-0%2Bdeb11u1?distro=trixie
purl	pkg:deb/debian/vlc@3.0.21-0%2Bdeb11u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.21-0%252Bdeb11u1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.22-0%2Bdeb12u1?distro=trixie
purl	pkg:deb/debian/vlc@3.0.22-0%2Bdeb12u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.22-0%252Bdeb12u1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.23-0%2Bdeb13u1?distro=trixie
purl	pkg:deb/debian/vlc@3.0.23-0%2Bdeb13u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb13u1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.23-1?distro=trixie
purl	pkg:deb/debian/vlc@3.0.23-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.23-3?distro=trixie
purl	pkg:deb/debian/vlc@3.0.23-3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-3%3Fdistro=trixie

aliases CVE-2013-3245

risk_score 3.0

exploitability 0.5

weighted_severity 6.1

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-fkhy-sgyz-cke9

url VCID-kka1-ncqu-73cc

vulnerability_id VCID-kka1-ncqu-73cc

summary Multiple cross-site scripting (XSS) vulnerabilities in the HTTP Interface in VideoLAN VLC Media Player before 2.0.7 allow remote attackers to inject arbitrary web script or HTML via the (1) command parameter to requests/vlm_cmd.xml, (2) dir parameter to requests/browse.xml, or (3) URI in a request, which is returned in an error message through share/lua/intf/http.lua.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2013-3565

reference_id

reference_type

scores

value	0.00282
scoring_system	epss
scoring_elements	0.516
published_at	2026-04-24T12:55:00Z

value	0.00282
scoring_system	epss
scoring_elements	0.51606
published_at	2026-04-26T12:55:00Z

value	0.00282
scoring_system	epss
scoring_elements	0.51566
published_at	2026-04-29T12:55:00Z

value	0.00282
scoring_system	epss
scoring_elements	0.5151
published_at	2026-05-05T12:55:00Z

value	0.00282
scoring_system	epss
scoring_elements	0.51559
published_at	2026-05-07T12:55:00Z

value	0.00396
scoring_system	epss
scoring_elements	0.60442
published_at	2026-04-09T12:55:00Z

value	0.00396
scoring_system	epss
scoring_elements	0.60463
published_at	2026-04-11T12:55:00Z

value	0.00396
scoring_system	epss
scoring_elements	0.60449
published_at	2026-04-12T12:55:00Z

value	0.00396
scoring_system	epss
scoring_elements	0.60307
published_at	2026-04-01T12:55:00Z

value	0.00396
scoring_system	epss
scoring_elements	0.6047
published_at	2026-04-16T12:55:00Z

value	0.00396
scoring_system	epss
scoring_elements	0.60479
published_at	2026-04-18T12:55:00Z

value	0.00396
scoring_system	epss
scoring_elements	0.60469
published_at	2026-04-21T12:55:00Z

value	0.00396
scoring_system	epss
scoring_elements	0.6043
published_at	2026-04-13T12:55:00Z

value	0.00396
scoring_system	epss
scoring_elements	0.60382
published_at	2026-04-02T12:55:00Z

value	0.00396
scoring_system	epss
scoring_elements	0.60409
published_at	2026-04-04T12:55:00Z

value	0.00396
scoring_system	epss
scoring_elements	0.60377
published_at	2026-04-07T12:55:00Z

value	0.00396
scoring_system	epss
scoring_elements	0.60426
published_at	2026-04-08T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2013-3565

