Django REST framework

Lookup for vulnerable packages by Package URL.

Purl pkg:nuget/Microsoft.AspNetCore.App.Runtime.linux-arm@9.0.0

Type nuget

Namespace

Name Microsoft.AspNetCore.App.Runtime.linux-arm

Version 9.0.0

Qualifiers

Subpath

Is_vulnerable true

Next_non_vulnerable_version 9.0.10

Latest_non_vulnerable_version 10.0.8

Affected_by_vulnerabilities

url VCID-4kaj-5qut-rffn

vulnerability_id VCID-4kaj-5qut-rffn

summary

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-42899.json

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-42899.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2026-42899

reference_id

reference_type

scores

value	0.00036
scoring_system	epss
scoring_elements	0.11068
published_at	2026-05-30T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2026-42899

reference_url

https://github.com/dotnet/announcements/issues/397

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/dotnet/announcements/issues/397

reference_url

https://github.com/dotnet/aspnetcore

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/dotnet/aspnetcore

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2476605
reference_id	2476605
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2476605

reference_url

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-42899

reference_id

CVE-2026-42899

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-12T20:10:06Z/

url

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-42899

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2026-42899

reference_id

CVE-2026-42899

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2026-42899

reference_url

https://github.com/advisories/GHSA-9v76-4qcc-frgh

reference_id

GHSA-9v76-4qcc-frgh

reference_type

scores

value	HIGH
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-9v76-4qcc-frgh

reference_url

https://github.com/dotnet/aspnetcore/security/advisories/GHSA-9v76-4qcc-frgh

reference_id

GHSA-9v76-4qcc-frgh

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	cvssv3.1_qr
scoring_elements

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/dotnet/aspnetcore/security/advisories/GHSA-9v76-4qcc-frgh

reference_url	https://access.redhat.com/errata/RHSA-2026:17464
reference_id	RHSA-2026:17464
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:17464

reference_url	https://access.redhat.com/errata/RHSA-2026:17527
reference_id	RHSA-2026:17527
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:17527

reference_url	https://access.redhat.com/errata/RHSA-2026:17682
reference_id	RHSA-2026:17682
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:17682

reference_url	https://access.redhat.com/errata/RHSA-2026:21286
reference_id	RHSA-2026:21286
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:21286

reference_url	https://access.redhat.com/errata/RHSA-2026:21291
reference_id	RHSA-2026:21291
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:21291

reference_url	https://access.redhat.com/errata/RHSA-2026:21293
reference_id	RHSA-2026:21293
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:21293

reference_url	https://access.redhat.com/errata/RHSA-2026:21294
reference_id	RHSA-2026:21294
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:21294

reference_url	https://access.redhat.com/errata/RHSA-2026:21295
reference_id	RHSA-2026:21295
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:21295

reference_url	https://access.redhat.com/errata/RHSA-2026:21296
reference_id	RHSA-2026:21296
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:21296

reference_url	https://access.redhat.com/errata/RHSA-2026:21297
reference_id	RHSA-2026:21297
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:21297

reference_url	https://access.redhat.com/errata/RHSA-2026:21754
reference_id	RHSA-2026:21754
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:21754

reference_url	https://usn.ubuntu.com/8298-1/
reference_id	USN-8298-1
reference_type
scores
url	https://usn.ubuntu.com/8298-1/

fixed_packages

url	pkg:nuget/Microsoft.AspNetCore.App.Runtime.linux-arm@9.0.16
purl	pkg:nuget/Microsoft.AspNetCore.App.Runtime.linux-arm@9.0.16
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.AspNetCore.App.Runtime.linux-arm@9.0.16

url	pkg:nuget/Microsoft.AspNetCore.App.Runtime.linux-arm@10.0.8
purl	pkg:nuget/Microsoft.AspNetCore.App.Runtime.linux-arm@10.0.8
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.AspNetCore.App.Runtime.linux-arm@10.0.8

aliases CVE-2026-42899, GHSA-9v76-4qcc-frgh

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-4kaj-5qut-rffn

url VCID-ggxt-5r42-gydv

vulnerability_id VCID-ggxt-5r42-gydv

summary

Microsoft Security Advisory CVE-2025-55315: .NET Security Feature Bypass Vulnerability
Microsoft is releasing this security advisory to provide information about a vulnerability in ASP.NET Core 10.0 , ASP.NET Core 9.0 , ASP.NET Core 8.0, and ASP.NET Core 2.3. This advisory also provides guidance on what developers can do to update their applications to address this vulnerability.

