Django REST framework

Lookup for vulnerable packages by Package URL.

Purl pkg:nuget/Microsoft.WindowsDesktop.App.Runtime.win-arm64@7.0.4

Type nuget

Namespace

Name Microsoft.WindowsDesktop.App.Runtime.win-arm64

Version 7.0.4

Qualifiers

Subpath

Is_vulnerable true

Next_non_vulnerable_version 7.0.9

Latest_non_vulnerable_version 8.0.4

Affected_by_vulnerabilities

url VCID-s2b7-3ffu-zyfp

vulnerability_id VCID-s2b7-3ffu-zyfp

summary

Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
.NET and Visual Studio Elevation of Privilege Vulnerability

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-33127.json

reference_id

reference_type

scores

value	8.1
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-33127.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2023-33127

reference_id

reference_type

scores

value	0.01542
scoring_system	epss
scoring_elements	0.81417
published_at	2026-04-18T12:55:00Z

value	0.01542
scoring_system	epss
scoring_elements	0.81416
published_at	2026-04-16T12:55:00Z

value	0.01542
scoring_system	epss
scoring_elements	0.81387
published_at	2026-04-12T12:55:00Z

value	0.01542
scoring_system	epss
scoring_elements	0.814
published_at	2026-04-11T12:55:00Z

value	0.01542
scoring_system	epss
scoring_elements	0.81347
published_at	2026-04-04T12:55:00Z

value	0.01542
scoring_system	epss
scoring_elements	0.81379
published_at	2026-04-13T12:55:00Z

value	0.01542
scoring_system	epss
scoring_elements	0.81374
published_at	2026-04-08T12:55:00Z

value	0.01542
scoring_system	epss
scoring_elements	0.81345
published_at	2026-04-07T12:55:00Z

value	0.01542
scoring_system	epss
scoring_elements	0.81324
published_at	2026-04-02T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2023-33127

reference_url

https://github.com/dotnet/announcements/issues/263

reference_id

reference_type

scores

value	8.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/dotnet/announcements/issues/263

reference_url

https://github.com/dotnet/runtime

reference_id

reference_type

scores

value	8.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/dotnet/runtime

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2221853
reference_id	2221853
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2221853

reference_url

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-33127

reference_id

CVE-2023-33127

reference_type

scores

value	8.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-33127

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2023-33127

reference_id

CVE-2023-33127

reference_type

scores

value	8.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2023-33127

reference_url

https://github.com/advisories/GHSA-485r-rp8v-998v

reference_id

GHSA-485r-rp8v-998v

reference_type

scores

value	HIGH
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-485r-rp8v-998v

reference_url

https://github.com/dotnet/runtime/security/advisories/GHSA-485r-rp8v-998v

reference_id

GHSA-485r-rp8v-998v

reference_type

scores

value	8.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	cvssv3.1_qr
scoring_elements

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/dotnet/runtime/security/advisories/GHSA-485r-rp8v-998v

fixed_packages

url	pkg:nuget/Microsoft.WindowsDesktop.App.Runtime.win-arm64@7.0.9
purl	pkg:nuget/Microsoft.WindowsDesktop.App.Runtime.win-arm64@7.0.9
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.WindowsDesktop.App.Runtime.win-arm64@7.0.9

aliases CVE-2023-33127, GHSA-485r-rp8v-998v

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-s2b7-3ffu-zyfp

url VCID-uwah-y7w1-tfap

vulnerability_id VCID-uwah-y7w1-tfap

summary

Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
.NET, .NET Framework, and Visual Studio Remote Code Execution Vulnerability

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-24895.json

reference_id

reference_type

scores

value	7.8
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-24895.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2023-24895

reference_id

reference_type

scores

value	0.01046
scoring_system	epss
scoring_elements	0.77445
published_at	2026-04-02T12:55:00Z

value	0.01046
scoring_system	epss
scoring_elements	0.7749
published_at	2026-04-09T12:55:00Z

value	0.01046
scoring_system	epss
scoring_elements	0.7748
published_at	2026-04-08T12:55:00Z

value	0.01046
scoring_system	epss
scoring_elements	0.77451
published_at	2026-04-07T12:55:00Z

value	0.01046
scoring_system	epss
scoring_elements	0.77471
published_at	2026-04-04T12:55:00Z

value	0.01115
scoring_system	epss
scoring_elements	0.78222
published_at	2026-04-18T12:55:00Z

value	0.01115
scoring_system	epss
scoring_elements	0.78224
published_at	2026-04-16T12:55:00Z

value	0.01115
scoring_system	epss
scoring_elements	0.78193
published_at	2026-04-13T12:55:00Z

value	0.01115
scoring_system	epss
scoring_elements	0.78196
published_at	2026-04-12T12:55:00Z

value	0.01115
scoring_system	epss
scoring_elements	0.78213
published_at	2026-04-11T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2023-24895

reference_url

https://github.com/dotnet/announcements/issues/261

reference_id

reference_type

scores

value	7.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/dotnet/announcements/issues/261

reference_url

https://github.com/dotnet/wpf

reference_id

reference_type

scores

value	7.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/dotnet/wpf

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2192439
reference_id	2192439
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2192439

reference_url

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-24895

reference_id

CVE-2023-24895

reference_type

scores

value	7.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	7.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-07-12T14:58:02Z/

url

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-24895

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2023-24895

reference_id

CVE-2023-24895

reference_type

scores

value	7.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2023-24895

reference_url

https://github.com/advisories/GHSA-jh2h-qcrw-ghg7

reference_id

GHSA-jh2h-qcrw-ghg7

reference_type

scores

value	HIGH
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-jh2h-qcrw-ghg7

reference_url

https://github.com/dotnet/wpf/security/advisories/GHSA-jh2h-qcrw-ghg7

reference_id

GHSA-jh2h-qcrw-ghg7

reference_type

scores

value	7.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	cvssv3.1_qr
scoring_elements

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/dotnet/wpf/security/advisories/GHSA-jh2h-qcrw-ghg7

fixed_packages

url pkg:nuget/Microsoft.WindowsDesktop.App.Runtime.win-arm64@7.0.7

purl pkg:nuget/Microsoft.WindowsDesktop.App.Runtime.win-arm64@7.0.7

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-s2b7-3ffu-zyfp

resource_url http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.WindowsDesktop.App.Runtime.win-arm64@7.0.7

aliases CVE-2023-24895, GHSA-jh2h-qcrw-ghg7

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-uwah-y7w1-tfap

Fixing_vulnerabilities

Risk_score 4.0

Resource_url http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.WindowsDesktop.App.Runtime.win-arm64@7.0.4

Package Instance