Django REST framework

Lookup for vulnerabilities affecting packages.

Vulnerability_id VCID-gqsh-nqdu-3qex

Summary A vulnerability, which was classified as problematic, was found in radare2 5.9.9 33286. Affected is an unknown function in the library /libr/main/rasm2.c of the component rasm2. The manipulation leads to memory corruption. An attack has to be approached locally. The exploit has been disclosed to the public and may be used. Upgrading to version 6.0.0 is able to address this issue. The patch is identified as c6c772d2eab692ce7ada5a4227afd50c355ad545. It is recommended to upgrade the affected component.

Aliases

alias	CVE-2025-1378

Fixed_packages

url	pkg:deb/debian/radare2@6.0.4%2Bdfsg-1?distro=sid
purl	pkg:deb/debian/radare2@6.0.4%2Bdfsg-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/radare2@6.0.4%252Bdfsg-1%3Fdistro=sid

url	pkg:deb/debian/radare2@6.0.7%2Bds-1?distro=sid
purl	pkg:deb/debian/radare2@6.0.7%2Bds-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/radare2@6.0.7%252Bds-1%3Fdistro=sid

Affected_packages

References

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2025-1378

reference_id

reference_type

scores

value	0.00035
scoring_system	epss
scoring_elements	0.10331
published_at	2026-04-04T12:55:00Z

value	0.00035
scoring_system	epss
scoring_elements	0.10267
published_at	2026-04-02T12:55:00Z

value	0.00035
scoring_system	epss
scoring_elements	0.10293
published_at	2026-04-24T12:55:00Z

value	0.00035
scoring_system	epss
scoring_elements	0.10314
published_at	2026-04-21T12:55:00Z

value	0.00035
scoring_system	epss
scoring_elements	0.10181
published_at	2026-04-18T12:55:00Z

value	0.00035
scoring_system	epss
scoring_elements	0.10208
published_at	2026-04-16T12:55:00Z

value	0.00035
scoring_system	epss
scoring_elements	0.10334
published_at	2026-04-13T12:55:00Z

value	0.00035
scoring_system	epss
scoring_elements	0.10355
published_at	2026-04-12T12:55:00Z

value	0.00035
scoring_system	epss
scoring_elements	0.10396
published_at	2026-04-11T12:55:00Z

value	0.00035
scoring_system	epss
scoring_elements	0.10365
published_at	2026-04-09T12:55:00Z

value	0.00035
scoring_system	epss
scoring_elements	0.10304
published_at	2026-04-08T12:55:00Z

value	0.00035
scoring_system	epss
scoring_elements	0.1023
published_at	2026-04-07T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2025-1378

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	3.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1098376
reference_id	1098376
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1098376

reference_url

https://github.com/radareorg/radare2/issues/23953

reference_id

23953

reference_type

scores

value	1.7
scoring_system	cvssv2
scoring_elements	AV:L/AC:L/Au:S/C:N/I:N/A:P

value	3.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L

value	3.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L

value	4.8
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-18T15:47:48Z/

url

https://github.com/radareorg/radare2/issues/23953

reference_url

https://github.com/radareorg/radare2/issues/23953#issue-2844325926

reference_id

23953#issue-2844325926

reference_type

scores

value	1.7
scoring_system	cvssv2
scoring_elements	AV:L/AC:L/Au:S/C:N/I:N/A:P

value	3.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L

value	3.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L

value	4.8
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-18T15:47:48Z/

url

https://github.com/radareorg/radare2/issues/23953#issue-2844325926

reference_url

https://github.com/radareorg/radare2/milestone/86

reference_id

reference_type

scores

value	1.7
scoring_system	cvssv2
scoring_elements	AV:L/AC:L/Au:S/C:N/I:N/A:P

value	3.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L

value	3.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L

value	4.8
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-18T15:47:48Z/

url

https://github.com/radareorg/radare2/milestone/86

reference_url

https://github.com/radareorg/radare2/commit/c6c772d2eab692ce7ada5a4227afd50c355ad545

reference_id

c6c772d2eab692ce7ada5a4227afd50c355ad545

reference_type

scores

value	1.7
scoring_system	cvssv2
scoring_elements	AV:L/AC:L/Au:S/C:N/I:N/A:P

value	3.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L

value	3.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L

value	4.8
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-18T15:47:48Z/

url

https://github.com/radareorg/radare2/commit/c6c772d2eab692ce7ada5a4227afd50c355ad545

reference_url

https://vuldb.com/?ctiid.295986

reference_id

?ctiid.295986

reference_type

scores

value	1.7
scoring_system	cvssv2
scoring_elements	AV:L/AC:L/Au:S/C:N/I:N/A:P

value	3.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L

value	3.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L

value	4.8
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-18T15:47:48Z/

url

https://vuldb.com/?ctiid.295986

reference_url

https://vuldb.com/?id.295986

reference_id

?id.295986

reference_type

scores

value	1.7
scoring_system	cvssv2
scoring_elements	AV:L/AC:L/Au:S/C:N/I:N/A:P

value	3.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L

value	3.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L

value	4.8
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-18T15:47:48Z/

url

https://vuldb.com/?id.295986

reference_url

https://vuldb.com/?submit.498499

reference_id

?submit.498499

reference_type

scores

value	1.7
scoring_system	cvssv2
scoring_elements	AV:L/AC:L/Au:S/C:N/I:N/A:P

value	3.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L

value	3.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L

value	4.8
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-18T15:47:48Z/

url

https://vuldb.com/?submit.498499

Weaknesses

cwe_id	119
name	Improper Restriction of Operations within the Bounds of a Memory Buffer
description	The product performs operations on a memory buffer, but it can read from or write to a memory location that is outside of the intended boundary of the buffer.

Exploits

Severity_range_score 1.7 - 4.8

Exploitability null

Weighted_severity null

Risk_score null

Resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-gqsh-nqdu-3qex

Vulnerability Instance