Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:deb/debian/golang-golang-x-net@0?distro=trixie
Typedeb
Namespacedebian
Namegolang-golang-x-net
Version0
Qualifiers
distro trixie
Subpath
Is_vulnerablefalse
Next_non_vulnerable_version1:0.0+git20210119.5f4716e+dfsg-3
Latest_non_vulnerable_version1:0.53.0-1
Affected_by_vulnerabilities
Fixing_vulnerabilities
0
url VCID-h4tn-wydf-mydg
vulnerability_id VCID-h4tn-wydf-mydg
summary golang.org/x/net/http2: golang.org/x/net/http2: Denial of Service due to malformed HTTP/2 frames
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-27141.json
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-27141.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-27141
reference_id
reference_type
scores
0
value 0.00022
scoring_system epss
scoring_elements 0.0593
published_at 2026-04-02T12:55:00Z
1
value 0.00022
scoring_system epss
scoring_elements 0.06125
published_at 2026-04-21T12:55:00Z
2
value 0.00022
scoring_system epss
scoring_elements 0.05962
published_at 2026-04-04T12:55:00Z
3
value 0.00022
scoring_system epss
scoring_elements 0.05946
published_at 2026-04-07T12:55:00Z
4
value 0.00022
scoring_system epss
scoring_elements 0.05985
published_at 2026-04-08T12:55:00Z
5
value 0.00022
scoring_system epss
scoring_elements 0.06023
published_at 2026-04-09T12:55:00Z
6
value 0.00022
scoring_system epss
scoring_elements 0.06015
published_at 2026-04-11T12:55:00Z
7
value 0.00022
scoring_system epss
scoring_elements 0.06006
published_at 2026-04-12T12:55:00Z
8
value 0.00022
scoring_system epss
scoring_elements 0.05998
published_at 2026-04-13T12:55:00Z
9
value 0.00022
scoring_system epss
scoring_elements 0.05963
published_at 2026-04-16T12:55:00Z
10
value 0.00022
scoring_system epss
scoring_elements 0.05974
published_at 2026-04-18T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-27141
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2443104
reference_id 2443104
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2443104
4
reference_url https://go.dev/cl/746180
reference_id 746180
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-02-27T19:11:24Z/
url https://go.dev/cl/746180
5
reference_url https://go.dev/issue/77652
reference_id 77652
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-02-27T19:11:24Z/
url https://go.dev/issue/77652
6
reference_url https://nvd.nist.gov/vuln/detail/CVE-2026-27141
reference_id CVE-2026-27141
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-02-27T19:11:24Z/
url https://nvd.nist.gov/vuln/detail/CVE-2026-27141
7
reference_url https://pkg.go.dev/vuln/GO-2026-4559
reference_id GO-2026-4559
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-02-27T19:11:24Z/
url https://pkg.go.dev/vuln/GO-2026-4559
fixed_packages
0
url pkg:deb/debian/golang-golang-x-net@0?distro=trixie
purl pkg:deb/debian/golang-golang-x-net@0?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-golang-x-net@0%3Fdistro=trixie
1
url pkg:deb/debian/golang-golang-x-net@1:0.0%2Bgit20210119.5f4716e%2Bdfsg-4?distro=trixie
purl pkg:deb/debian/golang-golang-x-net@1:0.0%2Bgit20210119.5f4716e%2Bdfsg-4?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3zyn-rapk-ybe8
1
vulnerability VCID-5kkq-5jpf-fqev
2
vulnerability VCID-73s2-6cpr-gkdu
3
vulnerability VCID-aj2b-56uj-gkar
4
vulnerability VCID-asx6-ds7x-6ubz
5
vulnerability VCID-azr4-u36f-pbew
6
vulnerability VCID-g8qg-4g78-pfgn
7
vulnerability VCID-k6de-54xk-dkfv
8
vulnerability VCID-sdd3-35ng-g7a3
9
vulnerability VCID-w53f-uad6-gqdn
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-golang-x-net@1:0.0%252Bgit20210119.5f4716e%252Bdfsg-4%3Fdistro=trixie
2
url pkg:deb/debian/golang-golang-x-net@1:0.7.0%2Bdfsg-1?distro=trixie
purl pkg:deb/debian/golang-golang-x-net@1:0.7.0%2Bdfsg-1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3zyn-rapk-ybe8
