Django REST framework

Lookup for vulnerabilities affecting packages.

Vulnerability_id VCID-tzm5-dtk1-kbf2

Summary

Aliases

alias	CVE-2024-9026

Fixed_packages

url	pkg:apk/alpine/php81@8.1.30-r0?arch=aarch64&distroversion=v3.19&reponame=community
purl	pkg:apk/alpine/php81@8.1.30-r0?arch=aarch64&distroversion=v3.19&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/php81@8.1.30-r0%3Farch=aarch64&distroversion=v3.19&reponame=community

url	pkg:apk/alpine/php81@8.1.30-r0?arch=armhf&distroversion=v3.19&reponame=community
purl	pkg:apk/alpine/php81@8.1.30-r0?arch=armhf&distroversion=v3.19&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/php81@8.1.30-r0%3Farch=armhf&distroversion=v3.19&reponame=community

url	pkg:apk/alpine/php81@8.1.30-r0?arch=armv7&distroversion=v3.19&reponame=community
purl	pkg:apk/alpine/php81@8.1.30-r0?arch=armv7&distroversion=v3.19&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/php81@8.1.30-r0%3Farch=armv7&distroversion=v3.19&reponame=community

url	pkg:apk/alpine/php81@8.1.30-r0?arch=ppc64le&distroversion=v3.19&reponame=community
purl	pkg:apk/alpine/php81@8.1.30-r0?arch=ppc64le&distroversion=v3.19&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/php81@8.1.30-r0%3Farch=ppc64le&distroversion=v3.19&reponame=community

url	pkg:apk/alpine/php81@8.1.30-r0?arch=s390x&distroversion=v3.19&reponame=community
purl	pkg:apk/alpine/php81@8.1.30-r0?arch=s390x&distroversion=v3.19&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/php81@8.1.30-r0%3Farch=s390x&distroversion=v3.19&reponame=community

url	pkg:apk/alpine/php81@8.1.30-r0?arch=x86&distroversion=v3.19&reponame=community
purl	pkg:apk/alpine/php81@8.1.30-r0?arch=x86&distroversion=v3.19&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/php81@8.1.30-r0%3Farch=x86&distroversion=v3.19&reponame=community

url	pkg:apk/alpine/php81@8.1.30-r0?arch=x86_64&distroversion=v3.19&reponame=community
purl	pkg:apk/alpine/php81@8.1.30-r0?arch=x86_64&distroversion=v3.19&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/php81@8.1.30-r0%3Farch=x86_64&distroversion=v3.19&reponame=community

url	pkg:apk/alpine/php82@8.2.24-r0?arch=aarch64&distroversion=v3.20&reponame=community
purl	pkg:apk/alpine/php82@8.2.24-r0?arch=aarch64&distroversion=v3.20&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/php82@8.2.24-r0%3Farch=aarch64&distroversion=v3.20&reponame=community

url	pkg:apk/alpine/php82@8.2.24-r0?arch=armhf&distroversion=v3.20&reponame=community
purl	pkg:apk/alpine/php82@8.2.24-r0?arch=armhf&distroversion=v3.20&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/php82@8.2.24-r0%3Farch=armhf&distroversion=v3.20&reponame=community

url	pkg:apk/alpine/php82@8.2.24-r0?arch=armv7&distroversion=v3.20&reponame=community
purl	pkg:apk/alpine/php82@8.2.24-r0?arch=armv7&distroversion=v3.20&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/php82@8.2.24-r0%3Farch=armv7&distroversion=v3.20&reponame=community

url	pkg:apk/alpine/php82@8.2.24-r0?arch=ppc64le&distroversion=v3.20&reponame=community
purl	pkg:apk/alpine/php82@8.2.24-r0?arch=ppc64le&distroversion=v3.20&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/php82@8.2.24-r0%3Farch=ppc64le&distroversion=v3.20&reponame=community

url	pkg:apk/alpine/php82@8.2.24-r0?arch=riscv64&distroversion=v3.20&reponame=community
purl	pkg:apk/alpine/php82@8.2.24-r0?arch=riscv64&distroversion=v3.20&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/php82@8.2.24-r0%3Farch=riscv64&distroversion=v3.20&reponame=community

url	pkg:apk/alpine/php82@8.2.24-r0?arch=s390x&distroversion=v3.20&reponame=community
purl	pkg:apk/alpine/php82@8.2.24-r0?arch=s390x&distroversion=v3.20&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/php82@8.2.24-r0%3Farch=s390x&distroversion=v3.20&reponame=community

url	pkg:apk/alpine/php82@8.2.24-r0?arch=x86&distroversion=v3.20&reponame=community
purl	pkg:apk/alpine/php82@8.2.24-r0?arch=x86&distroversion=v3.20&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/php82@8.2.24-r0%3Farch=x86&distroversion=v3.20&reponame=community

