Django REST framework

Lookup for vulnerable packages by Package URL.

Purl pkg:nuget/Microsoft.NETCore.App.Runtime.win-arm64@6.0.18

Type nuget

Namespace

Name Microsoft.NETCore.App.Runtime.win-arm64

Version 6.0.18

Qualifiers

Subpath

Is_vulnerable false

Next_non_vulnerable_version 6.0.22

Latest_non_vulnerable_version 10.0.4

Affected_by_vulnerabilities

Fixing_vulnerabilities

url VCID-19ue-6u5k-53gc

vulnerability_id VCID-19ue-6u5k-53gc

summary

Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
.NET, .NET Framework, and Visual Studio Remote Code Execution Vulnerability

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-24897.json

reference_id

reference_type

scores

value	7.8
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-24897.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2023-24897

reference_id

reference_type

scores

value	0.01788
scoring_system	epss
scoring_elements	0.83056
published_at	2026-05-30T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2023-24897

reference_url

https://github.com/dotnet/announcements/issues/260

reference_id

reference_type

scores

value	7.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/dotnet/announcements/issues/260

reference_url

https://github.com/dotnet/runtime

reference_id

reference_type

scores

value	7.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/dotnet/runtime

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2192437
reference_id	2192437
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2192437

reference_url

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-24897

reference_id

CVE-2023-24897

reference_type

scores

value	7.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	7.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-09-27T19:43:18Z/

url

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-24897

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2023-24897

reference_id

CVE-2023-24897

reference_type

scores

value	7.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2023-24897

reference_url	https://github.com/advisories/GHSA-88q2-h5g3-p4pg
reference_id	GHSA-88q2-h5g3-p4pg
reference_type
scores
url	https://github.com/advisories/GHSA-88q2-h5g3-p4pg

reference_url

https://github.com/dotnet/runtime/security/advisories/GHSA-88q2-h5g3-p4pg

reference_id

GHSA-88q2-h5g3-p4pg

reference_type

scores

value	7.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/dotnet/runtime/security/advisories/GHSA-88q2-h5g3-p4pg

fixed_packages

url	pkg:nuget/Microsoft.NETCore.App.Runtime.win-arm64@6.0.18
purl	pkg:nuget/Microsoft.NETCore.App.Runtime.win-arm64@6.0.18
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.NETCore.App.Runtime.win-arm64@6.0.18

url	pkg:nuget/Microsoft.NETCore.App.Runtime.win-arm64@7.0.7
purl	pkg:nuget/Microsoft.NETCore.App.Runtime.win-arm64@7.0.7
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.NETCore.App.Runtime.win-arm64@7.0.7

aliases CVE-2023-24897, GHSA-88q2-h5g3-p4pg

risk_score 3.5

exploitability 0.5

weighted_severity 7.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-19ue-6u5k-53gc

url VCID-6jg2-cqdk-4qej

vulnerability_id VCID-6jg2-cqdk-4qej

summary

Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
.NET, .NET Framework, and Visual Studio Elevation of Privilege Vulnerability

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-24936.json

reference_id

reference_type

scores

value	7.4
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-24936.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2023-24936

reference_id

reference_type

scores

value	0.01159
scoring_system	epss
scoring_elements	0.78894
published_at	2026-05-30T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2023-24936

reference_url

https://github.com/dotnet/announcements/issues/259

reference_id

reference_type

scores

value	8.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/dotnet/announcements/issues/259

reference_url

https://github.com/dotnet/runtime

reference_id

reference_type

scores

value	8.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/dotnet/runtime

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2192438
reference_id	2192438
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2192438

reference_url

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-24936

reference_id

CVE-2023-24936

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C

value	8.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-05-29T14:48:19Z/

url

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-24936

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2023-24936

reference_id

CVE-2023-24936

reference_type

scores

value	8.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2023-24936

reference_url	https://github.com/advisories/GHSA-jx7q-xxmw-44vf
reference_id	GHSA-jx7q-xxmw-44vf
reference_type
scores
url	https://github.com/advisories/GHSA-jx7q-xxmw-44vf

reference_url

https://github.com/dotnet/runtime/security/advisories/GHSA-jx7q-xxmw-44vf

reference_id

GHSA-jx7q-xxmw-44vf

reference_type

scores

value	8.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/dotnet/runtime/security/advisories/GHSA-jx7q-xxmw-44vf

reference_url	https://access.redhat.com/errata/RHSA-2023:3580
reference_id	RHSA-2023:3580
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:3580

reference_url	https://access.redhat.com/errata/RHSA-2023:3581
reference_id	RHSA-2023:3581
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:3581

reference_url	https://access.redhat.com/errata/RHSA-2023:3582
reference_id	RHSA-2023:3582
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:3582

reference_url	https://access.redhat.com/errata/RHSA-2023:3592
reference_id	RHSA-2023:3592
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:3592

reference_url	https://access.redhat.com/errata/RHSA-2023:3593
reference_id	RHSA-2023:3593
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:3593

reference_url	https://usn.ubuntu.com/6161-1/
reference_id	USN-6161-1
reference_type
scores
url	https://usn.ubuntu.com/6161-1/

fixed_packages

url	pkg:nuget/Microsoft.NETCore.App.Runtime.win-arm64@6.0.18
purl	pkg:nuget/Microsoft.NETCore.App.Runtime.win-arm64@6.0.18
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.NETCore.App.Runtime.win-arm64@6.0.18

url	pkg:nuget/Microsoft.NETCore.App.Runtime.win-arm64@7.0.7
purl	pkg:nuget/Microsoft.NETCore.App.Runtime.win-arm64@7.0.7
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.NETCore.App.Runtime.win-arm64@7.0.7

aliases CVE-2023-24936, GHSA-jx7q-xxmw-44vf

risk_score 3.4

exploitability 0.5

weighted_severity 6.7

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-6jg2-cqdk-4qej

url VCID-fjvh-u5ag-wqdb

vulnerability_id VCID-fjvh-u5ag-wqdb

summary

Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
.NET, .NET Framework, and Visual Studio Denial of Service Vulnerability

