Django REST framework

Lookup for vulnerabilities affecting packages.

Vulnerability_id VCID-gvgx-eq9r-d3d2

Summary

Multiple vulnerabilities have been found in Python, the worst of
    which could result in the arbitrary execution of code.

Aliases

alias	CVE-2020-26116

Fixed_packages

url	pkg:deb/debian/pypy3@7.3.3%2Bdfsg-1?distro=trixie
purl	pkg:deb/debian/pypy3@7.3.3%2Bdfsg-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/pypy3@7.3.3%252Bdfsg-1%3Fdistro=trixie

url pkg:deb/debian/pypy3@7.3.5%2Bdfsg-2%2Bdeb11u2

purl pkg:deb/debian/pypy3@7.3.5%2Bdfsg-2%2Bdeb11u2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-29cz-9gkc-1bfx

vulnerability	VCID-2shb-2cvn-dyd2

vulnerability	VCID-2v5u-2z4w-ffgx

vulnerability	VCID-4gsg-5e6s-63g4

vulnerability	VCID-4z89-3tfk-pyge

vulnerability	VCID-7ka5-7jrn-dber

vulnerability	VCID-7s7y-9bw5-m3ep

vulnerability	VCID-8hug-fhhb-sbgt

vulnerability	VCID-9nvp-aus1-9yed

vulnerability	VCID-9sms-mhht-n3aq

vulnerability	VCID-a8mv-mr3q-vygz

vulnerability	VCID-bqp2-x383-xqfh

vulnerability	VCID-dexx-3ssz-nqfg

vulnerability	VCID-e6rs-jwvu-jycd

vulnerability	VCID-e6sb-bh7v-9ugg

vulnerability	VCID-emaw-jmek-9bcy

vulnerability	VCID-h7z2-vc14-nfhq

vulnerability	VCID-js5p-py72-2kga

vulnerability	VCID-qqh6-evfk-1fgy

vulnerability	VCID-qwhz-912b-8kh5

vulnerability	VCID-smck-sdx2-c7du

vulnerability	VCID-tbuw-2msj-tqd9

vulnerability	VCID-v186-7sv1-ubej

vulnerability	VCID-vpwj-d49q-1uh8

vulnerability	VCID-znkr-fxtj-4uc7

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/pypy3@7.3.5%252Bdfsg-2%252Bdeb11u2

url pkg:deb/debian/pypy3@7.3.5%2Bdfsg-2%2Bdeb11u2?distro=trixie

purl pkg:deb/debian/pypy3@7.3.5%2Bdfsg-2%2Bdeb11u2?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2v5u-2z4w-ffgx

vulnerability	VCID-8hug-fhhb-sbgt

vulnerability	VCID-a8mv-mr3q-vygz

vulnerability	VCID-bqp2-x383-xqfh

vulnerability	VCID-qwhz-912b-8kh5

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/pypy3@7.3.5%252Bdfsg-2%252Bdeb11u2%3Fdistro=trixie

url pkg:deb/debian/pypy3@7.3.11%2Bdfsg-2%2Bdeb12u3?distro=trixie

purl pkg:deb/debian/pypy3@7.3.11%2Bdfsg-2%2Bdeb12u3?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1hw3-vhwb-nkcd

vulnerability	VCID-2v5u-2z4w-ffgx

vulnerability	VCID-4afh-28ss-mudf

vulnerability	VCID-757r-fs6p-qqdd

vulnerability	VCID-7s7y-9bw5-m3ep

vulnerability	VCID-8dtv-379a-wqfs

vulnerability	VCID-8zdt-4q7m-t7ht

vulnerability	VCID-9nvp-aus1-9yed

vulnerability	VCID-9sms-mhht-n3aq

vulnerability	VCID-dnv8-yrd6-c7cv

vulnerability	VCID-e6sb-bh7v-9ugg

vulnerability	VCID-emaw-jmek-9bcy

vulnerability	VCID-q6g1-cjz3-77e4

vulnerability	VCID-qwhz-912b-8kh5

vulnerability	VCID-smck-sdx2-c7du

vulnerability	VCID-v186-7sv1-ubej

vulnerability	VCID-znkr-fxtj-4uc7

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/pypy3@7.3.11%252Bdfsg-2%252Bdeb12u3%3Fdistro=trixie

