Django REST framework

Lookup for vulnerabilities affecting packages.

Vulnerability_id VCID-3h84-z3yw-uydr

Summary

Multiple vulnerabilities have been found in PolicyKit, the worst of
    which may allow a local attacker to gain root privileges.

Aliases

alias	CVE-2011-4945

Fixed_packages

url	pkg:deb/debian/policykit-1@0.103-1?distro=trixie
purl	pkg:deb/debian/policykit-1@0.103-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/policykit-1@0.103-1%3Fdistro=trixie

url pkg:deb/debian/policykit-1@0.105-3

purl pkg:deb/debian/policykit-1@0.105-3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2uwh-8f3g-6kc4

vulnerability	VCID-66y9-wrsz-gud9

vulnerability	VCID-6s5p-ucft-ukad

vulnerability	VCID-97e5-xezy-wbf6

vulnerability	VCID-d7rm-by3r-v3h3

vulnerability	VCID-fqxp-t48y-1khf

vulnerability	VCID-fwr3-kw1f-bbbp

vulnerability	VCID-mmjs-fy7f-fkbt

vulnerability	VCID-yee7-fp2m-r7eg

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/policykit-1@0.105-3

url pkg:deb/debian/policykit-1@0.105-31%2Bdeb11u1?distro=trixie

purl pkg:deb/debian/policykit-1@0.105-31%2Bdeb11u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5y4d-ph3y-5qgd

vulnerability	VCID-f2ed-c3rs-yqgz

vulnerability	VCID-hxfb-cmwp-j7c4

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/policykit-1@0.105-31%252Bdeb11u1%3Fdistro=trixie

url pkg:deb/debian/policykit-1@122-3?distro=trixie

purl pkg:deb/debian/policykit-1@122-3?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5y4d-ph3y-5qgd

vulnerability	VCID-hxfb-cmwp-j7c4

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/policykit-1@122-3%3Fdistro=trixie

url pkg:deb/debian/policykit-1@126-2?distro=trixie

purl pkg:deb/debian/policykit-1@126-2?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5y4d-ph3y-5qgd

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/policykit-1@126-2%3Fdistro=trixie

url	pkg:deb/debian/policykit-1@127-2?distro=trixie
purl	pkg:deb/debian/policykit-1@127-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/policykit-1@127-2%3Fdistro=trixie

url	pkg:ebuild/sys-auth/polkit@0.104-r1
purl	pkg:ebuild/sys-auth/polkit@0.104-r1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/sys-auth/polkit@0.104-r1

Affected_packages

url pkg:deb/debian/policykit-1@0.96-4%2Bsqueeze2

purl pkg:deb/debian/policykit-1@0.96-4%2Bsqueeze2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2uwh-8f3g-6kc4

vulnerability	VCID-3h84-z3yw-uydr

vulnerability	VCID-66y9-wrsz-gud9

vulnerability	VCID-6s5p-ucft-ukad

vulnerability	VCID-97e5-xezy-wbf6

vulnerability	VCID-d7rm-by3r-v3h3

vulnerability	VCID-dn8s-xk69-qugj

vulnerability	VCID-fqxp-t48y-1khf

vulnerability	VCID-fwr3-kw1f-bbbp

vulnerability	VCID-mmjs-fy7f-fkbt

vulnerability	VCID-yee7-fp2m-r7eg

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/policykit-1@0.96-4%252Bsqueeze2

References

reference_url	http://cgit.freedesktop.org/PolicyKit/commit/?id=763faf434b445c20ae9529100d3ef5290976d0c9
reference_id
reference_type
scores
url	http://cgit.freedesktop.org/PolicyKit/commit/?id=763faf434b445c20ae9529100d3ef5290976d0c9

reference_url	http://patch-tracker.debian.org/patch/series/view/policykit-1/0.104-2/05_revert-admin-identities-unix-group-wheel.patch
reference_id
reference_type
scores
url	http://patch-tracker.debian.org/patch/series/view/policykit-1/0.104-2/05_revert-admin-identities-unix-group-wheel.patch

