Django REST framework

Lookup for vulnerabilities affecting packages.

Vulnerability_id VCID-3jgj-ez7d-qbh5

Summary

Multiple vulnerabilities were found in MySQL, the worst of which
    may allow remote execution of arbitrary code.

Aliases

alias	CVE-2018-2696

Fixed_packages

url	pkg:ebuild/dev-db/mysql@5.6.39
purl	pkg:ebuild/dev-db/mysql@5.6.39
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-db/mysql@5.6.39

Affected_packages

url pkg:rpm/redhat/rh-mysql56-mysql@5.6.39-1.el6?arch=1

purl pkg:rpm/redhat/rh-mysql56-mysql@5.6.39-1.el6?arch=1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2e5v-p34z-43bp

vulnerability	VCID-2hbu-crsx-h7bx

vulnerability	VCID-39gt-6dgh-wyar

vulnerability	VCID-3jgj-ez7d-qbh5

vulnerability	VCID-3md2-cjc1-ckdw

vulnerability	VCID-5p65-gfsg-1ugq

vulnerability	VCID-5q89-vg9j-k3as

vulnerability	VCID-64st-u4xn-z7g3

vulnerability	VCID-7yc3-7bkr-jfc9

vulnerability	VCID-ffsn-shbc-xbbf

vulnerability	VCID-h5nh-kj53-ybgu

vulnerability	VCID-h7un-bdz8-8yfe

vulnerability	VCID-n695-ekft-fqfh

vulnerability	VCID-z2we-8dx7-3yg2

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/rh-mysql56-mysql@5.6.39-1.el6%3Farch=1

url pkg:rpm/redhat/rh-mysql56-mysql@5.6.39-1.el7?arch=1

purl pkg:rpm/redhat/rh-mysql56-mysql@5.6.39-1.el7?arch=1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2e5v-p34z-43bp

vulnerability	VCID-2hbu-crsx-h7bx

vulnerability	VCID-39gt-6dgh-wyar

vulnerability	VCID-3jgj-ez7d-qbh5

vulnerability	VCID-3md2-cjc1-ckdw

vulnerability	VCID-5p65-gfsg-1ugq

vulnerability	VCID-5q89-vg9j-k3as

vulnerability	VCID-64st-u4xn-z7g3

vulnerability	VCID-7yc3-7bkr-jfc9

vulnerability	VCID-ffsn-shbc-xbbf

vulnerability	VCID-h5nh-kj53-ybgu

vulnerability	VCID-h7un-bdz8-8yfe

vulnerability	VCID-n695-ekft-fqfh

vulnerability	VCID-z2we-8dx7-3yg2

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/rh-mysql56-mysql@5.6.39-1.el7%3Farch=1

url pkg:rpm/redhat/rh-mysql57-mysql@5.7.21-2.el6?arch=1

purl pkg:rpm/redhat/rh-mysql57-mysql@5.7.21-2.el6?arch=1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-135g-wyju-6bc8

vulnerability	VCID-2e5v-p34z-43bp

vulnerability	VCID-2hbu-crsx-h7bx

vulnerability	VCID-2xb6-rvbp-wkha

vulnerability	VCID-39gt-6dgh-wyar

vulnerability	VCID-3jgj-ez7d-qbh5

vulnerability	VCID-3md2-cjc1-ckdw

vulnerability	VCID-5q89-vg9j-k3as

vulnerability	VCID-64st-u4xn-z7g3

vulnerability	VCID-7yc3-7bkr-jfc9

vulnerability	VCID-cks1-7b8t-uyh5

vulnerability	VCID-ffsn-shbc-xbbf

vulnerability	VCID-h5nh-kj53-ybgu

vulnerability	VCID-h7un-bdz8-8yfe

vulnerability	VCID-k869-qwxp-5qhm

vulnerability	VCID-kmp3-g5e5-vqam

vulnerability	VCID-n695-ekft-fqfh

vulnerability	VCID-wr83-rkem-p7hq

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/rh-mysql57-mysql@5.7.21-2.el6%3Farch=1