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-3565
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-3565

fixed_packages

url	pkg:deb/debian/vlc@2.0.7-1?distro=trixie
purl	pkg:deb/debian/vlc@2.0.7-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@2.0.7-1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.21-0%2Bdeb11u1?distro=trixie
purl	pkg:deb/debian/vlc@3.0.21-0%2Bdeb11u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.21-0%252Bdeb11u1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.22-0%2Bdeb12u1?distro=trixie
purl	pkg:deb/debian/vlc@3.0.22-0%2Bdeb12u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.22-0%252Bdeb12u1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.23-0%2Bdeb13u1?distro=trixie
purl	pkg:deb/debian/vlc@3.0.23-0%2Bdeb13u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb13u1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.23-1?distro=trixie
purl	pkg:deb/debian/vlc@3.0.23-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.23-3?distro=trixie
purl	pkg:deb/debian/vlc@3.0.23-3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-3%3Fdistro=trixie

aliases CVE-2013-3565

risk_score null

exploitability 0.5

weighted_severity 0.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-kka1-ncqu-73cc

url VCID-v2hu-wzmc-4ba9

vulnerability_id VCID-v2hu-wzmc-4ba9

summary The web interface in VideoLAN VLC media player before 2.0.7 has no access control which allows remote attackers to view directory listings via the 'dir' command or issue other commands without authenticating.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2013-3564

reference_id

reference_type

scores

value	0.00233
scoring_system	epss
scoring_elements	0.46052
published_at	2026-04-01T12:55:00Z

value	0.00233
scoring_system	epss
scoring_elements	0.46092
published_at	2026-04-02T12:55:00Z

value	0.00233
scoring_system	epss
scoring_elements	0.46113
published_at	2026-04-09T12:55:00Z

value	0.00233
scoring_system	epss
scoring_elements	0.4606
published_at	2026-04-07T12:55:00Z

value	0.00233
scoring_system	epss
scoring_elements	0.46116
published_at	2026-04-08T12:55:00Z

value	0.00233
scoring_system	epss
scoring_elements	0.46137
published_at	2026-04-11T12:55:00Z

value	0.00233
scoring_system	epss
scoring_elements	0.46109
published_at	2026-04-12T12:55:00Z

value	0.00233
scoring_system	epss
scoring_elements	0.46118
published_at	2026-04-13T12:55:00Z

value	0.00233
scoring_system	epss
scoring_elements	0.46175
published_at	2026-04-16T12:55:00Z

value	0.00233
scoring_system	epss
scoring_elements	0.46172
published_at	2026-04-18T12:55:00Z

value	0.00233
scoring_system	epss
scoring_elements	0.46117
published_at	2026-04-21T12:55:00Z

value	0.00233
scoring_system	epss
scoring_elements	0.46097
published_at	2026-04-24T12:55:00Z

value	0.00233
scoring_system	epss
scoring_elements	0.46106
published_at	2026-04-26T12:55:00Z

value	0.00233
scoring_system	epss
scoring_elements	0.46047
published_at	2026-04-29T12:55:00Z

value	0.00233
scoring_system	epss
scoring_elements	0.45947
published_at	2026-05-05T12:55:00Z

value	0.00233
scoring_system	epss
scoring_elements	0.46011
published_at	2026-05-07T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2013-3564

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-3564
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-3564

fixed_packages

url	pkg:deb/debian/vlc@2.0.7-1?distro=trixie
purl	pkg:deb/debian/vlc@2.0.7-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@2.0.7-1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.21-0%2Bdeb11u1?distro=trixie
purl	pkg:deb/debian/vlc@3.0.21-0%2Bdeb11u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.21-0%252Bdeb11u1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.22-0%2Bdeb12u1?distro=trixie
purl	pkg:deb/debian/vlc@3.0.22-0%2Bdeb12u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.22-0%252Bdeb12u1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.23-0%2Bdeb13u1?distro=trixie
purl	pkg:deb/debian/vlc@3.0.23-0%2Bdeb13u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb13u1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.23-1?distro=trixie
purl	pkg:deb/debian/vlc@3.0.23-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.23-3?distro=trixie
purl	pkg:deb/debian/vlc@3.0.23-3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-3%3Fdistro=trixie

aliases CVE-2013-3564

risk_score null

exploitability 0.5

weighted_severity 0.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-v2hu-wzmc-4ba9

Risk_score null

Resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@2.0.7-1%3Fdistro=trixie

Package Instance