Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:deb/debian/gst-plugins-ugly1.0@1.22.0-2%2Bdeb12u1?distro=trixie
Typedeb
Namespacedebian
Namegst-plugins-ugly1.0
Version1.22.0-2+deb12u1
Qualifiers
distro trixie
Subpath
Is_vulnerablefalse
Next_non_vulnerable_version1.22.0-2+deb12u2
Latest_non_vulnerable_version1.28.3-1
Affected_by_vulnerabilities
Fixing_vulnerabilities
0
url VCID-6td5-neas-w3ez
vulnerability_id VCID-6td5-neas-w3ez
summary GStreamer RealMedia File Parsing Integer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. Interaction with this library is required to exploit this vulnerability but attack vectors may vary depending on the implementation. The specific flaw exists within the parsing of MDPR chunks. The issue results from the lack of proper validation of user-supplied data, which can result in an integer overflow before allocating a buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-21443.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-38103.json
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-38103.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2023-38103
reference_id
reference_type
scores
0
value 0.07862
scoring_system epss
scoring_elements 0.92172
published_at 2026-06-09T12:55:00Z
1
value 0.07862
scoring_system epss
scoring_elements 0.92161
published_at 2026-06-05T12:55:00Z
2
value 0.07862
scoring_system epss
scoring_elements 0.92159
published_at 2026-06-06T12:55:00Z
3
value 0.07862
scoring_system epss
scoring_elements 0.92157
published_at 2026-06-07T12:55:00Z
4
value 0.07862
scoring_system epss
scoring_elements 0.92158
published_at 2026-06-08T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2023-38103
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-38103
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-38103
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-38104
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-38104
4
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
5
reference_url https://gitlab.freedesktop.org/gstreamer/gstreamer/uploads/d4a0aa4ec2165f6c418703b9e1459d8b/0002-rmdemux-Check-for-integer-overflow-when-calculation-.patch
reference_id 0002-rmdemux-Check-for-integer-overflow-when-calculation-.patch
reference_type
scores
0
value 8.8
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-07-19T13:16:14Z/
url https://gitlab.freedesktop.org/gstreamer/gstreamer/uploads/d4a0aa4ec2165f6c418703b9e1459d8b/0002-rmdemux-Check-for-integer-overflow-when-calculation-.patch
6
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1043501
reference_id 1043501
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1043501
7
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2333312
reference_id 2333312
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2333312
8
reference_url https://www.zerodayinitiative.com/advisories/ZDI-23-1007/
reference_id ZDI-23-1007
reference_type
scores
0
value 8.8
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-07-19T13:16:14Z/
url https://www.zerodayinitiative.com/advisories/ZDI-23-1007/
fixed_packages
0
url pkg:deb/debian/gst-plugins-ugly1.0@1.18.4-2%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/gst-plugins-ugly1.0@1.18.4-2%2Bdeb11u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/gst-plugins-ugly1.0@1.18.4-2%252Bdeb11u1%3Fdistro=trixie
1
url pkg:deb/debian/gst-plugins-ugly1.0@1.22.0-2%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/gst-plugins-ugly1.0@1.22.0-2%2Bdeb12u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/gst-plugins-ugly1.0@1.22.0-2%252Bdeb12u1%3Fdistro=trixie
2
url pkg:deb/debian/gst-plugins-ugly1.0@1.22.0-2%2Bdeb12u2?distro=trixie
purl pkg:deb/debian/gst-plugins-ugly1.0@1.22.0-2%2Bdeb12u2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/gst-plugins-ugly1.0@1.22.0-2%252Bdeb12u2%3Fdistro=trixie
3
url pkg:deb/debian/gst-plugins-ugly1.0@1.22.5-1?distro=trixie
purl pkg:deb/debian/gst-plugins-ugly1.0@1.22.5-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/gst-plugins-ugly1.0@1.22.5-1%3Fdistro=trixie
4
url pkg:deb/debian/gst-plugins-ugly1.0@1.26.3-4%2Bdeb13u1?distro=trixie
purl pkg:deb/debian/gst-plugins-ugly1.0@1.26.3-4%2Bdeb13u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/gst-plugins-ugly1.0@1.26.3-4%252Bdeb13u1%3Fdistro=trixie
5
url pkg:deb/debian/gst-plugins-ugly1.0@1.28.3-1?distro=trixie
