Django REST framework

Vulnerability Instance

Lookup for vulnerabilities affecting packages.

Vulnerability_idVCID-rvck-7bb6-cqf1
SummaryWordPress before 2.0.5 does not properly store a profile containing a string representation of a serialized object, which allows remote authenticated users to cause a denial of service (application crash) via a string that represents a (1) malformed or (2) large serialized object, because the object triggers automatic unserialization for display.
Aliases
0
alias CVE-2006-6017
Fixed_packages
0
url pkg:deb/debian/wordpress@2.0.5-0.1?distro=trixie
purl pkg:deb/debian/wordpress@2.0.5-0.1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/wordpress@2.0.5-0.1%3Fdistro=trixie
1
url pkg:deb/debian/wordpress@5.7.11%2Bdfsg1-0%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/wordpress@5.7.11%2Bdfsg1-0%2Bdeb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-eg3u-uaqx-m7f2
1
vulnerability VCID-sjsv-4uy2-aqct
2
vulnerability VCID-v95d-ak24-uqbz
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/wordpress@5.7.11%252Bdfsg1-0%252Bdeb11u1%3Fdistro=trixie
2
url pkg:deb/debian/wordpress@6.1.9%2Bdfsg1-0%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/wordpress@6.1.9%2Bdfsg1-0%2Bdeb12u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-sjsv-4uy2-aqct
1
vulnerability VCID-v95d-ak24-uqbz
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/wordpress@6.1.9%252Bdfsg1-0%252Bdeb12u1%3Fdistro=trixie
3
url pkg:deb/debian/wordpress@6.8.3%2Bdfsg1-0%2Bdeb13u1?distro=trixie
purl pkg:deb/debian/wordpress@6.8.3%2Bdfsg1-0%2Bdeb13u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/wordpress@6.8.3%252Bdfsg1-0%252Bdeb13u1%3Fdistro=trixie
4
url pkg:deb/debian/wordpress@6.9.4%2Bdfsg1-1?distro=trixie
purl pkg:deb/debian/wordpress@6.9.4%2Bdfsg1-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/wordpress@6.9.4%252Bdfsg1-1%3Fdistro=trixie
Affected_packages
References
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2006-6017
reference_id
reference_type
scores
0
value 0.02824
scoring_system epss
scoring_elements 0.86435
published_at 2026-06-04T12:55:00Z
1
value 0.02824
scoring_system epss
scoring_elements 0.86459
published_at 2026-06-05T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2006-6017
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-6017
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-6017
2
reference_url http://trac.wordpress.org/ticket/2591
reference_id 2591
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-03T15:56:09Z/
url http://trac.wordpress.org/ticket/2591
3
reference_url http://www.gentoo.org/security/en/glsa/glsa-200611-10.xml
reference_id glsa-200611-10.xml
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-03T15:56:09Z/
url http://www.gentoo.org/security/en/glsa/glsa-200611-10.xml
4
reference_url http://bugs.gentoo.org/show_bug.cgi?id=153303
reference_id show_bug.cgi?id=153303
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-03T15:56:09Z/
url http://bugs.gentoo.org/show_bug.cgi?id=153303
Weaknesses
Exploits
Severity_range_score6.5 - 6.5
Exploitabilitynull
Weighted_severitynull
Risk_scorenull
Resource_urlhttp://public2.vulnerablecode.io/vulnerabilities/VCID-rvck-7bb6-cqf1