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-29331.json

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-29331.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2023-29331

reference_id

reference_type

scores

value	0.01128
scoring_system	epss
scoring_elements	0.78611
published_at	2026-05-30T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2023-29331

reference_url

https://github.com/dotnet/announcements/issues/257

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/dotnet/announcements/issues/257

reference_url

https://github.com/dotnet/runtime

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/dotnet/runtime

reference_url

https://support.microsoft.com/kb/5025823

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://support.microsoft.com/kb/5025823

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2212617
reference_id	2212617
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2212617

reference_url

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-29331

reference_id

CVE-2023-29331

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-02-28T20:20:14Z/

url

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-29331

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2023-29331

reference_id

CVE-2023-29331

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2023-29331

reference_url	https://github.com/advisories/GHSA-555c-2p6r-68mm
reference_id	GHSA-555c-2p6r-68mm
reference_type
scores
url	https://github.com/advisories/GHSA-555c-2p6r-68mm

reference_url

https://github.com/dotnet/runtime/security/advisories/GHSA-555c-2p6r-68mm

reference_id

GHSA-555c-2p6r-68mm

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/dotnet/runtime/security/advisories/GHSA-555c-2p6r-68mm

reference_url	https://access.redhat.com/errata/RHSA-2023:3580
reference_id	RHSA-2023:3580
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:3580

reference_url	https://access.redhat.com/errata/RHSA-2023:3581
reference_id	RHSA-2023:3581
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:3581

reference_url	https://access.redhat.com/errata/RHSA-2023:3582
reference_id	RHSA-2023:3582
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:3582

reference_url	https://access.redhat.com/errata/RHSA-2023:3592
reference_id	RHSA-2023:3592
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:3592

reference_url	https://access.redhat.com/errata/RHSA-2023:3593
reference_id	RHSA-2023:3593
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:3593

reference_url	https://access.redhat.com/errata/RHSA-2023:4448
reference_id	RHSA-2023:4448
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4448

reference_url	https://access.redhat.com/errata/RHSA-2023:4449
reference_id	RHSA-2023:4449
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4449

reference_url	https://usn.ubuntu.com/6161-1/
reference_id	USN-6161-1
reference_type
scores
url	https://usn.ubuntu.com/6161-1/

fixed_packages

url	pkg:nuget/Microsoft.NETCore.App.Runtime.win-arm64@6.0.18
purl	pkg:nuget/Microsoft.NETCore.App.Runtime.win-arm64@6.0.18
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.NETCore.App.Runtime.win-arm64@6.0.18

url	pkg:nuget/Microsoft.NETCore.App.Runtime.win-arm64@7.0.7
purl	pkg:nuget/Microsoft.NETCore.App.Runtime.win-arm64@7.0.7
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.NETCore.App.Runtime.win-arm64@7.0.7

aliases CVE-2023-29331, GHSA-555c-2p6r-68mm

risk_score 3.4

exploitability 0.5

weighted_severity 6.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-fjvh-u5ag-wqdb

url VCID-jxkp-swjn-j3fw

vulnerability_id VCID-jxkp-swjn-j3fw

summary

Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
.NET and Visual Studio Remote Code Execution Vulnerability

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-33126.json

reference_id

reference_type

scores

value	7.3
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-33126.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2023-33126

reference_id

reference_type

scores

value	0.00873
scoring_system	epss
scoring_elements	0.75564
published_at	2026-05-30T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2023-33126

reference_url

https://github.com/dotnet/announcements/issues/254

reference_id

reference_type

scores

value	7.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/dotnet/announcements/issues/254

reference_url

https://github.com/dotnet/sdk

reference_id

reference_type

scores

value	7.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/dotnet/sdk

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2212620
reference_id	2212620
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2212620

reference_url

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-33126

reference_id

CVE-2023-33126

reference_type

scores

value	7.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H

value	7.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-07-08T14:17:17Z/

url

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-33126

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2023-33126

reference_id

CVE-2023-33126

reference_type

scores

value	7.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2023-33126

reference_url	https://github.com/advisories/GHSA-gh24-9qjj-mr67
reference_id	GHSA-gh24-9qjj-mr67
reference_type
scores
url	https://github.com/advisories/GHSA-gh24-9qjj-mr67

reference_url

https://github.com/dotnet/sdk/security/advisories/GHSA-gh24-9qjj-mr67

reference_id

GHSA-gh24-9qjj-mr67

reference_type

scores

value	7.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/dotnet/sdk/security/advisories/GHSA-gh24-9qjj-mr67

fixed_packages

url	pkg:nuget/Microsoft.NETCore.App.Runtime.win-arm64@6.0.18
purl	pkg:nuget/Microsoft.NETCore.App.Runtime.win-arm64@6.0.18
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.NETCore.App.Runtime.win-arm64@6.0.18

url	pkg:nuget/Microsoft.NETCore.App.Runtime.win-arm64@7.0.7
purl	pkg:nuget/Microsoft.NETCore.App.Runtime.win-arm64@7.0.7
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.NETCore.App.Runtime.win-arm64@7.0.7

aliases CVE-2023-33126, GHSA-gh24-9qjj-mr67

risk_score 3.3

exploitability 0.5

weighted_severity 6.6

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-jxkp-swjn-j3fw

Risk_score null

Resource_url http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.NETCore.App.Runtime.win-arm64@6.0.18

Package Instance