Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:deb/debian/ansible-core@2.18.0-1?distro=trixie
Typedeb
Namespacedebian
Nameansible-core
Version2.18.0-1
Qualifiers
distro trixie
Subpath
Is_vulnerablefalse
Next_non_vulnerable_version2.18.0-2
Latest_non_vulnerable_version2.20.3-1
Affected_by_vulnerabilities
Fixing_vulnerabilities
0
url VCID-1wv8-rvwu-nye3
vulnerability_id VCID-1wv8-rvwu-nye3
summary 
ansible-core Incorrect Authorization vulnerability
A flaw was found in Ansible. The ansible-core `user` module can allow an unprivileged user to silently create or replace the contents of any file on any system path and take ownership of it when a privileged user executes the `user` module against the unprivileged user's home directory. If the unprivileged user has traversal permissions on the directory containing the exploited target file, they retain full control over the contents of the file as its owner.
references
0
reference_url https://access.redhat.com/errata/RHSA-2024:10762
reference_id
reference_type
scores
0
value 6.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:L
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:A/VC:H/VI:H/VA:L/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-11-06T14:20:56Z/
url https://access.redhat.com/errata/RHSA-2024:10762
1
reference_url https://access.redhat.com/errata/RHSA-2024:8969
reference_id
reference_type
scores
0
value 6.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:L
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:A/VC:H/VI:H/VA:L/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-11-06T14:20:56Z/
url https://access.redhat.com/errata/RHSA-2024:8969
2
reference_url https://access.redhat.com/errata/RHSA-2024:9894
reference_id
reference_type
scores
0
value 6.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:L
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:A/VC:H/VI:H/VA:L/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-11-06T14:20:56Z/
url https://access.redhat.com/errata/RHSA-2024:9894
3
reference_url https://access.redhat.com/errata/RHSA-2025:1861
reference_id
reference_type
scores
0
value 6.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:L
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:A/VC:H/VI:H/VA:L/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-11-06T14:20:56Z/
url https://access.redhat.com/errata/RHSA-2025:1861
4
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-9902.json
reference_id
reference_type
scores
0
value 6.3
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-9902.json
5
reference_url https://access.redhat.com/security/cve/CVE-2024-9902
reference_id
reference_type
scores
0
value 6.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:L
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:A/VC:H/VI:H/VA:L/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-11-06T14:20:56Z/
url https://access.redhat.com/security/cve/CVE-2024-9902
6
reference_url https://api.first.org/data/v1/epss?cve=CVE-2024-9902
reference_id
reference_type
scores
0
value 0.00029
scoring_system epss
scoring_elements 0.08169
published_at 2026-04-21T12:55:00Z
1
value 0.00031
scoring_system epss
scoring_elements 0.08909
published_at 2026-04-08T12:55:00Z
2
value 0.00031
scoring_system epss
scoring_elements 0.08752
published_at 2026-04-18T12:55:00Z
3
value 0.00031
scoring_system epss
scoring_elements 0.08777
published_at 2026-04-16T12:55:00Z
4
value 0.00031
scoring_system epss
scoring_elements 0.08887
published_at 2026-04-13T12:55:00Z
5
value 0.00031
scoring_system epss
scoring_elements 0.08935
published_at 2026-04-11T12:55:00Z
6
value 0.00031
scoring_system epss
scoring_elements 0.08936
published_at 2026-04-09T12:55:00Z
7
value 0.00031
scoring_system epss
scoring_elements 0.08851
published_at 2026-04-02T12:55:00Z
8
value 0.00031
scoring_system epss
scoring_elements 0.089
published_at 2026-04-12T12:55:00Z
9
value 0.00031
scoring_system epss
scoring_elements 0.08831
published_at 2026-04-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2024-9902
7
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2318271
reference_id
reference_type
scores
0
value 6.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:L
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:A/VC:H/VI:H/VA:L/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-11-06T14:20:56Z/
url https://bugzilla.redhat.com/show_bug.cgi?id=2318271
8
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-9902
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-9902
9
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
10
reference_url https://github.com/ansible/ansible
reference_id
reference_type
scores
0
value 6.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:L
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:A/VC:H/VI:H/VA:L/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/ansible/ansible
11
reference_url https://github.com/ansible/ansible/commit/03794735d370db98a5ec2ad514fab2b0dd22d6be
reference_id
reference_type
scores
0
value 6.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:L
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:A/VC:H/VI:H/VA:L/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/ansible/ansible/commit/03794735d370db98a5ec2ad514fab2b0dd22d6be
12
reference_url https://github.com/ansible/ansible/commit/03daf774d0d80fb7235910ed1c2b4fbcaebdfe65
reference_id
reference_type
scores
0
value 6.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:L
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:A/VC:H/VI:H/VA:L/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/ansible/ansible/commit/03daf774d0d80fb7235910ed1c2b4fbcaebdfe65
13
reference_url https://github.com/ansible/ansible/commit/3b6de811abea0a811e03e3029222a7e459922892
reference_id
reference_type
scores
0
value 6.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:L
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:A/VC:H/VI:H/VA:L/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/ansible/ansible/commit/3b6de811abea0a811e03e3029222a7e459922892
14
reference_url https://github.com/ansible/ansible/commit/9d7312f695639e804d2caeb1d0f51c716a9ac7dd
reference_id
reference_type
scores
0
value 6.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:L
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:A/VC:H/VI:H/VA:L/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/ansible/ansible/commit/9d7312f695639e804d2caeb1d0f51c716a9ac7dd
15
reference_url https://github.com/ansible/ansible/commit/f7be90626da3035c697623dcf9c90b7a0bc91c92
