Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:alpm/archlinux/zabbix-frontend-php@5.2.5-1
Typealpm
Namespacearchlinux
Namezabbix-frontend-php
Version5.2.5-1
Qualifiers
Subpath
Is_vulnerabletrue
Next_non_vulnerable_version5.2.6-1
Latest_non_vulnerable_version5.2.6-1
Affected_by_vulnerabilities
0
url VCID-upzh-6yjy-tff3
vulnerability_id VCID-upzh-6yjy-tff3
summary In Zabbix from 4.0.x before 4.0.28rc1, 5.0.0alpha1 before 5.0.10rc1, 5.2.x before 5.2.6rc1, and 5.4.0alpha1 before 5.4.0beta2, the CControllerAuthenticationUpdate controller lacks a CSRF protection mechanism. The code inside this controller calls diableSIDValidation inside the init() method. An attacker doesn't have to know Zabbix user login credentials, but has to know the correct Zabbix URL and contact information of an existing user with sufficient privileges.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-27927
reference_id
reference_type
scores
0
value 0.00075
scoring_system epss
scoring_elements 0.22533
published_at 2026-04-21T12:55:00Z
1
value 0.00075
scoring_system epss
scoring_elements 0.22587
published_at 2026-04-16T12:55:00Z
2
value 0.00075
scoring_system epss
scoring_elements 0.22583
published_at 2026-04-18T12:55:00Z
3
value 0.00125
scoring_system epss
scoring_elements 0.31691
published_at 2026-04-13T12:55:00Z
4
value 0.00145
scoring_system epss
scoring_elements 0.34931
published_at 2026-04-08T12:55:00Z
5
value 0.00145
scoring_system epss
scoring_elements 0.34781
published_at 2026-04-01T12:55:00Z
6
value 0.00145
scoring_system epss
scoring_elements 0.34964
published_at 2026-04-11T12:55:00Z
7
value 0.00145
scoring_system epss
scoring_elements 0.34928
published_at 2026-04-12T12:55:00Z
8
value 0.00145
scoring_system epss
scoring_elements 0.3496
published_at 2026-04-09T12:55:00Z
9
value 0.00145
scoring_system epss
scoring_elements 0.3498
published_at 2026-04-02T12:55:00Z
10
value 0.00145
scoring_system epss
scoring_elements 0.35006
published_at 2026-04-04T12:55:00Z
11
value 0.00145
scoring_system epss
scoring_elements 0.34886
published_at 2026-04-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-27927
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-27927
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-27927
2
reference_url https://security.archlinux.org/AVG-1771
reference_id AVG-1771
reference_type
scores
0
value Medium
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-1771
fixed_packages
0
url pkg:alpm/archlinux/zabbix-frontend-php@5.2.6-1
purl pkg:alpm/archlinux/zabbix-frontend-php@5.2.6-1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/zabbix-frontend-php@5.2.6-1
aliases CVE-2021-27927
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-upzh-6yjy-tff3
Fixing_vulnerabilities
Risk_score3.1
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/zabbix-frontend-php@5.2.5-1