Django REST framework

Lookup for vulnerable packages by Package URL.

Purl pkg:nuget/Microsoft.NETCore.App.Runtime.linux-musl-arm64@6.0.0

Type nuget

Namespace

Name Microsoft.NETCore.App.Runtime.linux-musl-arm64

Version 6.0.0

Qualifiers

Subpath

Is_vulnerable true

Next_non_vulnerable_version 6.0.18

Latest_non_vulnerable_version 10.0.4

Affected_by_vulnerabilities

url VCID-3ptm-b3fw-8ycf

vulnerability_id VCID-3ptm-b3fw-8ycf

summary

Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
.NET Core and Visual Studio Denial of Service Vulnerability

references

reference_url	https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36799
reference_id	CVE-2023-36799
reference_type
scores
url	https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36799

reference_url	https://nvd.nist.gov/vuln/detail/CVE-2023-36799
reference_id	CVE-2023-36799
reference_type
scores
url	https://nvd.nist.gov/vuln/detail/CVE-2023-36799

reference_url	https://github.com/advisories/GHSA-h3hv-63q5-jgpr
reference_id	GHSA-h3hv-63q5-jgpr
reference_type
scores
url	https://github.com/advisories/GHSA-h3hv-63q5-jgpr

reference_url	https://github.com/dotnet/runtime/security/advisories/GHSA-h3hv-63q5-jgpr
reference_id	GHSA-h3hv-63q5-jgpr
reference_type
scores
url	https://github.com/dotnet/runtime/security/advisories/GHSA-h3hv-63q5-jgpr

fixed_packages

url	pkg:nuget/Microsoft.NETCore.App.Runtime.linux-musl-arm64@6.0.22
purl	pkg:nuget/Microsoft.NETCore.App.Runtime.linux-musl-arm64@6.0.22
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.NETCore.App.Runtime.linux-musl-arm64@6.0.22

url	pkg:nuget/Microsoft.NETCore.App.Runtime.linux-musl-arm64@7.0.11
purl	pkg:nuget/Microsoft.NETCore.App.Runtime.linux-musl-arm64@7.0.11
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.NETCore.App.Runtime.linux-musl-arm64@7.0.11

aliases CVE-2023-36799, GHSA-h3hv-63q5-jgpr

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-3ptm-b3fw-8ycf

url VCID-7pxy-azw1-3uef

vulnerability_id VCID-7pxy-azw1-3uef

summary

Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
.NET, .NET Framework, and Visual Studio Denial of Service Vulnerability

references

reference_url	https://github.com/dotnet/announcements/issues/257
reference_id
reference_type
scores
url	https://github.com/dotnet/announcements/issues/257

reference_url	https://support.microsoft.com/kb/5025823
reference_id
reference_type
scores
url	https://support.microsoft.com/kb/5025823

reference_url	https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-29331
reference_id	CVE-2023-29331
reference_type
scores
url	https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-29331

reference_url	https://nvd.nist.gov/vuln/detail/CVE-2023-29331
reference_id	CVE-2023-29331
reference_type
scores
url	https://nvd.nist.gov/vuln/detail/CVE-2023-29331

reference_url	https://github.com/advisories/GHSA-555c-2p6r-68mm
reference_id	GHSA-555c-2p6r-68mm
reference_type
scores
url	https://github.com/advisories/GHSA-555c-2p6r-68mm

reference_url	https://github.com/dotnet/runtime/security/advisories/GHSA-555c-2p6r-68mm
reference_id	GHSA-555c-2p6r-68mm
reference_type
scores
url	https://github.com/dotnet/runtime/security/advisories/GHSA-555c-2p6r-68mm

fixed_packages

url	pkg:nuget/Microsoft.NETCore.App.Runtime.linux-musl-arm64@6.0.18
purl	pkg:nuget/Microsoft.NETCore.App.Runtime.linux-musl-arm64@6.0.18
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.NETCore.App.Runtime.linux-musl-arm64@6.0.18

url	pkg:nuget/Microsoft.NETCore.App.Runtime.linux-musl-arm64@7.0.7
purl	pkg:nuget/Microsoft.NETCore.App.Runtime.linux-musl-arm64@7.0.7
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.NETCore.App.Runtime.linux-musl-arm64@7.0.7

aliases CVE-2023-29331, GHSA-555c-2p6r-68mm

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-7pxy-azw1-3uef

url VCID-qkfu-3ybz-qucf

vulnerability_id VCID-qkfu-3ybz-qucf

summary

Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
.NET, .NET Framework, and Visual Studio Elevation of Privilege Vulnerability

references

reference_url	https://github.com/dotnet/announcements/issues/259
reference_id
reference_type
scores
url	https://github.com/dotnet/announcements/issues/259

reference_url	https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-24936
reference_id	CVE-2023-24936
reference_type
scores
url	https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-24936

reference_url	https://nvd.nist.gov/vuln/detail/CVE-2023-24936
reference_id	CVE-2023-24936
reference_type
scores
url	https://nvd.nist.gov/vuln/detail/CVE-2023-24936

reference_url	https://github.com/advisories/GHSA-jx7q-xxmw-44vf
reference_id	GHSA-jx7q-xxmw-44vf
reference_type
scores
url	https://github.com/advisories/GHSA-jx7q-xxmw-44vf

reference_url	https://github.com/dotnet/runtime/security/advisories/GHSA-jx7q-xxmw-44vf
reference_id	GHSA-jx7q-xxmw-44vf
reference_type
scores
url	https://github.com/dotnet/runtime/security/advisories/GHSA-jx7q-xxmw-44vf

fixed_packages

url	pkg:nuget/Microsoft.NETCore.App.Runtime.linux-musl-arm64@6.0.18
purl	pkg:nuget/Microsoft.NETCore.App.Runtime.linux-musl-arm64@6.0.18
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.NETCore.App.Runtime.linux-musl-arm64@6.0.18

url	pkg:nuget/Microsoft.NETCore.App.Runtime.linux-musl-arm64@7.0.7
purl	pkg:nuget/Microsoft.NETCore.App.Runtime.linux-musl-arm64@7.0.7
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.NETCore.App.Runtime.linux-musl-arm64@7.0.7

aliases CVE-2023-24936, GHSA-jx7q-xxmw-44vf

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-qkfu-3ybz-qucf

Fixing_vulnerabilities

Risk_score null

Resource_url http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.NETCore.App.Runtime.linux-musl-arm64@6.0.0

Package Instance