url	pkg:apk/alpine/php82@8.2.24-r0?arch=x86_64&distroversion=v3.20&reponame=community
purl	pkg:apk/alpine/php82@8.2.24-r0?arch=x86_64&distroversion=v3.20&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/php82@8.2.24-r0%3Farch=x86_64&distroversion=v3.20&reponame=community

url	pkg:apk/alpine/php83@8.3.12-r0?arch=aarch64&distroversion=v3.20&reponame=community
purl	pkg:apk/alpine/php83@8.3.12-r0?arch=aarch64&distroversion=v3.20&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/php83@8.3.12-r0%3Farch=aarch64&distroversion=v3.20&reponame=community

url	pkg:apk/alpine/php83@8.3.12-r0?arch=armhf&distroversion=v3.20&reponame=community
purl	pkg:apk/alpine/php83@8.3.12-r0?arch=armhf&distroversion=v3.20&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/php83@8.3.12-r0%3Farch=armhf&distroversion=v3.20&reponame=community

url	pkg:apk/alpine/php83@8.3.12-r0?arch=armv7&distroversion=v3.20&reponame=community
purl	pkg:apk/alpine/php83@8.3.12-r0?arch=armv7&distroversion=v3.20&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/php83@8.3.12-r0%3Farch=armv7&distroversion=v3.20&reponame=community

url	pkg:apk/alpine/php83@8.3.12-r0?arch=ppc64le&distroversion=v3.20&reponame=community
purl	pkg:apk/alpine/php83@8.3.12-r0?arch=ppc64le&distroversion=v3.20&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/php83@8.3.12-r0%3Farch=ppc64le&distroversion=v3.20&reponame=community

url	pkg:apk/alpine/php83@8.3.12-r0?arch=riscv64&distroversion=v3.20&reponame=community
purl	pkg:apk/alpine/php83@8.3.12-r0?arch=riscv64&distroversion=v3.20&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/php83@8.3.12-r0%3Farch=riscv64&distroversion=v3.20&reponame=community

url	pkg:apk/alpine/php83@8.3.12-r0?arch=s390x&distroversion=v3.20&reponame=community
purl	pkg:apk/alpine/php83@8.3.12-r0?arch=s390x&distroversion=v3.20&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/php83@8.3.12-r0%3Farch=s390x&distroversion=v3.20&reponame=community

url	pkg:apk/alpine/php83@8.3.12-r0?arch=x86&distroversion=v3.20&reponame=community
purl	pkg:apk/alpine/php83@8.3.12-r0?arch=x86&distroversion=v3.20&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/php83@8.3.12-r0%3Farch=x86&distroversion=v3.20&reponame=community

url	pkg:apk/alpine/php83@8.3.12-r0?arch=x86_64&distroversion=v3.20&reponame=community
purl	pkg:apk/alpine/php83@8.3.12-r0?arch=x86_64&distroversion=v3.20&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/php83@8.3.12-r0%3Farch=x86_64&distroversion=v3.20&reponame=community

url	pkg:deb/debian/php7.4@7.4.33-1%2Bdeb11u5?distro=bullseye
purl	pkg:deb/debian/php7.4@7.4.33-1%2Bdeb11u5?distro=bullseye
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/php7.4@7.4.33-1%252Bdeb11u5%3Fdistro=bullseye

url	pkg:deb/debian/php7.4@7.4.33-1%2Bdeb11u6?distro=bullseye
purl	pkg:deb/debian/php7.4@7.4.33-1%2Bdeb11u6?distro=bullseye
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/php7.4@7.4.33-1%252Bdeb11u6%3Fdistro=bullseye

url	pkg:deb/debian/php8.2@8.2.24-1~deb12u1?distro=bookworm
purl	pkg:deb/debian/php8.2@8.2.24-1~deb12u1?distro=bookworm
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/php8.2@8.2.24-1~deb12u1%3Fdistro=bookworm

url	pkg:deb/debian/php8.2@8.2.31-1~deb12u1?distro=bookworm
purl	pkg:deb/debian/php8.2@8.2.31-1~deb12u1?distro=bookworm
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/php8.2@8.2.31-1~deb12u1%3Fdistro=bookworm

url	pkg:ebuild/dev-lang/php@8.1.30
purl	pkg:ebuild/dev-lang/php@8.1.30
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-lang/php@8.1.30

url	pkg:ebuild/dev-lang/php@8.2.24
purl	pkg:ebuild/dev-lang/php@8.2.24
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-lang/php@8.2.24

url	pkg:ebuild/dev-lang/php@8.3.12
purl	pkg:ebuild/dev-lang/php@8.3.12
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-lang/php@8.3.12

