Django REST framework

Vulnerability Instance

Lookup for vulnerabilities affecting packages.

Vulnerability_idVCID-ysee-ywmb-zkep
SummaryMultiple heap-based buffer overflows in Libextractor 0.5.13 and earlier allow remote attackers to execute arbitrary code via (1) the asf_read_header function in the ASF plugin (plugins/asfextractor.c), and (2) the parse_trak_atom function in the QT plugin (plugins/qtextractor.c).
Aliases
0
alias CVE-2006-2458
1
alias GHSA-f836-7jqw-3684
2
alias PYSEC-2006-4
Fixed_packages
0
url pkg:deb/debian/libextractor@0.5.14-1?distro=trixie
purl pkg:deb/debian/libextractor@0.5.14-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libextractor@0.5.14-1%3Fdistro=trixie
1
url pkg:deb/debian/libextractor@0.5.16-2
purl pkg:deb/debian/libextractor@0.5.16-2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1xdm-2dj5-jkc7
1
vulnerability VCID-2auw-wc6u-ekcs
2
vulnerability VCID-3bg1-rwze-kuhw
3
vulnerability VCID-5ymr-xk84-8uh3
4
vulnerability VCID-ahs6-mesc-yqhm
5
vulnerability VCID-bdsg-x852-wfgn
6
vulnerability VCID-kpcg-4av4-gka8
7
vulnerability VCID-kxcz-d7a4-77e8
8
vulnerability VCID-tc8j-82se-qfbk
9
vulnerability VCID-tubv-28uu-2uh8
10
vulnerability VCID-x3k6-yrp9-9ud9
11
vulnerability VCID-xyab-d3gr-zkdw
12
vulnerability VCID-xzye-g5rw-fyh5
13
vulnerability VCID-zd6d-q8xx-zud6
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libextractor@0.5.16-2
2
url pkg:deb/debian/libextractor@1:1.11-2?distro=trixie
purl pkg:deb/debian/libextractor@1:1.11-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libextractor@1:1.11-2%3Fdistro=trixie
3
url pkg:deb/debian/libextractor@1:1.11-7?distro=trixie
purl pkg:deb/debian/libextractor@1:1.11-7?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libextractor@1:1.11-7%3Fdistro=trixie
4
url pkg:deb/debian/libextractor@1:1.13-8?distro=trixie
purl pkg:deb/debian/libextractor@1:1.13-8?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libextractor@1:1.13-8%3Fdistro=trixie
5
url pkg:deb/debian/libextractor@1:1.13-10?distro=trixie
purl pkg:deb/debian/libextractor@1:1.13-10?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libextractor@1:1.13-10%3Fdistro=trixie
6
url pkg:ebuild/media-libs/libextractor@0.5.14
purl pkg:ebuild/media-libs/libextractor@0.5.14
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/media-libs/libextractor@0.5.14
Affected_packages
0
url pkg:deb/debian/libextractor@0.4.2-2sarge6
purl pkg:deb/debian/libextractor@0.4.2-2sarge6
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1xdm-2dj5-jkc7
1
vulnerability VCID-1z9b-trb7-2ubp
2
vulnerability VCID-2auw-wc6u-ekcs
3
vulnerability VCID-3bg1-rwze-kuhw
4
vulnerability VCID-4p26-wkq3-v3b2
5
vulnerability VCID-5q1h-7uk2-nkhx
6
vulnerability VCID-5ymr-xk84-8uh3
7
vulnerability VCID-8uds-zs9k-47en
8
vulnerability VCID-ahs6-mesc-yqhm
9
vulnerability VCID-bdsg-x852-wfgn
10
vulnerability VCID-bkr4-sab1-5ka2
11
vulnerability VCID-durs-kj4r-jbf2
12
vulnerability VCID-fct6-695j-t7bs
13
vulnerability VCID-kgk7-hqby-wkez
14
vulnerability VCID-kpcg-4av4-gka8
15
vulnerability VCID-kxcz-d7a4-77e8
16
vulnerability VCID-mg1z-d7y8-dfaj
17
vulnerability VCID-qayv-8u9a-83h4
18
vulnerability VCID-sv3r-4tym-qua5
19
vulnerability VCID-tc8j-82se-qfbk
20
vulnerability VCID-tubv-28uu-2uh8
21
vulnerability VCID-utex-65f9-53cq
22
vulnerability VCID-wpgs-8fw5-wbhe
23
vulnerability VCID-x3k6-yrp9-9ud9
24
vulnerability VCID-xqh5-sxfb-gueh
25
vulnerability VCID-xyab-d3gr-zkdw
26
vulnerability VCID-xzye-g5rw-fyh5
27
vulnerability VCID-ysee-ywmb-zkep
28
vulnerability VCID-zd6d-q8xx-zud6
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libextractor@0.4.2-2sarge6
1
url pkg:pypi/extractor@0.5
purl pkg:pypi/extractor@0.5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-ysee-ywmb-zkep
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/extractor@0.5
References
0
reference_url http://gnunet.org/libextractor
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://gnunet.org/libextractor
1
reference_url http://gnunet.org/libextractor/
reference_id
reference_type
scores
url http://gnunet.org/libextractor/
2
reference_url https://api.first.org/data/v1/epss?cve=CVE-2006-2458
reference_id
reference_type
scores
0
value 0.19115
scoring_system epss
scoring_elements 0.95357
published_at 2026-04-18T12:55:00Z
1
value 0.19115
scoring_system epss
scoring_elements 0.95324
published_at 2026-04-04T12:55:00Z
2
value 0.19115
scoring_system epss
scoring_elements 0.95329
published_at 2026-04-07T12:55:00Z
3
value 0.19115
scoring_system epss
scoring_elements 0.95335
published_at 2026-04-08T12:55:00Z
