Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:nuget/Apache.Avro@1.9.1
Typenuget
Namespace
NameApache.Avro
Version1.9.1
Qualifiers
Subpath
Is_vulnerabletrue
Next_non_vulnerable_version1.11.3
Latest_non_vulnerable_version1.11.3
Affected_by_vulnerabilities
0
url VCID-6yqn-2w2d-3yd3
vulnerability_id VCID-6yqn-2w2d-3yd3
summary 
When deserializing untrusted or corrupted data, it is possible for a reader to consume memory beyond the allowed constraints and thus lead to out of memory on the system.

This issue affects Java applications using Apache Avro Java SDK up to and including 1.11.2.  Users should update to apache-avro version 1.11.3 which addresses this issue.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-39410.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-39410.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2023-39410
reference_id
reference_type
scores
0
value 0.00061
scoring_system epss
scoring_elements 0.1896
published_at 2026-04-21T12:55:00Z
1
value 0.00061
scoring_system epss
scoring_elements 0.18951
published_at 2026-04-18T12:55:00Z
2
value 0.00061
scoring_system epss
scoring_elements 0.18938
published_at 2026-04-16T12:55:00Z
3
value 0.00061
scoring_system epss
scoring_elements 0.18984
published_at 2026-04-13T12:55:00Z
4
value 0.00061
scoring_system epss
scoring_elements 0.19036
published_at 2026-04-12T12:55:00Z
5
value 0.00061
scoring_system epss
scoring_elements 0.19227
published_at 2026-04-04T12:55:00Z
6
value 0.00061
scoring_system epss
scoring_elements 0.19082
published_at 2026-04-11T12:55:00Z
7
value 0.00061
scoring_system epss
scoring_elements 0.19077
published_at 2026-04-09T12:55:00Z
8
value 0.00061
scoring_system epss
scoring_elements 0.19023
published_at 2026-04-08T12:55:00Z
9
value 0.00061
scoring_system epss
scoring_elements 0.18943
published_at 2026-04-07T12:55:00Z
10
value 0.00061
scoring_system epss
scoring_elements 0.19175
published_at 2026-04-02T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2023-39410
2
reference_url https://github.com/apache/avro
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/apache/avro
3
reference_url https://github.com/apache/avro/commit/a12a7e44ddbe060c3dc731863cad5c15f9267828
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/apache/avro/commit/a12a7e44ddbe060c3dc731863cad5c15f9267828
4
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/avro/PYSEC-2023-188.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/avro/PYSEC-2023-188.yaml
5
reference_url https://issues.apache.org/jira/browse/AVRO-3819
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://issues.apache.org/jira/browse/AVRO-3819
6
reference_url https://lists.apache.org/thread/q142wj99cwdd0jo5lvdoxzoymlqyjdds
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-06-26T19:07:20Z/
url https://lists.apache.org/thread/q142wj99cwdd0jo5lvdoxzoymlqyjdds
7
reference_url https://security.netapp.com/advisory/ntap-20240621-0006
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://security.netapp.com/advisory/ntap-20240621-0006
8
reference_url https://www.openwall.com/lists/oss-security/2023/09/29/6
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-06-26T19:07:20Z/
url https://www.openwall.com/lists/oss-security/2023/09/29/6
9
reference_url http://www.openwall.com/lists/oss-security/2023/09/29/6
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2023/09/29/6
10
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2242521
reference_id 2242521
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2242521
11
reference_url https://nvd.nist.gov/vuln/detail/CVE-2023-39410
reference_id CVE-2023-39410
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2023-39410
12
reference_url https://github.com/advisories/GHSA-rhrv-645h-fjfh
reference_id GHSA-rhrv-645h-fjfh
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-rhrv-645h-fjfh
13
reference_url https://access.redhat.com/errata/RHSA-2023:7617
reference_id RHSA-2023:7617
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:7617
fixed_packages
0
url pkg:nuget/Apache.Avro@1.11.3
purl pkg:nuget/Apache.Avro@1.11.3
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:nuget/Apache.Avro@1.11.3
aliases CVE-2023-39410, GHSA-rhrv-645h-fjfh, PYSEC-2023-188
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-6yqn-2w2d-3yd3
1
url VCID-keum-zdsz-s3by
vulnerability_id VCID-keum-zdsz-s3by
summary 
Allocation of Resources Without Limits or Throttling in Apache Avro
A vulnerability in the .NET SDK of Apache Avro allows an attacker to allocate excessive resources, potentially causing a denial-of-service attack. This issue affects .NET applications using Apache Avro and prior versions. Users should update to which addresses this issue.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-43045.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-43045.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-43045
reference_id
reference_type
scores
0
value 0.0037
scoring_system epss
scoring_elements 0.58883
published_at 2026-04-21T12:55:00Z
1
value 0.0037
scoring_system epss
scoring_elements 0.58762
published_at 2026-04-01T12:55:00Z
2
value 0.0037
scoring_system epss
scoring_elements 0.58837
published_at 2026-04-02T12:55:00Z
3
value 0.0037
scoring_system epss
scoring_elements 0.58859
published_at 2026-04-04T12:55:00Z
4
value 0.0037
scoring_system epss
scoring_elements 0.58828
published_at 2026-04-07T12:55:00Z
5
value 0.0037
scoring_system epss
scoring_elements 0.58879
published_at 2026-04-08T12:55:00Z
6
value 0.0037
scoring_system epss
scoring_elements 0.58886
published_at 2026-04-09T12:55:00Z
7
value 0.0037
scoring_system epss
scoring_elements 0.58903
published_at 2026-04-11T12:55:00Z
8
value 0.0037
scoring_system epss
scoring_elements 0.58885
published_at 2026-04-12T12:55:00Z
9
value 0.0037
scoring_system epss
scoring_elements 0.58866
published_at 2026-04-13T12:55:00Z
10
value 0.0037
scoring_system epss
scoring_elements 0.58899
published_at 2026-04-16T12:55:00Z
11
value 0.0037
scoring_system epss
scoring_elements 0.58904
published_at 2026-04-18T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-43045
2
reference_url https://github.com/apache/avro
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/apache/avro
3
reference_url https://github.com/apache/avro/pull/1357
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/apache/avro/pull/1357
4
reference_url https://issues.apache.org/jira/browse/AVRO-3225
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://issues.apache.org/jira/browse/AVRO-3225
5
reference_url https://issues.apache.org/jira/browse/AVRO-3226
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://issues.apache.org/jira/browse/AVRO-3226
6
reference_url https://lists.apache.org/thread/5fttw9vk6gd2p3b846nox7hcj5469xfd
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread/5fttw9vk6gd2p3b846nox7hcj5469xfd
7
reference_url http://www.openwall.com/lists/oss-security/2022/01/06/8
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2022/01/06/8
8
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2042576
reference_id 2042576
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2042576
9
reference_url https://nvd.nist.gov/vuln/detail/CVE-2021-43045
reference_id CVE-2021-43045
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2021-43045
10
reference_url https://github.com/advisories/GHSA-868x-rg4c-cjqg
reference_id GHSA-868x-rg4c-cjqg
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-868x-rg4c-cjqg
fixed_packages
0
url pkg:nuget/Apache.Avro@1.11.0
purl pkg:nuget/Apache.Avro@1.11.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-6yqn-2w2d-3yd3
resource_url http://public2.vulnerablecode.io/packages/pkg:nuget/Apache.Avro@1.11.0
aliases CVE-2021-43045, GHSA-868x-rg4c-cjqg
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-keum-zdsz-s3by
Fixing_vulnerabilities
Risk_score4.0
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:nuget/Apache.Avro@1.9.1