Django REST framework
Api Root
Vulnerability List
Vulnerability Instance
Format
json
api
admin
Vulnerability Instance
Lookup for vulnerabilities affecting packages.
Vulnerability_id
VCID-hz5k-rky7-nucg
Summary
Multiple vulberabilities have been discovered in Python and PyPy3, the worst of which can lead to privilege escalation.
Aliases
0
alias
CVE-2023-41105
Fixed_packages
0
url
pkg:deb/debian/python2.7@0?distro=bullseye
purl
pkg:deb/debian/python2.7@0?distro=bullseye
is_vulnerable
false
affected_by_vulnerabilities
resource_url
http://public2.vulnerablecode.io/packages/pkg:deb/debian/python2.7@0%3Fdistro=bullseye
1
url
pkg:deb/debian/python2.7@2.7.18-8%2Bdeb11u1?distro=bullseye
purl
pkg:deb/debian/python2.7@2.7.18-8%2Bdeb11u1?distro=bullseye
is_vulnerable
false
affected_by_vulnerabilities
resource_url
http://public2.vulnerablecode.io/packages/pkg:deb/debian/python2.7@2.7.18-8%252Bdeb11u1%3Fdistro=bullseye
2
url
pkg:deb/debian/python3.11@3.11.2-6%2Bdeb12u2?distro=bookworm
purl
pkg:deb/debian/python3.11@3.11.2-6%2Bdeb12u2?distro=bookworm
is_vulnerable
false
affected_by_vulnerabilities
resource_url
http://public2.vulnerablecode.io/packages/pkg:deb/debian/python3.11@3.11.2-6%252Bdeb12u2%3Fdistro=bookworm
3
url
pkg:deb/debian/python3.11@3.11.2-6%2Bdeb12u6?distro=bookworm
purl
pkg:deb/debian/python3.11@3.11.2-6%2Bdeb12u6?distro=bookworm
is_vulnerable
false
affected_by_vulnerabilities
resource_url
http://public2.vulnerablecode.io/packages/pkg:deb/debian/python3.11@3.11.2-6%252Bdeb12u6%3Fdistro=bookworm
4
url
pkg:deb/debian/python3.9@0?distro=bullseye
purl
pkg:deb/debian/python3.9@0?distro=bullseye
is_vulnerable
false
affected_by_vulnerabilities
resource_url
http://public2.vulnerablecode.io/packages/pkg:deb/debian/python3.9@0%3Fdistro=bullseye
5
url
pkg:deb/debian/python3.9@3.9.2-1?distro=bullseye
purl
pkg:deb/debian/python3.9@3.9.2-1?distro=bullseye
is_vulnerable
false
affected_by_vulnerabilities
resource_url
http://public2.vulnerablecode.io/packages/pkg:deb/debian/python3.9@3.9.2-1%3Fdistro=bullseye
6
url
pkg:ebuild/dev-lang/python@3.8.19
purl
pkg:ebuild/dev-lang/python@3.8.19
is_vulnerable
false
affected_by_vulnerabilities
resource_url
http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-lang/python@3.8.19
7
url
pkg:ebuild/dev-lang/python@3.9.19
purl
pkg:ebuild/dev-lang/python@3.9.19
is_vulnerable
false
affected_by_vulnerabilities
resource_url
http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-lang/python@3.9.19
8
url
pkg:ebuild/dev-lang/python@3.10.14
purl
pkg:ebuild/dev-lang/python@3.10.14
is_vulnerable
false
affected_by_vulnerabilities
resource_url
http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-lang/python@3.10.14
9
url
pkg:ebuild/dev-lang/python@3.11.8
purl
pkg:ebuild/dev-lang/python@3.11.8
is_vulnerable
false
affected_by_vulnerabilities
resource_url
http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-lang/python@3.11.8
10
url
pkg:ebuild/dev-lang/python@3.12.1
purl
pkg:ebuild/dev-lang/python@3.12.1
is_vulnerable
false
affected_by_vulnerabilities
resource_url
http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-lang/python@3.12.1
11
url
pkg:ebuild/dev-python/pypy3@3.8.19
purl
pkg:ebuild/dev-python/pypy3@3.8.19
is_vulnerable
false
affected_by_vulnerabilities
resource_url
http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-python/pypy3@3.8.19
12
url
pkg:ebuild/dev-python/pypy3@3.9.19
purl
pkg:ebuild/dev-python/pypy3@3.9.19
is_vulnerable
false
affected_by_vulnerabilities
resource_url
http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-python/pypy3@3.9.19
13
url
pkg:ebuild/dev-python/pypy3@3.10.14
purl
pkg:ebuild/dev-python/pypy3@3.10.14
is_vulnerable
false
affected_by_vulnerabilities
resource_url
http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-python/pypy3@3.10.14
14
url
pkg:ebuild/dev-python/pypy3@3.11.8
purl
pkg:ebuild/dev-python/pypy3@3.11.8
is_vulnerable
false
affected_by_vulnerabilities
resource_url
http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-python/pypy3@3.11.8
15
url
pkg:ebuild/dev-python/pypy3@3.12.1
purl
pkg:ebuild/dev-python/pypy3@3.12.1
is_vulnerable
false
affected_by_vulnerabilities
resource_url
http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-python/pypy3@3.12.1
