Django REST framework

Lookup for vulnerabilities affecting packages.

Vulnerability_id VCID-245f-jhkn-w3ck

Summary

Aliases

alias	CVE-2026-32281

Fixed_packages

url	pkg:apk/alpine/go@1.25.9-r0?arch=aarch64&distroversion=v3.23&reponame=community
purl	pkg:apk/alpine/go@1.25.9-r0?arch=aarch64&distroversion=v3.23&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/go@1.25.9-r0%3Farch=aarch64&distroversion=v3.23&reponame=community

url	pkg:apk/alpine/go@1.25.9-r0?arch=armv7&distroversion=v3.23&reponame=community
purl	pkg:apk/alpine/go@1.25.9-r0?arch=armv7&distroversion=v3.23&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/go@1.25.9-r0%3Farch=armv7&distroversion=v3.23&reponame=community

url	pkg:apk/alpine/go@1.25.9-r0?arch=loongarch64&distroversion=v3.23&reponame=community
purl	pkg:apk/alpine/go@1.25.9-r0?arch=loongarch64&distroversion=v3.23&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/go@1.25.9-r0%3Farch=loongarch64&distroversion=v3.23&reponame=community

url	pkg:apk/alpine/go@1.25.9-r0?arch=x86&distroversion=v3.23&reponame=community
purl	pkg:apk/alpine/go@1.25.9-r0?arch=x86&distroversion=v3.23&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/go@1.25.9-r0%3Farch=x86&distroversion=v3.23&reponame=community

url	pkg:apk/alpine/go@1.25.9-r0?arch=x86_64&distroversion=v3.23&reponame=community
purl	pkg:apk/alpine/go@1.25.9-r0?arch=x86_64&distroversion=v3.23&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/go@1.25.9-r0%3Farch=x86_64&distroversion=v3.23&reponame=community

url	pkg:apk/alpine/go@1.25.9-r0?arch=armhf&distroversion=v3.23&reponame=community
purl	pkg:apk/alpine/go@1.25.9-r0?arch=armhf&distroversion=v3.23&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/go@1.25.9-r0%3Farch=armhf&distroversion=v3.23&reponame=community

url	pkg:apk/alpine/go@1.25.9-r0?arch=ppc64le&distroversion=v3.23&reponame=community
purl	pkg:apk/alpine/go@1.25.9-r0?arch=ppc64le&distroversion=v3.23&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/go@1.25.9-r0%3Farch=ppc64le&distroversion=v3.23&reponame=community

url	pkg:apk/alpine/go@1.25.9-r0?arch=riscv64&distroversion=v3.23&reponame=community
purl	pkg:apk/alpine/go@1.25.9-r0?arch=riscv64&distroversion=v3.23&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/go@1.25.9-r0%3Farch=riscv64&distroversion=v3.23&reponame=community

url	pkg:apk/alpine/go@1.25.9-r0?arch=s390x&distroversion=v3.23&reponame=community
purl	pkg:apk/alpine/go@1.25.9-r0?arch=s390x&distroversion=v3.23&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/go@1.25.9-r0%3Farch=s390x&distroversion=v3.23&reponame=community

url	pkg:apk/alpine/go@1.26.2-r0?arch=ppc64le&distroversion=edge&reponame=community
purl	pkg:apk/alpine/go@1.26.2-r0?arch=ppc64le&distroversion=edge&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/go@1.26.2-r0%3Farch=ppc64le&distroversion=edge&reponame=community

url	pkg:apk/alpine/go@1.26.2-r0?arch=riscv64&distroversion=edge&reponame=community
purl	pkg:apk/alpine/go@1.26.2-r0?arch=riscv64&distroversion=edge&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/go@1.26.2-r0%3Farch=riscv64&distroversion=edge&reponame=community

