Django REST framework

Lookup for vulnerable packages by Package URL.

Purl pkg:nuget/Microsoft.NETCore.App.Runtime.linux-musl-arm64@7.0.0

Type nuget

Namespace

Name Microsoft.NETCore.App.Runtime.linux-musl-arm64

Version 7.0.0

Qualifiers

Subpath

Is_vulnerable true

Next_non_vulnerable_version 7.0.7

Latest_non_vulnerable_version 10.0.4

Affected_by_vulnerabilities

url VCID-3ptm-b3fw-8ycf

vulnerability_id VCID-3ptm-b3fw-8ycf

summary

Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
.NET Core and Visual Studio Denial of Service Vulnerability

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-36799.json

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-36799.json

reference_url

https://github.com/dotnet/runtime

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/dotnet/runtime

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2237317
reference_id	2237317
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2237317

reference_url

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36799

reference_id

CVE-2023-36799

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36799

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2023-36799

reference_id

CVE-2023-36799

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2023-36799

reference_url	https://github.com/advisories/GHSA-h3hv-63q5-jgpr
reference_id	GHSA-h3hv-63q5-jgpr
reference_type
scores
url	https://github.com/advisories/GHSA-h3hv-63q5-jgpr

reference_url

https://github.com/dotnet/runtime/security/advisories/GHSA-h3hv-63q5-jgpr

reference_id

GHSA-h3hv-63q5-jgpr

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/dotnet/runtime/security/advisories/GHSA-h3hv-63q5-jgpr

reference_url	https://access.redhat.com/errata/RHSA-2023:5142
reference_id	RHSA-2023:5142
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:5142

reference_url	https://access.redhat.com/errata/RHSA-2023:5143
reference_id	RHSA-2023:5143
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:5143

reference_url	https://access.redhat.com/errata/RHSA-2023:5144
reference_id	RHSA-2023:5144
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:5144

reference_url	https://access.redhat.com/errata/RHSA-2023:5145
reference_id	RHSA-2023:5145
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:5145

reference_url	https://access.redhat.com/errata/RHSA-2023:5146
reference_id	RHSA-2023:5146
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:5146

reference_url	https://access.redhat.com/errata/RHSA-2023:6242
reference_id	RHSA-2023:6242
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:6242

reference_url	https://access.redhat.com/errata/RHSA-2023:6245
reference_id	RHSA-2023:6245
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:6245

reference_url	https://access.redhat.com/errata/RHSA-2023:6246
reference_id	RHSA-2023:6246
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:6246

reference_url	https://access.redhat.com/errata/RHSA-2023:6247
reference_id	RHSA-2023:6247
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:6247

reference_url	https://access.redhat.com/errata/RHSA-2023:6249
reference_id	RHSA-2023:6249
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:6249

fixed_packages

url	pkg:nuget/Microsoft.NETCore.App.Runtime.linux-musl-arm64@7.0.11
purl	pkg:nuget/Microsoft.NETCore.App.Runtime.linux-musl-arm64@7.0.11
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.NETCore.App.Runtime.linux-musl-arm64@7.0.11

aliases CVE-2023-36799, GHSA-h3hv-63q5-jgpr

risk_score 3.1

exploitability 0.5

weighted_severity 6.2

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-3ptm-b3fw-8ycf

url VCID-7pxy-azw1-3uef

vulnerability_id VCID-7pxy-azw1-3uef

summary

Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
.NET, .NET Framework, and Visual Studio Denial of Service Vulnerability

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-29331.json

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-29331.json

reference_url

https://github.com/dotnet/announcements/issues/257

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/dotnet/announcements/issues/257

reference_url

https://github.com/dotnet/runtime

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/dotnet/runtime

reference_url

https://support.microsoft.com/kb/5025823

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://support.microsoft.com/kb/5025823

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2212617
reference_id	2212617
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2212617

reference_url

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-29331

reference_id

CVE-2023-29331

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-29331

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2023-29331

reference_id

CVE-2023-29331

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2023-29331

reference_url	https://github.com/advisories/GHSA-555c-2p6r-68mm
reference_id	GHSA-555c-2p6r-68mm
reference_type
scores
url	https://github.com/advisories/GHSA-555c-2p6r-68mm

reference_url

https://github.com/dotnet/runtime/security/advisories/GHSA-555c-2p6r-68mm

reference_id

GHSA-555c-2p6r-68mm

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/dotnet/runtime/security/advisories/GHSA-555c-2p6r-68mm

reference_url	https://access.redhat.com/errata/RHSA-2023:3580
reference_id	RHSA-2023:3580
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:3580

reference_url	https://access.redhat.com/errata/RHSA-2023:3581
reference_id	RHSA-2023:3581
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:3581

reference_url	https://access.redhat.com/errata/RHSA-2023:3582
reference_id	RHSA-2023:3582
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:3582

reference_url	https://access.redhat.com/errata/RHSA-2023:3592
reference_id	RHSA-2023:3592
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:3592

reference_url	https://access.redhat.com/errata/RHSA-2023:3593
reference_id	RHSA-2023:3593
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:3593

reference_url	https://access.redhat.com/errata/RHSA-2023:4448
reference_id	RHSA-2023:4448
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4448

reference_url	https://access.redhat.com/errata/RHSA-2023:4449
reference_id	RHSA-2023:4449
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4449

fixed_packages

url	pkg:nuget/Microsoft.NETCore.App.Runtime.linux-musl-arm64@7.0.7
purl	pkg:nuget/Microsoft.NETCore.App.Runtime.linux-musl-arm64@7.0.7
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.NETCore.App.Runtime.linux-musl-arm64@7.0.7

aliases CVE-2023-29331, GHSA-555c-2p6r-68mm

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-7pxy-azw1-3uef

url VCID-qkfu-3ybz-qucf

vulnerability_id VCID-qkfu-3ybz-qucf

summary

Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
.NET, .NET Framework, and Visual Studio Elevation of Privilege Vulnerability