purl pkg:deb/debian/gst-plugins-ugly1.0@1.28.3-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/gst-plugins-ugly1.0@1.28.3-1%3Fdistro=trixie
aliases CVE-2023-38103
risk_score 4.0
exploitability 0.5
weighted_severity 7.9
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-6td5-neas-w3ez
1
url VCID-erce-urtq-uyga
vulnerability_id VCID-erce-urtq-uyga
summary GStreamer RealMedia File Parsing Integer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. Interaction with this library is required to exploit this vulnerability but attack vectors may vary depending on the implementation. The specific flaw exists within the parsing of MDPR chunks. The issue results from the lack of proper validation of user-supplied data, which can result in an integer overflow before allocating a buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-21444.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2023-38104
reference_id
reference_type
scores
0
value 0.04974
scoring_system epss
scoring_elements 0.89876
published_at 2026-06-08T12:55:00Z
1
value 0.04974
scoring_system epss
scoring_elements 0.89891
published_at 2026-06-09T12:55:00Z
2
value 0.04974
scoring_system epss
scoring_elements 0.89875
published_at 2026-06-07T12:55:00Z
3
value 0.04974
scoring_system epss
scoring_elements 0.89877
published_at 2026-06-06T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2023-38104
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-38103
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-38103
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-38104
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-38104
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://gitlab.freedesktop.org/gstreamer/gstreamer/uploads/d4a0aa4ec2165f6c418703b9e1459d8b/0002-rmdemux-Check-for-integer-overflow-when-calculation-.patch
reference_id 0002-rmdemux-Check-for-integer-overflow-when-calculation-.patch
reference_type
scores
0
value 8.8
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-06-05T18:20:23Z/
url https://gitlab.freedesktop.org/gstreamer/gstreamer/uploads/d4a0aa4ec2165f6c418703b9e1459d8b/0002-rmdemux-Check-for-integer-overflow-when-calculation-.patch
5
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1043501
reference_id 1043501
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1043501
6
reference_url https://www.zerodayinitiative.com/advisories/ZDI-23-1008/
reference_id ZDI-23-1008
reference_type
scores
0
value 8.8
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-06-05T18:20:23Z/
url https://www.zerodayinitiative.com/advisories/ZDI-23-1008/
fixed_packages
0
url pkg:deb/debian/gst-plugins-ugly1.0@1.18.4-2%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/gst-plugins-ugly1.0@1.18.4-2%2Bdeb11u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/gst-plugins-ugly1.0@1.18.4-2%252Bdeb11u1%3Fdistro=trixie
1
url pkg:deb/debian/gst-plugins-ugly1.0@1.22.0-2%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/gst-plugins-ugly1.0@1.22.0-2%2Bdeb12u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/gst-plugins-ugly1.0@1.22.0-2%252Bdeb12u1%3Fdistro=trixie
2
url pkg:deb/debian/gst-plugins-ugly1.0@1.22.0-2%2Bdeb12u2?distro=trixie
purl pkg:deb/debian/gst-plugins-ugly1.0@1.22.0-2%2Bdeb12u2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/gst-plugins-ugly1.0@1.22.0-2%252Bdeb12u2%3Fdistro=trixie
3
url pkg:deb/debian/gst-plugins-ugly1.0@1.22.5-1?distro=trixie
purl pkg:deb/debian/gst-plugins-ugly1.0@1.22.5-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/gst-plugins-ugly1.0@1.22.5-1%3Fdistro=trixie
4
url pkg:deb/debian/gst-plugins-ugly1.0@1.26.3-4%2Bdeb13u1?distro=trixie
purl pkg:deb/debian/gst-plugins-ugly1.0@1.26.3-4%2Bdeb13u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/gst-plugins-ugly1.0@1.26.3-4%252Bdeb13u1%3Fdistro=trixie
5
url pkg:deb/debian/gst-plugins-ugly1.0@1.28.3-1?distro=trixie
purl pkg:deb/debian/gst-plugins-ugly1.0@1.28.3-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/gst-plugins-ugly1.0@1.28.3-1%3Fdistro=trixie
aliases CVE-2023-38104
risk_score 2.6
exploitability 0.5
weighted_severity 5.3
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-erce-urtq-uyga
Risk_scorenull
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:deb/debian/gst-plugins-ugly1.0@1.22.0-2%252Bdeb12u1%3Fdistro=trixie