Inconsistent interpretation of http requests ('http request/response smuggling') in ASP.NET Core allows an authorized attacker to bypass a security feature over a network.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-55315.json

reference_id

reference_type

scores

value	8.5
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:L/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-55315.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2025-55315

reference_id

reference_type

scores

value	0.01681
scoring_system	epss
scoring_elements	0.82497
published_at	2026-05-30T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2025-55315

reference_url

https://github.com/dotnet/announcements/issues/371

reference_id

reference_type

scores

value	9.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:L

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://github.com/dotnet/announcements/issues/371

reference_url

https://github.com/dotnet/aspnetcore

reference_id

reference_type

scores

value	9.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:L

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://github.com/dotnet/aspnetcore

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2403085
reference_id	2403085
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2403085

reference_url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/webapps/52492.py
reference_id	CVE-2025-55315
reference_type	exploit
scores
url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/webapps/52492.py

reference_url

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-55315

reference_id

CVE-2025-55315

reference_type

scores

value	9.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:L

value	9.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:L/E:U/RL:O/RC:C

value	CRITICAL
scoring_system	generic_textual
scoring_elements

value	Track*
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-10-28T12:57:54Z/

url

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-55315

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2025-55315

reference_id

CVE-2025-55315

reference_type

scores

value	9.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:L

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2025-55315

reference_url

https://github.com/advisories/GHSA-5rrx-jjjq-q2r5

reference_id

GHSA-5rrx-jjjq-q2r5

reference_type

scores

value	CRITICAL
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-5rrx-jjjq-q2r5

reference_url

https://github.com/dotnet/aspnetcore/security/advisories/GHSA-5rrx-jjjq-q2r5

reference_id

GHSA-5rrx-jjjq-q2r5

reference_type

scores

value	9.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:L

value	CRITICAL
scoring_system	cvssv3.1_qr
scoring_elements

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://github.com/dotnet/aspnetcore/security/advisories/GHSA-5rrx-jjjq-q2r5

reference_url	https://access.redhat.com/errata/RHSA-2025:18148
reference_id	RHSA-2025:18148
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:18148

reference_url	https://access.redhat.com/errata/RHSA-2025:18149
reference_id	RHSA-2025:18149
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:18149

reference_url	https://access.redhat.com/errata/RHSA-2025:18150
reference_id	RHSA-2025:18150
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:18150

reference_url	https://access.redhat.com/errata/RHSA-2025:18151
reference_id	RHSA-2025:18151
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:18151

reference_url	https://access.redhat.com/errata/RHSA-2025:18152
reference_id	RHSA-2025:18152
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:18152

reference_url	https://access.redhat.com/errata/RHSA-2025:18153
reference_id	RHSA-2025:18153
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:18153

reference_url	https://access.redhat.com/errata/RHSA-2025:18256
reference_id	RHSA-2025:18256
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:18256

reference_url	https://access.redhat.com/errata/RHSA-2025:23225
reference_id	RHSA-2025:23225
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:23225

reference_url	https://access.redhat.com/errata/RHSA-2026:9080
reference_id	RHSA-2026:9080
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:9080

reference_url	https://access.redhat.com/errata/RHSA-2026:9205
reference_id	RHSA-2026:9205
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:9205

reference_url	https://usn.ubuntu.com/7822-1/
reference_id	USN-7822-1
reference_type
scores
url	https://usn.ubuntu.com/7822-1/

fixed_packages

url	pkg:nuget/Microsoft.AspNetCore.App.Runtime.linux-arm@9.0.10
purl	pkg:nuget/Microsoft.AspNetCore.App.Runtime.linux-arm@9.0.10
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.AspNetCore.App.Runtime.linux-arm@9.0.10

url	pkg:nuget/Microsoft.AspNetCore.App.Runtime.linux-arm@10.0.0-rc.2.25502.107
purl	pkg:nuget/Microsoft.AspNetCore.App.Runtime.linux-arm@10.0.0-rc.2.25502.107
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.AspNetCore.App.Runtime.linux-arm@10.0.0-rc.2.25502.107

aliases CVE-2025-55315, GHSA-5rrx-jjjq-q2r5

risk_score 4.5

exploitability 0.5

weighted_severity 9.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ggxt-5r42-gydv

url VCID-gnn3-qx8c-3qfn

vulnerability_id VCID-gnn3-qx8c-3qfn

summary

.NET Denial of Service Vulnerability
Microsoft is releasing this security advisory to provide information about a vulnerability in .NET 8.0, .NET 9.0, and .NET 10.0. This advisory also provides guidance on what developers can do to update their applications to remove this vulnerability.