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-24936.json

reference_id

reference_type

scores

value	7.4
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-24936.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2023-24936

reference_id

reference_type

scores

value	0.01159
scoring_system	epss
scoring_elements	0.78922
published_at	2026-06-04T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2023-24936

reference_url

https://github.com/dotnet/announcements/issues/259

reference_id

reference_type

scores

value	8.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/dotnet/announcements/issues/259

reference_url

https://github.com/dotnet/runtime

reference_id

reference_type

scores

value	8.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/dotnet/runtime

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2192438
reference_id	2192438
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2192438

reference_url

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-24936

reference_id

CVE-2023-24936

reference_type

scores

value	8.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-24936

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2023-24936

reference_id

CVE-2023-24936

reference_type

scores

value	8.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2023-24936

reference_url	https://github.com/advisories/GHSA-jx7q-xxmw-44vf
reference_id	GHSA-jx7q-xxmw-44vf
reference_type
scores
url	https://github.com/advisories/GHSA-jx7q-xxmw-44vf

reference_url

https://github.com/dotnet/runtime/security/advisories/GHSA-jx7q-xxmw-44vf

reference_id

GHSA-jx7q-xxmw-44vf

reference_type

scores

value	8.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/dotnet/runtime/security/advisories/GHSA-jx7q-xxmw-44vf

reference_url	https://access.redhat.com/errata/RHSA-2023:3580
reference_id	RHSA-2023:3580
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:3580

reference_url	https://access.redhat.com/errata/RHSA-2023:3581
reference_id	RHSA-2023:3581
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:3581

reference_url	https://access.redhat.com/errata/RHSA-2023:3582
reference_id	RHSA-2023:3582
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:3582

reference_url	https://access.redhat.com/errata/RHSA-2023:3592
reference_id	RHSA-2023:3592
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:3592

reference_url	https://access.redhat.com/errata/RHSA-2023:3593
reference_id	RHSA-2023:3593
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:3593

fixed_packages

url	pkg:nuget/Microsoft.NETCore.App.Runtime.linux-musl-arm64@7.0.7
purl	pkg:nuget/Microsoft.NETCore.App.Runtime.linux-musl-arm64@7.0.7
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.NETCore.App.Runtime.linux-musl-arm64@7.0.7

aliases CVE-2023-24936, GHSA-jx7q-xxmw-44vf

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-qkfu-3ybz-qucf

url VCID-rj2a-dp32-uue2

vulnerability_id VCID-rj2a-dp32-uue2

summary

Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
.NET and Visual Studio Remote Code Execution Vulnerability

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-33128.json

reference_id

reference_type

scores

value	7.3
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-33128.json

reference_url

https://github.com/dotnet/announcements/issues/253

reference_id

reference_type

scores

value	7.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/dotnet/announcements/issues/253

reference_url

https://github.com/dotnet/sdk

reference_id

reference_type

scores

value	7.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/dotnet/sdk

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2212618
reference_id	2212618
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2212618

reference_url

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-33128

reference_id

CVE-2023-33128

reference_type

scores

value	7.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-33128

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2023-33128

reference_id

CVE-2023-33128

reference_type

scores

value	7.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2023-33128

reference_url	https://github.com/advisories/GHSA-x469-cv7m-77r9
reference_id	GHSA-x469-cv7m-77r9
reference_type
scores
url	https://github.com/advisories/GHSA-x469-cv7m-77r9

reference_url

https://github.com/dotnet/sdk/security/advisories/GHSA-x469-cv7m-77r9

reference_id

GHSA-x469-cv7m-77r9

reference_type

scores

value	7.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/dotnet/sdk/security/advisories/GHSA-x469-cv7m-77r9

reference_url	https://access.redhat.com/errata/RHSA-2023:3580
reference_id	RHSA-2023:3580
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:3580

reference_url	https://access.redhat.com/errata/RHSA-2023:3581
reference_id	RHSA-2023:3581
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:3581

reference_url	https://access.redhat.com/errata/RHSA-2023:3582
reference_id	RHSA-2023:3582
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:3582

reference_url	https://access.redhat.com/errata/RHSA-2023:3592
reference_id	RHSA-2023:3592
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:3592

reference_url	https://access.redhat.com/errata/RHSA-2023:3593
reference_id	RHSA-2023:3593
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:3593

reference_url	https://access.redhat.com/errata/RHSA-2023:4448
reference_id	RHSA-2023:4448
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4448

reference_url	https://access.redhat.com/errata/RHSA-2023:4449
reference_id	RHSA-2023:4449
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4449

fixed_packages

url	pkg:nuget/Microsoft.NETCore.App.Runtime.linux-musl-arm64@7.0.7
purl	pkg:nuget/Microsoft.NETCore.App.Runtime.linux-musl-arm64@7.0.7
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.NETCore.App.Runtime.linux-musl-arm64@7.0.7

aliases CVE-2023-33128, GHSA-x469-cv7m-77r9

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-rj2a-dp32-uue2

Fixing_vulnerabilities

Risk_score 4.0

Resource_url http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.NETCore.App.Runtime.linux-musl-arm64@7.0.0

Package Instance