url pkg:rpm/redhat/rh-mysql57-mysql@5.7.21-2.el7?arch=1

purl pkg:rpm/redhat/rh-mysql57-mysql@5.7.21-2.el7?arch=1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-135g-wyju-6bc8

vulnerability	VCID-2e5v-p34z-43bp

vulnerability	VCID-2hbu-crsx-h7bx

vulnerability	VCID-2xb6-rvbp-wkha

vulnerability	VCID-39gt-6dgh-wyar

vulnerability	VCID-3jgj-ez7d-qbh5

vulnerability	VCID-3md2-cjc1-ckdw

vulnerability	VCID-5q89-vg9j-k3as

vulnerability	VCID-64st-u4xn-z7g3

vulnerability	VCID-7yc3-7bkr-jfc9

vulnerability	VCID-cks1-7b8t-uyh5

vulnerability	VCID-ffsn-shbc-xbbf

vulnerability	VCID-h5nh-kj53-ybgu

vulnerability	VCID-h7un-bdz8-8yfe

vulnerability	VCID-k869-qwxp-5qhm

vulnerability	VCID-kmp3-g5e5-vqam

vulnerability	VCID-n695-ekft-fqfh

vulnerability	VCID-wr83-rkem-p7hq

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/rh-mysql57-mysql@5.7.21-2.el7%3Farch=1

References

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-2696.json

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-2696.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2018-2696

reference_id

reference_type

scores

value	0.05876
scoring_system	epss
scoring_elements	0.90591
published_at	2026-04-16T12:55:00Z

value	0.05876
scoring_system	epss
scoring_elements	0.90529
published_at	2026-04-01T12:55:00Z

value	0.05876
scoring_system	epss
scoring_elements	0.90533
published_at	2026-04-02T12:55:00Z

value	0.05876
scoring_system	epss
scoring_elements	0.90552
published_at	2026-04-07T12:55:00Z

value	0.05876
scoring_system	epss
scoring_elements	0.90564
published_at	2026-04-08T12:55:00Z

value	0.05876
scoring_system	epss
scoring_elements	0.9057
published_at	2026-04-09T12:55:00Z

value	0.05876
scoring_system	epss
scoring_elements	0.90579
published_at	2026-04-12T12:55:00Z

value	0.05876
scoring_system	epss
scoring_elements	0.90573
published_at	2026-04-13T12:55:00Z

value	0.05876
scoring_system	epss
scoring_elements	0.90544
published_at	2026-04-04T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2018-2696

reference_url

http://www.securityfocus.com/bid/102701

reference_id

102701

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:12:51Z/

url

http://www.securityfocus.com/bid/102701

reference_url

http://www.securitytracker.com/id/1040216

reference_id

1040216

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:12:51Z/

url

http://www.securitytracker.com/id/1040216

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1509475
reference_id	1509475
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1509475

reference_url	https://security.gentoo.org/glsa/201802-04
reference_id	GLSA-201802-04
reference_type
scores
url	https://security.gentoo.org/glsa/201802-04

reference_url

https://access.redhat.com/errata/RHSA-2018:0586

reference_id

RHSA-2018:0586

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:12:51Z/

url

https://access.redhat.com/errata/RHSA-2018:0586

reference_url

https://access.redhat.com/errata/RHSA-2018:0587

reference_id

RHSA-2018:0587

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:12:51Z/

url

https://access.redhat.com/errata/RHSA-2018:0587

reference_url

https://usn.ubuntu.com/3537-1/

reference_id

USN-3537-1

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:12:51Z/

url

https://usn.ubuntu.com/3537-1/

Weaknesses

cwe_id	770
name	Allocation of Resources Without Limits or Throttling
description	The product allocates a reusable resource or group of resources on behalf of an actor without imposing any restrictions on the size or number of resources that can be allocated, in violation of the intended security policy for that actor.

Exploits

Severity_range_score 7.5 - 7.5

Exploitability 0.5

Weighted_severity 6.8

Risk_score 3.4

Resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-3jgj-ez7d-qbh5

Vulnerability Instance