url pkg:deb/debian/pypy3@7.3.19%2Bdfsg-2?distro=trixie

purl pkg:deb/debian/pypy3@7.3.19%2Bdfsg-2?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1hw3-vhwb-nkcd

vulnerability	VCID-4afh-28ss-mudf

vulnerability	VCID-757r-fs6p-qqdd

vulnerability	VCID-8dtv-379a-wqfs

vulnerability	VCID-8zdt-4q7m-t7ht

vulnerability	VCID-emaw-jmek-9bcy

vulnerability	VCID-q6g1-cjz3-77e4

vulnerability	VCID-znkr-fxtj-4uc7

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/pypy3@7.3.19%252Bdfsg-2%3Fdistro=trixie

url pkg:deb/debian/pypy3@7.3.21%2Bdfsg-4?distro=trixie

purl pkg:deb/debian/pypy3@7.3.21%2Bdfsg-4?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-8dtv-379a-wqfs

vulnerability	VCID-emaw-jmek-9bcy

vulnerability	VCID-znkr-fxtj-4uc7

vulnerability	VCID-zxzn-25zt-ukct

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/pypy3@7.3.21%252Bdfsg-4%3Fdistro=trixie

url	pkg:deb/debian/python3.9@3.9.0~b5-1?distro=bullseye
purl	pkg:deb/debian/python3.9@3.9.0~b5-1?distro=bullseye
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/python3.9@3.9.0~b5-1%3Fdistro=bullseye

url	pkg:deb/debian/python3.9@3.9.2-1?distro=bullseye
purl	pkg:deb/debian/python3.9@3.9.2-1?distro=bullseye
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/python3.9@3.9.2-1%3Fdistro=bullseye

url	pkg:ebuild/dev-lang/python@2.7.18-r6
purl	pkg:ebuild/dev-lang/python@2.7.18-r6
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-lang/python@2.7.18-r6

url	pkg:ebuild/dev-lang/python@3.6.12-r2
purl	pkg:ebuild/dev-lang/python@3.6.12-r2
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-lang/python@3.6.12-r2

url	pkg:ebuild/dev-lang/python@3.7.9-r2
purl	pkg:ebuild/dev-lang/python@3.7.9-r2
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-lang/python@3.7.9-r2

url	pkg:ebuild/dev-lang/python@3.8.7-r1
purl	pkg:ebuild/dev-lang/python@3.8.7-r1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-lang/python@3.8.7-r1

url	pkg:ebuild/dev-lang/python@3.9.1-r1
purl	pkg:ebuild/dev-lang/python@3.9.1-r1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-lang/python@3.9.1-r1

Affected_packages

url pkg:deb/debian/pypy3@7.0.0%2Bdfsg-3

purl pkg:deb/debian/pypy3@7.0.0%2Bdfsg-3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-29cz-9gkc-1bfx