reference_id
reference_type
scores
0
value 6.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:L
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:A/VC:H/VI:H/VA:L/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/ansible/ansible/commit/f7be90626da3035c697623dcf9c90b7a0bc91c92
16
reference_url https://lists.debian.org/debian-lts-announce/2024/11/msg00021.html
reference_id
reference_type
scores
0
value 6.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:L
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:A/VC:H/VI:H/VA:L/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.debian.org/debian-lts-announce/2024/11/msg00021.html
17
reference_url https://nvd.nist.gov/vuln/detail/CVE-2024-9902
reference_id
reference_type
scores
0
value 6.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:L
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:A/VC:H/VI:H/VA:L/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2024-9902
18
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1086883
reference_id 1086883
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1086883
19
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:ansible_automation_platform:2.4::el8
reference_id cpe:/a:redhat:ansible_automation_platform:2.4::el8
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:ansible_automation_platform:2.4::el8
20
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:ansible_automation_platform:2.4::el9
reference_id cpe:/a:redhat:ansible_automation_platform:2.4::el9
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:ansible_automation_platform:2.4::el9
21
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:ansible_automation_platform:2.5::el8
reference_id cpe:/a:redhat:ansible_automation_platform:2.5::el8
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:ansible_automation_platform:2.5::el8
22
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:ansible_automation_platform:2.5::el9
reference_id cpe:/a:redhat:ansible_automation_platform:2.5::el9
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:ansible_automation_platform:2.5::el9
23
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:ansible_automation_platform_developer:2.4::el8
reference_id cpe:/a:redhat:ansible_automation_platform_developer:2.4::el8
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:ansible_automation_platform_developer:2.4::el8
24
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:ansible_automation_platform_developer:2.4::el9
reference_id cpe:/a:redhat:ansible_automation_platform_developer:2.4::el9
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:ansible_automation_platform_developer:2.4::el9
25
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:ansible_automation_platform_developer:2.5::el8
reference_id cpe:/a:redhat:ansible_automation_platform_developer:2.5::el8
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:ansible_automation_platform_developer:2.5::el8
26
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:ansible_automation_platform_developer:2.5::el9
reference_id cpe:/a:redhat:ansible_automation_platform_developer:2.5::el9
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:ansible_automation_platform_developer:2.5::el9
27
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:ansible_automation_platform_inside:2.4::el8
reference_id cpe:/a:redhat:ansible_automation_platform_inside:2.4::el8
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:ansible_automation_platform_inside:2.4::el8
28
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:ansible_automation_platform_inside:2.4::el9
reference_id cpe:/a:redhat:ansible_automation_platform_inside:2.4::el9
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:ansible_automation_platform_inside:2.4::el9
29
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:ansible_automation_platform_inside:2.5::el8
reference_id cpe:/a:redhat:ansible_automation_platform_inside:2.5::el8
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:ansible_automation_platform_inside:2.5::el8
30
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:ansible_automation_platform_inside:2.5::el9
reference_id cpe:/a:redhat:ansible_automation_platform_inside:2.5::el9
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:ansible_automation_platform_inside:2.5::el9
31
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:ansible_core:2::el8
reference_id cpe:/a:redhat:ansible_core:2::el8
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:ansible_core:2::el8
32
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:ansible_core:2::el9
reference_id cpe:/a:redhat:ansible_core:2::el9
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:ansible_core:2::el9
33
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openstack:17.1::el9
reference_id cpe:/a:redhat:openstack:17.1::el9
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openstack:17.1::el9
34
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10
reference_id cpe:/o:redhat:enterprise_linux:10
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10
35
reference_url https://github.com/advisories/GHSA-32p4-gm2c-wmch
reference_id GHSA-32p4-gm2c-wmch
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-32p4-gm2c-wmch
fixed_packages
0
url pkg:deb/debian/ansible-core@2.14.18-0%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/ansible-core@2.14.18-0%2Bdeb12u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/ansible-core@2.14.18-0%252Bdeb12u1%3Fdistro=trixie
1
url pkg:deb/debian/ansible-core@2.14.18-0%2Bdeb12u2?distro=trixie
purl pkg:deb/debian/ansible-core@2.14.18-0%2Bdeb12u2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/ansible-core@2.14.18-0%252Bdeb12u2%3Fdistro=trixie
2
url pkg:deb/debian/ansible-core@2.18.0-1?distro=trixie
purl pkg:deb/debian/ansible-core@2.18.0-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/ansible-core@2.18.0-1%3Fdistro=trixie
3
url pkg:deb/debian/ansible-core@2.19.4-0%2Bdeb13u1?distro=trixie
purl pkg:deb/debian/ansible-core@2.19.4-0%2Bdeb13u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/ansible-core@2.19.4-0%252Bdeb13u1%3Fdistro=trixie
4
url pkg:deb/debian/ansible-core@2.20.3-1?distro=trixie
purl pkg:deb/debian/ansible-core@2.20.3-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/ansible-core@2.20.3-1%3Fdistro=trixie
aliases CVE-2024-9902, GHSA-32p4-gm2c-wmch
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-1wv8-rvwu-nye3
Risk_scorenull
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:deb/debian/ansible-core@2.18.0-1%3Fdistro=trixie