4
value 0.19115
scoring_system epss
scoring_elements 0.95339
published_at 2026-04-09T12:55:00Z
5
value 0.19115
scoring_system epss
scoring_elements 0.95344
published_at 2026-04-12T12:55:00Z
6
value 0.19115
scoring_system epss
scoring_elements 0.95346
published_at 2026-04-13T12:55:00Z
7
value 0.19115
scoring_system epss
scoring_elements 0.95354
published_at 2026-04-16T12:55:00Z
8
value 0.19115
scoring_system epss
scoring_elements 0.95307
published_at 2026-04-01T12:55:00Z
9
value 0.19115
scoring_system epss
scoring_elements 0.95318
published_at 2026-04-02T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2006-2458
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2458
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2458
4
reference_url http://secunia.com/advisories/20150
reference_id
reference_type
scores
url http://secunia.com/advisories/20150
5
reference_url http://secunia.com/advisories/20160
reference_id
reference_type
scores
url http://secunia.com/advisories/20160
6
reference_url http://secunia.com/advisories/20326
reference_id
reference_type
scores
url http://secunia.com/advisories/20326
7
reference_url http://secunia.com/advisories/20457
reference_id
reference_type
scores
url http://secunia.com/advisories/20457
8
reference_url http://securityreason.com/securityalert/916
reference_id
reference_type
scores
url http://securityreason.com/securityalert/916
9
reference_url http://securitytracker.com/id?1016118
reference_id
reference_type
scores
url http://securitytracker.com/id?1016118
10
reference_url https://exchange.xforce.ibmcloud.com/vulnerabilities/26531
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://exchange.xforce.ibmcloud.com/vulnerabilities/26531
11
reference_url https://exchange.xforce.ibmcloud.com/vulnerabilities/26532
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://exchange.xforce.ibmcloud.com/vulnerabilities/26532
12
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/extractor/PYSEC-2006-4.yaml
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/extractor/PYSEC-2006-4.yaml
13
reference_url http://www.debian.org/security/2006/dsa-1081
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.debian.org/security/2006/dsa-1081
14
reference_url http://www.gentoo.org/security/en/glsa/glsa-200605-14.xml
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.gentoo.org/security/en/glsa/glsa-200605-14.xml
15
reference_url http://www.novell.com/linux/security/advisories/2006-06-02.html
reference_id
reference_type
scores
url http://www.novell.com/linux/security/advisories/2006-06-02.html
16
reference_url http://www.securityfocus.com/archive/1/434288/100/0/threaded
reference_id
reference_type
scores
url http://www.securityfocus.com/archive/1/434288/100/0/threaded
17
reference_url http://www.securityfocus.com/bid/18021
reference_id
reference_type
scores
url http://www.securityfocus.com/bid/18021
18
reference_url http://www.vupen.com/english/advisories/2006/1848
reference_id
reference_type
scores
url http://www.vupen.com/english/advisories/2006/1848
19
reference_url https://nvd.nist.gov/vuln/detail/CVE-2006-2458
reference_id CVE-2006-2458
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2006-2458
20
reference_url https://github.com/advisories/GHSA-f836-7jqw-3684
reference_id GHSA-f836-7jqw-3684
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-f836-7jqw-3684
21
reference_url https://security.gentoo.org/glsa/200605-14
reference_id GLSA-200605-14
reference_type
scores
url https://security.gentoo.org/glsa/200605-14
22
reference_url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/dos/1801.txt
reference_id OSVDB-25664;CVE-2006-2458;OSVDB-25663
reference_type exploit
scores
url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/dos/1801.txt
Weaknesses
0
cwe_id 937
name OWASP Top Ten 2013 Category A9 - Using Components with Known Vulnerabilities
description Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2013.
1
cwe_id 1035
name OWASP Top Ten 2017 Category A9 - Using Components with Known Vulnerabilities
description Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2017.
Exploits
0
date_added 2006-05-16
description libextractor 0.5.13 - Multiple Heap Overflows (PoC)
required_action null
due_date null
notes null
known_ransomware_campaign_use true
source_date_published 2006-05-17
exploit_type dos
platform multiple
source_date_updated 2016-07-29
data_source Exploit-DB
source_url
Severity_range_score4.0 - 6.9
Exploitability2.0
Weighted_severity6.2
Risk_score10.0
Resource_urlhttp://public2.vulnerablecode.io/vulnerabilities/VCID-ysee-ywmb-zkep