vulnerability	VCID-2czu-wy37-qugf

vulnerability	VCID-2j3t-a3r6-vfg7

vulnerability	VCID-2shb-2cvn-dyd2

vulnerability	VCID-4gsg-5e6s-63g4

vulnerability	VCID-4q79-666d-rygx

vulnerability	VCID-4z89-3tfk-pyge

vulnerability	VCID-7ka5-7jrn-dber

vulnerability	VCID-7nj2-94zp-d3bp

vulnerability	VCID-7s7y-9bw5-m3ep

vulnerability	VCID-8a7h-5rn5-gubx

vulnerability	VCID-9nvp-aus1-9yed

vulnerability	VCID-9sms-mhht-n3aq

vulnerability	VCID-ct6h-d1eh-7bgj

vulnerability	VCID-dexx-3ssz-nqfg

vulnerability	VCID-e6rs-jwvu-jycd

vulnerability	VCID-e6sb-bh7v-9ugg

vulnerability	VCID-emaw-jmek-9bcy

vulnerability	VCID-ewbq-2gm8-tyf5

vulnerability	VCID-gvgx-eq9r-d3d2

vulnerability	VCID-h7z2-vc14-nfhq

vulnerability	VCID-j8hj-k7wy-yfch

vulnerability	VCID-js5p-py72-2kga

vulnerability	VCID-qqh6-evfk-1fgy

vulnerability	VCID-smck-sdx2-c7du

vulnerability	VCID-tbuw-2msj-tqd9

vulnerability	VCID-tyk4-kazt-kydj

vulnerability	VCID-v186-7sv1-ubej

vulnerability	VCID-vpwj-d49q-1uh8

vulnerability	VCID-w6k8-js68-87g4

vulnerability	VCID-znkr-fxtj-4uc7

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/pypy3@7.0.0%252Bdfsg-3

url pkg:rpm/redhat/python@2.7.5-92?arch=el7_9

purl pkg:rpm/redhat/python@2.7.5-92?arch=el7_9

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-dkxn-j9dr-sqbp

vulnerability	VCID-gvgx-eq9r-d3d2

vulnerability	VCID-gxkt-bvtg-gbaj

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/python@2.7.5-92%3Farch=el7_9

url pkg:rpm/redhat/python27-python@2.7.18-2?arch=el7

purl pkg:rpm/redhat/python27-python@2.7.18-2?arch=el7

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-57c6-hx7f-efc6

vulnerability	VCID-gvgx-eq9r-d3d2

vulnerability	VCID-tyk4-kazt-kydj

vulnerability	VCID-vrnn-n6vw-gygb

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/python27-python@2.7.18-2%3Farch=el7

url pkg:rpm/redhat/python27-python-pip@8.1.2-6?arch=el7

purl pkg:rpm/redhat/python27-python-pip@8.1.2-6?arch=el7

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-57c6-hx7f-efc6

vulnerability	VCID-gvgx-eq9r-d3d2

vulnerability	VCID-tyk4-kazt-kydj

vulnerability	VCID-vrnn-n6vw-gygb

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/python27-python-pip@8.1.2-6%3Farch=el7

url pkg:rpm/redhat/python27-python-virtualenv@13.1.0-4?arch=el7

purl pkg:rpm/redhat/python27-python-virtualenv@13.1.0-4?arch=el7

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-57c6-hx7f-efc6

vulnerability	VCID-gvgx-eq9r-d3d2

vulnerability	VCID-tyk4-kazt-kydj

vulnerability	VCID-vrnn-n6vw-gygb

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/python27-python-virtualenv@13.1.0-4%3Farch=el7

url pkg:rpm/redhat/python3@3.6.8-24?arch=el8_2

purl pkg:rpm/redhat/python3@3.6.8-24?arch=el8_2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-gvgx-eq9r-d3d2

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/python3@3.6.8-24%3Farch=el8_2

url pkg:rpm/redhat/python3@3.6.8-37?arch=el8

purl pkg:rpm/redhat/python3@3.6.8-37?arch=el8

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-8a7h-5rn5-gubx

vulnerability	VCID-dkxn-j9dr-sqbp

vulnerability	VCID-gvgx-eq9r-d3d2

vulnerability	VCID-w6k8-js68-87g4

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/python3@3.6.8-37%3Farch=el8

url pkg:rpm/redhat/rh-python36-python@3.6.12-1?arch=el6

purl pkg:rpm/redhat/rh-python36-python@3.6.12-1?arch=el6

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-57c6-hx7f-efc6

vulnerability	VCID-efdj-sb7s-p3fk

vulnerability	VCID-gkfp-ga1r-jkag

vulnerability	VCID-gvgx-eq9r-d3d2

vulnerability	VCID-tyk4-kazt-kydj

vulnerability	VCID-v84j-ugn9-w3c8

vulnerability	VCID-vrnn-n6vw-gygb

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/rh-python36-python@3.6.12-1%3Farch=el6

url pkg:rpm/redhat/rh-python36-python@3.6.12-1?arch=el7

purl pkg:rpm/redhat/rh-python36-python@3.6.12-1?arch=el7

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-57c6-hx7f-efc6

vulnerability	VCID-efdj-sb7s-p3fk

vulnerability	VCID-gkfp-ga1r-jkag

vulnerability	VCID-gvgx-eq9r-d3d2

vulnerability	VCID-tyk4-kazt-kydj

vulnerability	VCID-v84j-ugn9-w3c8

vulnerability	VCID-vrnn-n6vw-gygb

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/rh-python36-python@3.6.12-1%3Farch=el7