A denial of service vulnerability exists in ASP.NET Core due to uncontrolled resource consumption. A specially crafted message to a SignalR server can exhaust an internal buffer and cause a Denial of Service.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-26130.json

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-26130.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2026-26130

reference_id

reference_type

scores

value	0.03634
scoring_system	epss
scoring_elements	0.88031
published_at	2026-05-30T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2026-26130

reference_url

https://github.com/dotnet/aspnetcore

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/dotnet/aspnetcore

reference_url

https://www.cve.org/CVERecord?id=CVE-2026-26130

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://www.cve.org/CVERecord?id=CVE-2026-26130

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2446134
reference_id	2446134
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2446134

reference_url

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-26130

reference_id

CVE-2026-26130

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-10T19:49:23Z/

url

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-26130

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2026-26130

reference_id

CVE-2026-26130

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2026-26130

reference_url

https://github.com/advisories/GHSA-4vgm-c2wm-63mw

reference_id

GHSA-4vgm-c2wm-63mw

reference_type

scores

value	HIGH
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-4vgm-c2wm-63mw

reference_url

https://github.com/dotnet/aspnetcore/security/advisories/GHSA-4vgm-c2wm-63mw

reference_id

GHSA-4vgm-c2wm-63mw

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	cvssv3.1_qr
scoring_elements

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/dotnet/aspnetcore/security/advisories/GHSA-4vgm-c2wm-63mw

reference_url	https://access.redhat.com/errata/RHSA-2026:10082
reference_id	RHSA-2026:10082
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:10082

reference_url	https://access.redhat.com/errata/RHSA-2026:10083
reference_id	RHSA-2026:10083
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:10083

reference_url	https://access.redhat.com/errata/RHSA-2026:10084
reference_id	RHSA-2026:10084
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:10084

reference_url	https://access.redhat.com/errata/RHSA-2026:10085
reference_id	RHSA-2026:10085
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:10085

reference_url	https://access.redhat.com/errata/RHSA-2026:10091
reference_id	RHSA-2026:10091
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:10091

reference_url	https://access.redhat.com/errata/RHSA-2026:4443
reference_id	RHSA-2026:4443
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:4443

reference_url	https://access.redhat.com/errata/RHSA-2026:4445
reference_id	RHSA-2026:4445
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:4445

reference_url	https://access.redhat.com/errata/RHSA-2026:4450
reference_id	RHSA-2026:4450
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:4450

reference_url	https://access.redhat.com/errata/RHSA-2026:4451
reference_id	RHSA-2026:4451
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:4451

reference_url	https://access.redhat.com/errata/RHSA-2026:4453
reference_id	RHSA-2026:4453
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:4453

reference_url	https://access.redhat.com/errata/RHSA-2026:4454
reference_id	RHSA-2026:4454
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:4454

reference_url	https://access.redhat.com/errata/RHSA-2026:4455
reference_id	RHSA-2026:4455
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:4455

reference_url	https://access.redhat.com/errata/RHSA-2026:4456
reference_id	RHSA-2026:4456
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:4456

reference_url	https://access.redhat.com/errata/RHSA-2026:4458
reference_id	RHSA-2026:4458
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:4458

reference_url	https://usn.ubuntu.com/8085-1/
reference_id	USN-8085-1
reference_type
scores
url	https://usn.ubuntu.com/8085-1/

fixed_packages

url	pkg:nuget/Microsoft.AspNetCore.App.Runtime.linux-arm@9.0.14
purl	pkg:nuget/Microsoft.AspNetCore.App.Runtime.linux-arm@9.0.14
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.AspNetCore.App.Runtime.linux-arm@9.0.14

url	pkg:nuget/Microsoft.AspNetCore.App.Runtime.linux-arm@10.0.4
purl	pkg:nuget/Microsoft.AspNetCore.App.Runtime.linux-arm@10.0.4
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.AspNetCore.App.Runtime.linux-arm@10.0.4

aliases CVE-2026-26130, GHSA-4vgm-c2wm-63mw

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-gnn3-qx8c-3qfn

Fixing_vulnerabilities

Risk_score 4.5

Resource_url http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.AspNetCore.App.Runtime.linux-arm@9.0.0

Package Instance