url	pkg:apk/alpine/go@1.26.2-r0?arch=s390x&distroversion=edge&reponame=community
purl	pkg:apk/alpine/go@1.26.2-r0?arch=s390x&distroversion=edge&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/go@1.26.2-r0%3Farch=s390x&distroversion=edge&reponame=community

url	pkg:apk/alpine/go@1.26.2-r0?arch=aarch64&distroversion=edge&reponame=community
purl	pkg:apk/alpine/go@1.26.2-r0?arch=aarch64&distroversion=edge&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/go@1.26.2-r0%3Farch=aarch64&distroversion=edge&reponame=community

url	pkg:apk/alpine/go@1.26.2-r0?arch=armhf&distroversion=edge&reponame=community
purl	pkg:apk/alpine/go@1.26.2-r0?arch=armhf&distroversion=edge&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/go@1.26.2-r0%3Farch=armhf&distroversion=edge&reponame=community

url	pkg:apk/alpine/go@1.26.2-r0?arch=armv7&distroversion=edge&reponame=community
purl	pkg:apk/alpine/go@1.26.2-r0?arch=armv7&distroversion=edge&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/go@1.26.2-r0%3Farch=armv7&distroversion=edge&reponame=community

url	pkg:apk/alpine/go@1.26.2-r0?arch=loongarch64&distroversion=edge&reponame=community
purl	pkg:apk/alpine/go@1.26.2-r0?arch=loongarch64&distroversion=edge&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/go@1.26.2-r0%3Farch=loongarch64&distroversion=edge&reponame=community

url	pkg:apk/alpine/go@1.26.2-r0?arch=x86_64&distroversion=edge&reponame=community
purl	pkg:apk/alpine/go@1.26.2-r0?arch=x86_64&distroversion=edge&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/go@1.26.2-r0%3Farch=x86_64&distroversion=edge&reponame=community

url	pkg:apk/alpine/go@1.26.2-r0?arch=x86&distroversion=edge&reponame=community
purl	pkg:apk/alpine/go@1.26.2-r0?arch=x86&distroversion=edge&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/go@1.26.2-r0%3Farch=x86&distroversion=edge&reponame=community

url	pkg:deb/debian/golang-1.25@1.25.9-1?distro=sid
purl	pkg:deb/debian/golang-1.25@1.25.9-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-1.25@1.25.9-1%3Fdistro=sid

url	pkg:deb/debian/golang-1.25@1.25.9-1
purl	pkg:deb/debian/golang-1.25@1.25.9-1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-1.25@1.25.9-1

url	pkg:deb/debian/golang-1.26@1.26.2-1
purl	pkg:deb/debian/golang-1.26@1.26.2-1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-1.26@1.26.2-1

url	pkg:deb/debian/golang-1.26@1.26.2-1?distro=sid
purl	pkg:deb/debian/golang-1.26@1.26.2-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-1.26@1.26.2-1%3Fdistro=sid

Affected_packages

url pkg:deb/debian/golang-1.25@1.25.8-1

purl pkg:deb/debian/golang-1.25@1.25.8-1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-245f-jhkn-w3ck

