Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:nuget/Microsoft.NETCore.App.Runtime.linux-musl-arm@10.0.4
Typenuget
Namespace
NameMicrosoft.NETCore.App.Runtime.linux-musl-arm
Version10.0.4
Qualifiers
Subpath
Is_vulnerablefalse
Next_non_vulnerable_versionnull
Latest_non_vulnerable_versionnull
Affected_by_vulnerabilities
Fixing_vulnerabilities
0
url VCID-6var-2f21-13cd
vulnerability_id VCID-6var-2f21-13cd
summary 
.NET Denial of Service Vulnerability
Microsoft is releasing this security advisory to provide information about a vulnerability in .NET 9.0 and .NET 10.0. This advisory also provides guidance on what developers can do to update their applications to remove this vulnerability.

A denial of service vulnerability exists in .NET and Microsoft.Bcl.Memory due to an out-of-bounds read when decoding malformed Base64Url input.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-26127.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-26127.json
1
reference_url https://github.com/dotnet/runtime
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/dotnet/runtime
2
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2446098
reference_id 2446098
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2446098
3
reference_url https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-26127
reference_id CVE-2026-26127
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-26127
4
reference_url https://nvd.nist.gov/vuln/detail/CVE-2026-26127
reference_id CVE-2026-26127
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2026-26127
5
reference_url https://github.com/advisories/GHSA-73j8-2gch-69rq
reference_id GHSA-73j8-2gch-69rq
reference_type
scores
url https://github.com/advisories/GHSA-73j8-2gch-69rq
6
reference_url https://github.com/dotnet/runtime/security/advisories/GHSA-73j8-2gch-69rq
reference_id GHSA-73j8-2gch-69rq
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/dotnet/runtime/security/advisories/GHSA-73j8-2gch-69rq
7
reference_url https://access.redhat.com/errata/RHSA-2026:10083
reference_id RHSA-2026:10083
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:10083
8
reference_url https://access.redhat.com/errata/RHSA-2026:10085
reference_id RHSA-2026:10085
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:10085
9
reference_url https://access.redhat.com/errata/RHSA-2026:4443
reference_id RHSA-2026:4443
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:4443
10
reference_url https://access.redhat.com/errata/RHSA-2026:4445
reference_id RHSA-2026:4445
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:4445
11
reference_url https://access.redhat.com/errata/RHSA-2026:4450
reference_id RHSA-2026:4450
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:4450
12
reference_url https://access.redhat.com/errata/RHSA-2026:4453
reference_id RHSA-2026:4453
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:4453
13
reference_url https://access.redhat.com/errata/RHSA-2026:4456
reference_id RHSA-2026:4456
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:4456
14
reference_url https://access.redhat.com/errata/RHSA-2026:4458
reference_id RHSA-2026:4458
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:4458
fixed_packages
0
url pkg:nuget/Microsoft.NETCore.App.Runtime.linux-musl-arm@9.0.14
purl pkg:nuget/Microsoft.NETCore.App.Runtime.linux-musl-arm@9.0.14
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.NETCore.App.Runtime.linux-musl-arm@9.0.14
1
url pkg:nuget/Microsoft.NETCore.App.Runtime.linux-musl-arm@10.0.4
purl pkg:nuget/Microsoft.NETCore.App.Runtime.linux-musl-arm@10.0.4
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.NETCore.App.Runtime.linux-musl-arm@10.0.4
aliases CVE-2026-26127, GHSA-73j8-2gch-69rq
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-6var-2f21-13cd
1
url VCID-9uun-xxhj-fuee
vulnerability_id VCID-9uun-xxhj-fuee
summary 
.NET Elevation of Privilege Vulnerability
Microsoft is releasing this security advisory to provide information about a vulnerability in .NET 10.0. This advisory also provides guidance on what developers can do to update their applications to remove this vulnerability.

An elevation of privilege vulnerability exists in .NET due to improper authorization. Incorrect packaging permissions could allow an attacker to gain elevated privileges.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-26131.json
reference_id
reference_type
scores
0
value 7.8
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-26131.json
1
reference_url https://github.com/dotnet/runtime
reference_id
reference_type
scores
0
value 7.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/dotnet/runtime
2
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2446069
reference_id 2446069
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2446069
3
reference_url https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-26131
reference_id CVE-2026-26131
reference_type
scores
0
value 7.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-26131
4
reference_url https://nvd.nist.gov/vuln/detail/CVE-2026-26131
reference_id CVE-2026-26131
reference_type
scores
0
value 7.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2026-26131
5
reference_url https://github.com/advisories/GHSA-crjq-wm6x-6qx7
reference_id GHSA-crjq-wm6x-6qx7
reference_type
scores
url https://github.com/advisories/GHSA-crjq-wm6x-6qx7
6
reference_url https://github.com/dotnet/runtime/security/advisories/GHSA-crjq-wm6x-6qx7
reference_id GHSA-crjq-wm6x-6qx7
reference_type
scores
0
value 7.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/dotnet/runtime/security/advisories/GHSA-crjq-wm6x-6qx7
7
reference_url https://access.redhat.com/errata/RHSA-2026:9077
reference_id RHSA-2026:9077
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:9077
fixed_packages
0
url pkg:nuget/Microsoft.NETCore.App.Runtime.linux-musl-arm@10.0.4
purl pkg:nuget/Microsoft.NETCore.App.Runtime.linux-musl-arm@10.0.4
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.NETCore.App.Runtime.linux-musl-arm@10.0.4
aliases CVE-2026-26131, GHSA-crjq-wm6x-6qx7
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-9uun-xxhj-fuee
2
url VCID-rrdb-9frq-myay
vulnerability_id VCID-rrdb-9frq-myay
summary 
Duplicate Advisory: Microsoft Security Advisory CVE-2026-26131 – .NET Elevation of Privilege Vulnerability
### Duplicate Advisory
This advisory has been withdrawn because it is a duplicate of GHSA-crjq-wm6x-6qx7. This link is maintained to preserve external references.

### Original Description

Incorrect default permissions in .NET allows an authorized attacker to elevate privileges locally.
references
0
reference_url https://github.com/dotnet/dotnet
reference_id
reference_type
scores
0
value 7.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/dotnet/dotnet
1
reference_url https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-26131
reference_id CVE-2026-26131
reference_type
scores
0
value 7.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-26131
2
reference_url https://nvd.nist.gov/vuln/detail/CVE-2026-26131
reference_id CVE-2026-26131
reference_type
scores
0
value 7.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2026-26131
3
reference_url https://github.com/advisories/GHSA-387c-qmrw-59qv
reference_id GHSA-387c-qmrw-59qv
reference_type
scores
url https://github.com/advisories/GHSA-387c-qmrw-59qv
fixed_packages
0
url pkg:nuget/Microsoft.NETCore.App.Runtime.linux-musl-arm@10.0.4
purl pkg:nuget/Microsoft.NETCore.App.Runtime.linux-musl-arm@10.0.4
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.NETCore.App.Runtime.linux-musl-arm@10.0.4
aliases GHSA-387c-qmrw-59qv
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-rrdb-9frq-myay
Risk_scorenull
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.NETCore.App.Runtime.linux-musl-arm@10.0.4