16
url
pkg:ebuild/dev-python/pypy3@7.3.16
purl
pkg:ebuild/dev-python/pypy3@7.3.16
is_vulnerable
false
affected_by_vulnerabilities
resource_url
http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-python/pypy3@7.3.16
17
url
pkg:ebuild/dev-python/pypy3_10@3.8.19
purl
pkg:ebuild/dev-python/pypy3_10@3.8.19
is_vulnerable
false
affected_by_vulnerabilities
resource_url
http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-python/pypy3_10@3.8.19
18
url
pkg:ebuild/dev-python/pypy3_10@3.9.19
purl
pkg:ebuild/dev-python/pypy3_10@3.9.19
is_vulnerable
false
affected_by_vulnerabilities
resource_url
http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-python/pypy3_10@3.9.19
19
url
pkg:ebuild/dev-python/pypy3_10@3.10.14
purl
pkg:ebuild/dev-python/pypy3_10@3.10.14
is_vulnerable
false
affected_by_vulnerabilities
resource_url
http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-python/pypy3_10@3.10.14
20
url
pkg:ebuild/dev-python/pypy3_10@3.11.8
purl
pkg:ebuild/dev-python/pypy3_10@3.11.8
is_vulnerable
false
affected_by_vulnerabilities
resource_url
http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-python/pypy3_10@3.11.8
21
url
pkg:ebuild/dev-python/pypy3_10@3.12.1
purl
pkg:ebuild/dev-python/pypy3_10@3.12.1
is_vulnerable
false
affected_by_vulnerabilities
resource_url
http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-python/pypy3_10@3.12.1
22
url
pkg:ebuild/dev-python/pypy3_10@7.3.16
purl
pkg:ebuild/dev-python/pypy3_10@7.3.16
is_vulnerable
false
affected_by_vulnerabilities
resource_url
http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-python/pypy3_10@7.3.16
23
url
pkg:ebuild/dev-python/pypy3_9@3.8.19
purl
pkg:ebuild/dev-python/pypy3_9@3.8.19
is_vulnerable
false
affected_by_vulnerabilities
resource_url
http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-python/pypy3_9@3.8.19
24
url
pkg:ebuild/dev-python/pypy3_9@3.9.19
purl
pkg:ebuild/dev-python/pypy3_9@3.9.19
is_vulnerable
false
affected_by_vulnerabilities
resource_url
http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-python/pypy3_9@3.9.19
25
url
pkg:ebuild/dev-python/pypy3_9@3.10.14
purl
pkg:ebuild/dev-python/pypy3_9@3.10.14
is_vulnerable
false
affected_by_vulnerabilities
resource_url
http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-python/pypy3_9@3.10.14
26
url
pkg:ebuild/dev-python/pypy3_9@3.11.8
purl
pkg:ebuild/dev-python/pypy3_9@3.11.8
is_vulnerable
false
affected_by_vulnerabilities
resource_url
http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-python/pypy3_9@3.11.8
27
url
pkg:ebuild/dev-python/pypy3_9@3.12.1
purl
pkg:ebuild/dev-python/pypy3_9@3.12.1
is_vulnerable
false
affected_by_vulnerabilities
resource_url
http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-python/pypy3_9@3.12.1
28
url
pkg:ebuild/dev-python/pypy3_9@7.3.16
purl
pkg:ebuild/dev-python/pypy3_9@7.3.16
is_vulnerable
false
affected_by_vulnerabilities
resource_url
http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-python/pypy3_9@7.3.16
Affected_packages
0
url
pkg:rpm/redhat/python3.11@3.11.5-1?arch=el8_9
purl
pkg:rpm/redhat/python3.11@3.11.5-1?arch=el8_9
is_vulnerable
true
affected_by_vulnerabilities
0
vulnerability
VCID-hz5k-rky7-nucg
1
vulnerability
VCID-mtxv-v2pu-f3bn
resource_url
http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/python3.11@3.11.5-1%3Farch=el8_9
1
url
pkg:rpm/redhat/python3.11@3.11.5-1?arch=el9_3
purl
pkg:rpm/redhat/python3.11@3.11.5-1?arch=el9_3
is_vulnerable
true
affected_by_vulnerabilities
0
vulnerability
VCID-hz5k-rky7-nucg
1
vulnerability
VCID-mtxv-v2pu-f3bn
resource_url
http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/python3.11@3.11.5-1%3Farch=el9_3
References
0
reference_url
https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-41105.json
reference_id
reference_type
scores
0
value
7.5
scoring_system
cvssv3
scoring_elements
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
url
https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-41105.json
1
reference_url
https://api.first.org/data/v1/epss?cve=CVE-2023-41105
reference_id
reference_type
scores
0
value
0.00363
scoring_system
epss
scoring_elements
0.58339
published_at
2026-04-02T12:55:00Z
1