Affected_packages

url pkg:deb/debian/php7.4@7.4.33-1%2Bdeb11u5

purl pkg:deb/debian/php7.4@7.4.33-1%2Bdeb11u5

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2uxt-nqyw-7ye3

vulnerability	VCID-3ssg-dz5x-w7h8

vulnerability	VCID-3v98-rqej-zqhq

vulnerability	VCID-47f4-6bzb-cffp

vulnerability	VCID-4dcy-f8uv-zkgn

vulnerability	VCID-4f1k-66mf-67ek

vulnerability	VCID-5enc-sfwh-aug6

vulnerability	VCID-5py5-2rfc-hyen

vulnerability	VCID-651b-43uu-2fep

vulnerability	VCID-689c-96hs-5bdm

vulnerability	VCID-bfzx-yj73-wkhb

vulnerability	VCID-bn76-aa8p-yya7

vulnerability	VCID-d7tu-cwkf-3ket

vulnerability	VCID-dh7h-wfrt-fug7

vulnerability	VCID-epbz-7qd7-xuas

vulnerability	VCID-f5jb-qpkv-9yac

vulnerability	VCID-fspr-yckc-6ke9

vulnerability	VCID-kbzn-jfrr-2bcv

vulnerability	VCID-m8mg-192p-sya9

vulnerability	VCID-nebp-9kuy-d3cf

vulnerability	VCID-qax3-zeeb-qbdb

vulnerability	VCID-tzm5-dtk1-kbf2

vulnerability	VCID-u318-k8bh-7fft

vulnerability	VCID-vdyy-rujw-yyca

vulnerability	VCID-w2qz-sqkf-fuet

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/php7.4@7.4.33-1%252Bdeb11u5

url pkg:rpm/redhat/php@8.0.30-2?arch=el9

purl pkg:rpm/redhat/php@8.0.30-2?arch=el9

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-3v98-rqej-zqhq

vulnerability	VCID-47f4-6bzb-cffp

vulnerability	VCID-689c-96hs-5bdm

vulnerability	VCID-bfzx-yj73-wkhb

vulnerability	VCID-d56m-y1k3-bkeb

vulnerability	VCID-epbz-7qd7-xuas

vulnerability	VCID-m8mg-192p-sya9

vulnerability	VCID-sqxx-x7pj-dfgf

vulnerability	VCID-tzm5-dtk1-kbf2

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/php@8.0.30-2%3Farch=el9

References

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-9026.json

reference_id

reference_type

scores

value	3.3
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-9026.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2024-9026

reference_id

reference_type

scores

value	0.00667
scoring_system	epss
scoring_elements	0.71839
published_at	2026-06-14T12:55:00Z

value	0.00667
scoring_system	epss
scoring_elements	0.71743
published_at	2026-06-11T12:55:00Z

value	0.00667
scoring_system	epss
scoring_elements	0.71828
published_at	2026-06-12T12:55:00Z

value	0.00667
scoring_system	epss
scoring_elements	0.71842
published_at	2026-06-13T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2024-9026

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-9026
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-9026

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	3.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2317144
reference_id	2317144
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2317144

reference_url

https://github.com/php/php-src/security/advisories/GHSA-865w-9rf3-2wh5

reference_id

GHSA-865w-9rf3-2wh5

reference_type

scores

value	3.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-08T12:47:58Z/

url

https://github.com/php/php-src/security/advisories/GHSA-865w-9rf3-2wh5

reference_url	https://security.gentoo.org/glsa/202501-11
reference_id	GLSA-202501-11
reference_type
scores
url	https://security.gentoo.org/glsa/202501-11

reference_url	https://access.redhat.com/errata/RHSA-2024:10949
reference_id	RHSA-2024:10949
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:10949

reference_url	https://access.redhat.com/errata/RHSA-2024:10950
reference_id	RHSA-2024:10950
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:10950

reference_url	https://access.redhat.com/errata/RHSA-2024:10951
reference_id	RHSA-2024:10951
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:10951

reference_url	https://access.redhat.com/errata/RHSA-2024:10952
reference_id	RHSA-2024:10952
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:10952

reference_url	https://access.redhat.com/errata/RHSA-2025:7315
reference_id	RHSA-2025:7315
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:7315

reference_url	https://usn.ubuntu.com/7049-1/
reference_id	USN-7049-1
reference_type
scores
url	https://usn.ubuntu.com/7049-1/

Weaknesses

cwe_id	117
name	Improper Output Neutralization for Logs
description	The product does not neutralize or incorrectly neutralizes output that is written to logs.

cwe_id	158
name	Improper Neutralization of Null Byte or NUL Character
description	The product receives input from an upstream component, but it does not neutralize or incorrectly neutralizes NUL characters or null bytes when they are sent to a downstream component.

Exploits

Severity_range_score 3.3 - 3.3

Exploitability 0.5

Weighted_severity 3.0

Risk_score 1.5

Resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-tzm5-dtk1-kbf2

Vulnerability Instance