url pkg:rpm/redhat/rh-python36-python-pip@9.0.1-5?arch=el6

purl pkg:rpm/redhat/rh-python36-python-pip@9.0.1-5?arch=el6

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-57c6-hx7f-efc6

vulnerability	VCID-efdj-sb7s-p3fk

vulnerability	VCID-gkfp-ga1r-jkag

vulnerability	VCID-gvgx-eq9r-d3d2

vulnerability	VCID-tyk4-kazt-kydj

vulnerability	VCID-v84j-ugn9-w3c8

vulnerability	VCID-vrnn-n6vw-gygb

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/rh-python36-python-pip@9.0.1-5%3Farch=el6

url pkg:rpm/redhat/rh-python36-python-pip@9.0.1-5?arch=el7

purl pkg:rpm/redhat/rh-python36-python-pip@9.0.1-5?arch=el7

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-57c6-hx7f-efc6

vulnerability	VCID-efdj-sb7s-p3fk

vulnerability	VCID-gkfp-ga1r-jkag

vulnerability	VCID-gvgx-eq9r-d3d2

vulnerability	VCID-tyk4-kazt-kydj

vulnerability	VCID-v84j-ugn9-w3c8

vulnerability	VCID-vrnn-n6vw-gygb

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/rh-python36-python-pip@9.0.1-5%3Farch=el7

url pkg:rpm/redhat/rh-python36-python-virtualenv@15.1.0-3?arch=el6

purl pkg:rpm/redhat/rh-python36-python-virtualenv@15.1.0-3?arch=el6

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-57c6-hx7f-efc6

vulnerability	VCID-efdj-sb7s-p3fk

vulnerability	VCID-gkfp-ga1r-jkag

vulnerability	VCID-gvgx-eq9r-d3d2

vulnerability	VCID-tyk4-kazt-kydj

vulnerability	VCID-v84j-ugn9-w3c8

vulnerability	VCID-vrnn-n6vw-gygb

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/rh-python36-python-virtualenv@15.1.0-3%3Farch=el6

url pkg:rpm/redhat/rh-python36-python-virtualenv@15.1.0-3?arch=el7

purl pkg:rpm/redhat/rh-python36-python-virtualenv@15.1.0-3?arch=el7

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-57c6-hx7f-efc6

vulnerability	VCID-efdj-sb7s-p3fk

vulnerability	VCID-gkfp-ga1r-jkag

vulnerability	VCID-gvgx-eq9r-d3d2

vulnerability	VCID-tyk4-kazt-kydj

vulnerability	VCID-v84j-ugn9-w3c8

vulnerability	VCID-vrnn-n6vw-gygb

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/rh-python36-python-virtualenv@15.1.0-3%3Farch=el7

url pkg:rpm/redhat/rh-python38-python@3.8.6-1?arch=el7

purl pkg:rpm/redhat/rh-python38-python@3.8.6-1?arch=el7

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-efdj-sb7s-p3fk

vulnerability	VCID-gvgx-eq9r-d3d2

vulnerability	VCID-gxkt-bvtg-gbaj

vulnerability	VCID-tyk4-kazt-kydj

vulnerability	VCID-v7cw-w79c-zfbh

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/rh-python38-python@3.8.6-1%3Farch=el7

url pkg:rpm/redhat/rh-python38-python-psutil@5.6.4-5?arch=el7

purl pkg:rpm/redhat/rh-python38-python-psutil@5.6.4-5?arch=el7

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-efdj-sb7s-p3fk

vulnerability	VCID-gvgx-eq9r-d3d2

vulnerability	VCID-gxkt-bvtg-gbaj

vulnerability	VCID-tyk4-kazt-kydj

vulnerability	VCID-v7cw-w79c-zfbh

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/rh-python38-python-psutil@5.6.4-5%3Farch=el7

url pkg:rpm/redhat/rh-python38-python-urllib3@1.25.7-6?arch=el7

purl pkg:rpm/redhat/rh-python38-python-urllib3@1.25.7-6?arch=el7

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-efdj-sb7s-p3fk

vulnerability	VCID-gvgx-eq9r-d3d2

vulnerability	VCID-gxkt-bvtg-gbaj

vulnerability	VCID-tyk4-kazt-kydj

vulnerability	VCID-v7cw-w79c-zfbh

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/rh-python38-python-urllib3@1.25.7-6%3Farch=el7