vulnerability	VCID-s176-xcrb-e3ea

vulnerability	VCID-svbs-h3y5-wfbn

vulnerability	VCID-t19m-gs1u-rbfp

vulnerability	VCID-tf52-aa91-4kf3

vulnerability	VCID-tmb1-tq9e-puhd

vulnerability	VCID-vw1r-8zev-ykf4

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-1.25@1.25.8-1

url pkg:deb/debian/golang-1.25@1.25.8-1?distro=sid

purl pkg:deb/debian/golang-1.25@1.25.8-1?distro=sid

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-245f-jhkn-w3ck

vulnerability	VCID-91yp-p6st-8ucd

vulnerability	VCID-ju53-xpej-3qca

vulnerability	VCID-s176-xcrb-e3ea

vulnerability	VCID-svbs-h3y5-wfbn

vulnerability	VCID-t19m-gs1u-rbfp

vulnerability	VCID-tf52-aa91-4kf3

vulnerability	VCID-tmb1-tq9e-puhd

vulnerability	VCID-vw1r-8zev-ykf4

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-1.25@1.25.8-1%3Fdistro=sid

url pkg:deb/debian/golang-1.26@1.26.1-1?distro=sid

purl pkg:deb/debian/golang-1.26@1.26.1-1?distro=sid

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-245f-jhkn-w3ck

vulnerability	VCID-91yp-p6st-8ucd

vulnerability	VCID-gtys-5r5h-p7ht

vulnerability	VCID-ju53-xpej-3qca

vulnerability	VCID-s176-xcrb-e3ea

vulnerability	VCID-svbs-h3y5-wfbn

vulnerability	VCID-t19m-gs1u-rbfp

vulnerability	VCID-tf52-aa91-4kf3

vulnerability	VCID-tmb1-tq9e-puhd

vulnerability	VCID-vw1r-8zev-ykf4

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-1.26@1.26.1-1%3Fdistro=sid

url pkg:deb/debian/golang-1.26@1.26.1-1

purl pkg:deb/debian/golang-1.26@1.26.1-1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-245f-jhkn-w3ck

vulnerability	VCID-91yp-p6st-8ucd

vulnerability	VCID-gtys-5r5h-p7ht

vulnerability	VCID-ju53-xpej-3qca

vulnerability	VCID-s176-xcrb-e3ea

vulnerability	VCID-svbs-h3y5-wfbn

vulnerability	VCID-t19m-gs1u-rbfp

vulnerability	VCID-tf52-aa91-4kf3

vulnerability	VCID-tmb1-tq9e-puhd

vulnerability	VCID-vw1r-8zev-ykf4

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-1.26@1.26.1-1

References

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-32281.json

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-32281.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2026-32281

reference_id

reference_type

scores

value	0.00018
scoring_system	epss
scoring_elements	0.04595
published_at	2026-04-21T12:55:00Z

value	0.00018
scoring_system	epss
scoring_elements	0.04457
published_at	2026-04-18T12:55:00Z

value	0.00021
scoring_system	epss
scoring_elements	0.05503
published_at	2026-04-16T12:55:00Z

value	7e-05
scoring_system	epss
scoring_elements	0.00451
published_at	2026-04-11T12:55:00Z

value	7e-05
scoring_system	epss
scoring_elements	0.0045
published_at	2026-04-09T12:55:00Z

value	7e-05
scoring_system	epss
scoring_elements	0.00447
published_at	2026-04-13T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2026-32281

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-32281
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-32281

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU

reference_id

0uYbvbPZRWU

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-13T17:52:37Z/

url

https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2456333
reference_id	2456333
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2456333

reference_url

https://go.dev/cl/758061

reference_id

758061

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-13T17:52:37Z/

url

https://go.dev/cl/758061

reference_url

https://go.dev/issue/78281

reference_id

78281

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-13T17:52:37Z/

url

https://go.dev/issue/78281

reference_url

https://pkg.go.dev/vuln/GO-2026-4946

reference_id

GO-2026-4946

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-13T17:52:37Z/

url

https://pkg.go.dev/vuln/GO-2026-4946

Weaknesses

cwe_id	1050
name	Excessive Platform Resource Consumption within a Loop
description	The product has a loop body or loop condition that contains a control element that directly or indirectly consumes platform resources, e.g. messaging, sessions, locks, or file descriptors.

cwe_id	407
name	Inefficient Algorithmic Complexity
description	An algorithm in a product has an inefficient worst-case computational complexity that may be detrimental to system performance and can be triggered by an attacker, typically using crafted manipulations that ensure that the worst case is being reached.

Exploits

Severity_range_score 5.9 - 7.5

Exploitability 0.5

Weighted_severity 6.0

Risk_score 3.0

Resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-245f-jhkn-w3ck

Vulnerability Instance