1
vulnerability VCID-73s2-6cpr-gkdu
2
vulnerability VCID-aj2b-56uj-gkar
3
vulnerability VCID-asx6-ds7x-6ubz
4
vulnerability VCID-g8qg-4g78-pfgn
5
vulnerability VCID-k6de-54xk-dkfv
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-golang-x-net@1:0.7.0%252Bdfsg-1%3Fdistro=trixie
3
url pkg:deb/debian/golang-golang-x-net@1:0.27.0-2?distro=trixie
purl pkg:deb/debian/golang-golang-x-net@1:0.27.0-2?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-73s2-6cpr-gkdu
1
vulnerability VCID-asx6-ds7x-6ubz
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-golang-x-net@1:0.27.0-2%3Fdistro=trixie
4
url pkg:deb/debian/golang-golang-x-net@1:0.47.0-2?distro=trixie
purl pkg:deb/debian/golang-golang-x-net@1:0.47.0-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-golang-x-net@1:0.47.0-2%3Fdistro=trixie
5
url pkg:deb/debian/golang-golang-x-net@1:0.53.0-1?distro=trixie
purl pkg:deb/debian/golang-golang-x-net@1:0.53.0-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-golang-x-net@1:0.53.0-1%3Fdistro=trixie
aliases CVE-2026-27141
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-h4tn-wydf-mydg
1
url VCID-x54w-scep-kyde
vulnerability_id VCID-x54w-scep-kyde
summary 
golang.org/x/net/http2/h2c vulnerable to request smuggling attack
A request smuggling attack is possible when using MaxBytesHandler. When using MaxBytesHandler, the body of an HTTP request is not fully consumed. When the server attempts to read HTTP2 frames from the connection, it will instead be reading the body of the HTTP request, which could be attacker-manipulated to represent arbitrary HTTP2 requests.

### Specific Go Packages Affected
golang.org/x/net/http2/h2c
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-41721.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-41721.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-41721
reference_id
reference_type
scores
0
value 0.00066
scoring_system epss
scoring_elements 0.20528
published_at 2026-04-18T12:55:00Z
1
value 0.00066
scoring_system epss
scoring_elements 0.20705
published_at 2026-04-02T12:55:00Z
2
value 0.00066
scoring_system epss
scoring_elements 0.20485
published_at 2026-04-07T12:55:00Z
3
value 0.00066
scoring_system epss
scoring_elements 0.20765
published_at 2026-04-04T12:55:00Z
4
value 0.00066
scoring_system epss
scoring_elements 0.20531
published_at 2026-04-16T12:55:00Z
5
value 0.00066
scoring_system epss
scoring_elements 0.20546
published_at 2026-04-13T12:55:00Z
6
value 0.00066
scoring_system epss
scoring_elements 0.20599
published_at 2026-04-12T12:55:00Z
7
value 0.00066
scoring_system epss
scoring_elements 0.20641
published_at 2026-04-11T12:55:00Z
8
value 0.00066
scoring_system epss
scoring_elements 0.20621
published_at 2026-04-09T12:55:00Z
9
value 0.00066
scoring_system epss
scoring_elements 0.20562
published_at 2026-04-08T12:55:00Z
10
value 0.00074
scoring_system epss
scoring_elements 0.22441
published_at 2026-04-21T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-41721
2
reference_url https://cs.opensource.google/go/x/net
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://cs.opensource.google/go/x/net
3
reference_url https://go.dev/cl/447396
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-04T14:43:40Z/
url https://go.dev/cl/447396
4
reference_url https://go.dev/issue/56352
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-04T14:43:40Z/
url https://go.dev/issue/56352
5
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/X3H3EWQXM2XL5AGBX6UL443JEJ3GQXJN
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/X3H3EWQXM2XL5AGBX6UL443JEJ3GQXJN
6
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/X5DXTLLWN6HKI5I35EUZRBISTNZJ75GP
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/X5DXTLLWN6HKI5I35EUZRBISTNZJ75GP
7
reference_url https://nvd.nist.gov/vuln/detail/CVE-2022-41721