References

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-26116.json

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-26116.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2020-26116

reference_id

reference_type

scores

value	0.00903
scoring_system	epss
scoring_elements	0.75643
published_at	2026-04-01T12:55:00Z

value	0.00903
scoring_system	epss
scoring_elements	0.75645
published_at	2026-04-02T12:55:00Z

value	0.00903
scoring_system	epss
scoring_elements	0.75676
published_at	2026-04-04T12:55:00Z

value	0.00903
scoring_system	epss
scoring_elements	0.75655
published_at	2026-04-07T12:55:00Z

value	0.00903
scoring_system	epss
scoring_elements	0.7569
published_at	2026-04-08T12:55:00Z

value	0.00903
scoring_system	epss
scoring_elements	0.75706
published_at	2026-04-12T12:55:00Z

value	0.00903
scoring_system	epss
scoring_elements	0.75699
published_at	2026-04-13T12:55:00Z

value	0.00903
scoring_system	epss
scoring_elements	0.757
published_at	2026-04-09T12:55:00Z

value	0.00903
scoring_system	epss
scoring_elements	0.75725
published_at	2026-04-11T12:55:00Z

value	0.01017
scoring_system	epss
scoring_elements	0.7722
published_at	2026-04-16T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2020-26116

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-26116
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-26116

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	6.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1883014
reference_id	1883014
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1883014

reference_url	https://security.gentoo.org/glsa/202101-18
reference_id	GLSA-202101-18
reference_type
scores
url	https://security.gentoo.org/glsa/202101-18

reference_url	https://access.redhat.com/errata/RHSA-2020:4273
reference_id	RHSA-2020:4273
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:4273

reference_url	https://access.redhat.com/errata/RHSA-2020:4285
reference_id	RHSA-2020:4285
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:4285

reference_url	https://access.redhat.com/errata/RHSA-2020:4299
reference_id	RHSA-2020:4299
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:4299

reference_url	https://access.redhat.com/errata/RHSA-2021:1633
reference_id	RHSA-2021:1633
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:1633

reference_url	https://access.redhat.com/errata/RHSA-2021:1761
reference_id	RHSA-2021:1761
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:1761

reference_url	https://access.redhat.com/errata/RHSA-2021:1879
reference_id	RHSA-2021:1879
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:1879

reference_url	https://access.redhat.com/errata/RHSA-2021:3366
reference_id	RHSA-2021:3366
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:3366

reference_url	https://access.redhat.com/errata/RHSA-2022:5235
reference_id	RHSA-2022:5235
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:5235

reference_url	https://usn.ubuntu.com/4581-1/
reference_id	USN-4581-1
reference_type
scores
url	https://usn.ubuntu.com/4581-1/

reference_url	https://usn.ubuntu.com/4754-3/
reference_id	USN-4754-3
reference_type
scores
url	https://usn.ubuntu.com/4754-3/

reference_url	https://usn.ubuntu.com/6891-1/
reference_id	USN-6891-1
reference_type
scores
url	https://usn.ubuntu.com/6891-1/

Weaknesses

cwe_id	113
name	Improper Neutralization of CRLF Sequences in HTTP Headers ('HTTP Request/Response Splitting')
description	The product receives data from an HTTP agent/component (e.g., web server, proxy, browser, etc.), but it does not neutralize or incorrectly neutralizes CR and LF characters before the data is included in outgoing HTTP headers.

Exploits

Severity_range_score 6.5 - 6.8

Exploitability 0.5

Weighted_severity 5.9

Risk_score 3.0

Resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-gvgx-eq9r-d3d2

Vulnerability Instance