value
0.00363
scoring_system
epss
scoring_elements
0.58383
published_at
2026-04-21T12:55:00Z
2
value
0.00363
scoring_system
epss
scoring_elements
0.58385
published_at
2026-04-08T12:55:00Z
3
value
0.00363
scoring_system
epss
scoring_elements
0.58391
published_at
2026-04-09T12:55:00Z
4
value
0.00363
scoring_system
epss
scoring_elements
0.58409
published_at
2026-04-11T12:55:00Z
5
value
0.00363
scoring_system
epss
scoring_elements
0.58388
published_at
2026-04-12T12:55:00Z
6
value
0.00363
scoring_system
epss
scoring_elements
0.58369
published_at
2026-04-13T12:55:00Z
7
value
0.00363
scoring_system
epss
scoring_elements
0.58401
published_at
2026-04-16T12:55:00Z
8
value
0.00363
scoring_system
epss
scoring_elements
0.58406
published_at
2026-04-18T12:55:00Z
9
value
0.00363
scoring_system
epss
scoring_elements
0.58359
published_at
2026-04-04T12:55:00Z
10
value
0.00363
scoring_system
epss
scoring_elements
0.58333
published_at
2026-04-07T12:55:00Z
url
https://api.first.org/data/v1/epss?cve=CVE-2023-41105
2
reference_url
https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value
6.7
scoring_system
cvssv3.1
scoring_elements
CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
url
https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url
https://github.com/python/cpython/pull/107981
reference_id
107981
reference_type
scores
0
value
Track
scoring_system
ssvc
scoring_elements
SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-03T14:01:12Z/
url
https://github.com/python/cpython/pull/107981
4
reference_url
https://github.com/python/cpython/pull/107982
reference_id
107982
reference_type
scores
0
value
Track
scoring_system
ssvc
scoring_elements
SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-03T14:01:12Z/
url
https://github.com/python/cpython/pull/107982
5
reference_url
https://github.com/python/cpython/pull/107983
reference_id
107983
reference_type
scores
0
value
Track
scoring_system
ssvc
scoring_elements
SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-03T14:01:12Z/
url
https://github.com/python/cpython/pull/107983
6
reference_url
https://bugzilla.redhat.com/show_bug.cgi?id=2235795
reference_id
2235795
reference_type
scores
url
https://bugzilla.redhat.com/show_bug.cgi?id=2235795
7
reference_url
https://mail.python.org/archives/list/security-announce%40python.org/thread/D6CDW3ZZC5D444YGL3VQUY6D4ECMCQLD/
reference_id
D6CDW3ZZC5D444YGL3VQUY6D4ECMCQLD
reference_type
scores
0
value
Track
scoring_system
ssvc
scoring_elements
SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-03T14:01:12Z/
url
https://mail.python.org/archives/list/security-announce%40python.org/thread/D6CDW3ZZC5D444YGL3VQUY6D4ECMCQLD/
8
reference_url
https://security.gentoo.org/glsa/202405-01
reference_id
GLSA-202405-01
reference_type
scores
url
https://security.gentoo.org/glsa/202405-01
9
reference_url
https://security.netapp.com/advisory/ntap-20231006-0015/
reference_id
ntap-20231006-0015
reference_type
scores
0
value
Track
scoring_system
ssvc
scoring_elements
SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-03T14:01:12Z/
url
https://security.netapp.com/advisory/ntap-20231006-0015/
10
reference_url
https://access.redhat.com/errata/RHSA-2023:6494
reference_id
RHSA-2023:6494
reference_type
scores
url
https://access.redhat.com/errata/RHSA-2023:6494
11
reference_url
https://access.redhat.com/errata/RHSA-2023:7024
reference_id
RHSA-2023:7024
reference_type
scores
url
https://access.redhat.com/errata/RHSA-2023:7024
12
reference_url
https://usn.ubuntu.com/6547-1/
reference_id
USN-6547-1
reference_type
scores
url
https://usn.ubuntu.com/6547-1/
13
reference_url
https://usn.ubuntu.com/6891-1/
reference_id
USN-6891-1
reference_type
scores
url
https://usn.ubuntu.com/6891-1/
Weaknesses
0
cwe_id
158
name
Improper Neutralization of Null Byte or NUL Character
description
The product receives input from an upstream component, but it does not neutralize or incorrectly neutralizes NUL characters or null bytes when they are sent to a downstream component.
Exploits
Severity_range_score
6.7 - 7.5
Exploitability
0.5
Weighted_severity
6.8
Risk_score
3.4
Resource_url
http://public2.vulnerablecode.io/vulnerabilities/VCID-hz5k-rky7-nucg
×
Create
None
×
Edit
None