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2022-41721
8
reference_url https://pkg.go.dev/vuln/GO-2023-1495
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-04T14:43:40Z/
url https://pkg.go.dev/vuln/GO-2023-1495
9
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2162182
reference_id 2162182
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2162182
10
reference_url https://access.redhat.com/errata/RHSA-2023:1326
reference_id RHSA-2023:1326
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:1326
11
reference_url https://access.redhat.com/errata/RHSA-2023:4627
reference_id RHSA-2023:4627
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:4627
12
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/X3H3EWQXM2XL5AGBX6UL443JEJ3GQXJN/
reference_id X3H3EWQXM2XL5AGBX6UL443JEJ3GQXJN
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-04T14:43:40Z/
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/X3H3EWQXM2XL5AGBX6UL443JEJ3GQXJN/
13
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/X5DXTLLWN6HKI5I35EUZRBISTNZJ75GP/
reference_id X5DXTLLWN6HKI5I35EUZRBISTNZJ75GP
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-04T14:43:40Z/
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/X5DXTLLWN6HKI5I35EUZRBISTNZJ75GP/
fixed_packages
0
url pkg:deb/debian/golang-golang-x-net@0?distro=trixie
purl pkg:deb/debian/golang-golang-x-net@0?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-golang-x-net@0%3Fdistro=trixie
1
url pkg:deb/debian/golang-golang-x-net@1:0.0%2Bgit20210119.5f4716e%2Bdfsg-4?distro=trixie
purl pkg:deb/debian/golang-golang-x-net@1:0.0%2Bgit20210119.5f4716e%2Bdfsg-4?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3zyn-rapk-ybe8
1
vulnerability VCID-5kkq-5jpf-fqev
2
vulnerability VCID-73s2-6cpr-gkdu
3
vulnerability VCID-aj2b-56uj-gkar
4
vulnerability VCID-asx6-ds7x-6ubz
5
vulnerability VCID-azr4-u36f-pbew
6
vulnerability VCID-g8qg-4g78-pfgn
7
vulnerability VCID-k6de-54xk-dkfv
8
vulnerability VCID-sdd3-35ng-g7a3
9
vulnerability VCID-w53f-uad6-gqdn
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-golang-x-net@1:0.0%252Bgit20210119.5f4716e%252Bdfsg-4%3Fdistro=trixie
2
url pkg:deb/debian/golang-golang-x-net@1:0.4.0%2Bdfsg-1?distro=trixie
purl pkg:deb/debian/golang-golang-x-net@1:0.4.0%2Bdfsg-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-golang-x-net@1:0.4.0%252Bdfsg-1%3Fdistro=trixie
3
url pkg:deb/debian/golang-golang-x-net@1:0.7.0%2Bdfsg-1?distro=trixie
purl pkg:deb/debian/golang-golang-x-net@1:0.7.0%2Bdfsg-1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3zyn-rapk-ybe8
1
vulnerability VCID-73s2-6cpr-gkdu
2
vulnerability VCID-aj2b-56uj-gkar
3
vulnerability VCID-asx6-ds7x-6ubz
4
vulnerability VCID-g8qg-4g78-pfgn
5
vulnerability VCID-k6de-54xk-dkfv
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-golang-x-net@1:0.7.0%252Bdfsg-1%3Fdistro=trixie
4
url pkg:deb/debian/golang-golang-x-net@1:0.27.0-2?distro=trixie
purl pkg:deb/debian/golang-golang-x-net@1:0.27.0-2?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-73s2-6cpr-gkdu
1
vulnerability VCID-asx6-ds7x-6ubz
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-golang-x-net@1:0.27.0-2%3Fdistro=trixie
5
url pkg:deb/debian/golang-golang-x-net@1:0.47.0-2?distro=trixie
purl pkg:deb/debian/golang-golang-x-net@1:0.47.0-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-golang-x-net@1:0.47.0-2%3Fdistro=trixie
6
url pkg:deb/debian/golang-golang-x-net@1:0.53.0-1?distro=trixie
purl pkg:deb/debian/golang-golang-x-net@1:0.53.0-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-golang-x-net@1:0.53.0-1%3Fdistro=trixie
aliases CVE-2022-41721, GHSA-fxg5-wq6x-vr4w
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-x54w-scep-kyde
Risk_scorenull
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-golang-x-net@0%3Fdistro=trixie