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-4945.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-4945.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2011-4945

reference_id

reference_type

scores

value	0.00039
scoring_system	epss
scoring_elements	0.11921
published_at	2026-04-21T12:55:00Z

value	0.00039
scoring_system	epss
scoring_elements	0.11894
published_at	2026-04-01T12:55:00Z

value	0.00039
scoring_system	epss
scoring_elements	0.12008
published_at	2026-04-02T12:55:00Z

value	0.00039
scoring_system	epss
scoring_elements	0.12052
published_at	2026-04-04T12:55:00Z

value	0.00039
scoring_system	epss
scoring_elements	0.11855
published_at	2026-04-07T12:55:00Z

value	0.00039
scoring_system	epss
scoring_elements	0.11938
published_at	2026-04-08T12:55:00Z

value	0.00039
scoring_system	epss
scoring_elements	0.1199
published_at	2026-04-09T12:55:00Z

value	0.00039
scoring_system	epss
scoring_elements	0.11998
published_at	2026-04-11T12:55:00Z

value	0.00039
scoring_system	epss
scoring_elements	0.11961
published_at	2026-04-12T12:55:00Z

value	0.00039
scoring_system	epss
scoring_elements	0.11935
published_at	2026-04-13T12:55:00Z

value	0.00039
scoring_system	epss
scoring_elements	0.11805
published_at	2026-04-16T12:55:00Z

value	0.00039
scoring_system	epss
scoring_elements	0.11802
published_at	2026-04-18T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2011-4945

reference_url	https://bugs.gentoo.org/show_bug.cgi?id=401513
reference_id
reference_type
scores
url	https://bugs.gentoo.org/show_bug.cgi?id=401513

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4945
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4945

reference_url	http://secunia.com/advisories/48817
reference_id
reference_type
scores
url	http://secunia.com/advisories/48817

reference_url	http://security.gentoo.org/glsa/glsa-201204-06.xml
reference_id
reference_type
scores
url	http://security.gentoo.org/glsa/glsa-201204-06.xml

reference_url	https://launchpad.net/ubuntu/+source/policykit-1/0.103-1
reference_id
reference_type
scores
url	https://launchpad.net/ubuntu/+source/policykit-1/0.103-1

reference_url	http://www.mail-archive.com/polkit-devel%40lists.freedesktop.org/msg00327.html
reference_id
reference_type
scores
url	http://www.mail-archive.com/polkit-devel%40lists.freedesktop.org/msg00327.html

reference_url	http://www.openwall.com/lists/oss-security/2012/03/28/1
reference_id
reference_type
scores
url	http://www.openwall.com/lists/oss-security/2012/03/28/1

reference_url	http://www.openwall.com/lists/oss-security/2012/03/28/2
reference_id
reference_type
scores
url	http://www.openwall.com/lists/oss-security/2012/03/28/2

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=807712
reference_id	807712
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=807712

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:michael_biebl:policykit:0.103:::::::*
reference_id	cpe:2.3:a:michael_biebl:policykit:0.103:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:michael_biebl:policykit:0.103:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2011-4945

reference_id

CVE-2011-4945

reference_type

scores

value	6.9
scoring_system	cvssv2
scoring_elements	AV:L/AC:M/Au:N/C:C/I:C/A:C

url

https://nvd.nist.gov/vuln/detail/CVE-2011-4945

reference_url	https://security.gentoo.org/glsa/201204-06
reference_id	GLSA-201204-06
reference_type
scores
url	https://security.gentoo.org/glsa/201204-06

Weaknesses

cwe_id	264
name	Permissions, Privileges, and Access Controls
description	Weaknesses in this category are related to the management of permissions, privileges, and other security features that are used to perform access control.

Exploits

Severity_range_score 6.9 - 6.9

Exploitability 0.5

Weighted_severity 6.2

Risk_score 3.1

Resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-3h84-z3yw-uydr

Vulnerability Instance