Django REST framework

Vulnerability Instance

Lookup for vulnerabilities affecting packages.

Vulnerability_idVCID-dxhw-y156-2kfz
Summary
Kubernetes API Server DoS Via API Requests
The Kubernetes API server component in Kubernetes versions prior to 1.15.9, 1.16.0-1.16.6, and 1.17.0-1.17.2 has been found to be vulnerable to a denial of service attack via successful API requests.
Aliases
0
alias CVE-2020-8552
1
alias GHSA-82hx-w2r5-c2wq
Fixed_packages
0
url pkg:deb/debian/kubernetes@1.17.4-1?distro=trixie
purl pkg:deb/debian/kubernetes@1.17.4-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.17.4-1%3Fdistro=trixie
1
url pkg:deb/debian/kubernetes@1.20.5%2Breally1.20.2-1?distro=trixie
purl pkg:deb/debian/kubernetes@1.20.5%2Breally1.20.2-1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-42kp-8t9h-dfat
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.20.5%252Breally1.20.2-1%3Fdistro=trixie
2
url pkg:deb/debian/kubernetes@1.20.5%2Breally1.20.2-1.1%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/kubernetes@1.20.5%2Breally1.20.2-1.1%2Bdeb12u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.20.5%252Breally1.20.2-1.1%252Bdeb12u1%3Fdistro=trixie
3
url pkg:deb/debian/kubernetes@1.32.3%2Bds-2?distro=trixie
purl pkg:deb/debian/kubernetes@1.32.3%2Bds-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.32.3%252Bds-2%3Fdistro=trixie
4
url pkg:deb/debian/kubernetes@1.33.4%2Bds-1?distro=trixie
purl pkg:deb/debian/kubernetes@1.33.4%2Bds-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.33.4%252Bds-1%3Fdistro=trixie
5
url pkg:golang/k8s.io/apiserver@0.15.10
purl pkg:golang/k8s.io/apiserver@0.15.10
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:golang/k8s.io/apiserver@0.15.10
6
url pkg:golang/k8s.io/apiserver@0.16.7
purl pkg:golang/k8s.io/apiserver@0.16.7
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:golang/k8s.io/apiserver@0.16.7
7
url pkg:golang/k8s.io/apiserver@0.17.3
purl pkg:golang/k8s.io/apiserver@0.17.3
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:golang/k8s.io/apiserver@0.17.3
Affected_packages
0
url pkg:rpm/redhat/atomic-enterprise-service-catalog@1:3.11.219-1.git.1.717017c?arch=el7
purl pkg:rpm/redhat/atomic-enterprise-service-catalog@1:3.11.219-1.git.1.717017c?arch=el7
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-dxhw-y156-2kfz
resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/atomic-enterprise-service-catalog@1:3.11.219-1.git.1.717017c%3Farch=el7
1
url pkg:rpm/redhat/atomic-openshift@3.11.219-1.git.0.0c21387?arch=el7
purl pkg:rpm/redhat/atomic-openshift@3.11.219-1.git.0.0c21387?arch=el7
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-dxhw-y156-2kfz
resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/atomic-openshift@3.11.219-1.git.0.0c21387%3Farch=el7
2
url pkg:rpm/redhat/atomic-openshift@3.11.248-1.git.0.92ee8ac?arch=el7
purl pkg:rpm/redhat/atomic-openshift@3.11.248-1.git.0.92ee8ac?arch=el7
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-dxhw-y156-2kfz
1
vulnerability VCID-tc46-9vdm-xudz
2
vulnerability VCID-vfxz-vfmr-w3d1
resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/atomic-openshift@3.11.248-1.git.0.92ee8ac%3Farch=el7
3
url pkg:rpm/redhat/atomic-openshift-cluster-autoscaler@3.11.219-1.git.1.1ad3e34?arch=el7
purl pkg:rpm/redhat/atomic-openshift-cluster-autoscaler@3.11.219-1.git.1.1ad3e34?arch=el7
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-dxhw-y156-2kfz
resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/atomic-openshift-cluster-autoscaler@3.11.219-1.git.1.1ad3e34%3Farch=el7
4
url pkg:rpm/redhat/atomic-openshift-descheduler@3.11.219-1.git.1.7e5b9ee?arch=el7
purl pkg:rpm/redhat/atomic-openshift-descheduler@3.11.219-1.git.1.7e5b9ee?arch=el7
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-dxhw-y156-2kfz
resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/atomic-openshift-descheduler@3.11.219-1.git.1.7e5b9ee%3Farch=el7
5
url pkg:rpm/redhat/atomic-openshift-dockerregistry@3.11.219-1.git.1.8323991?arch=el7
purl pkg:rpm/redhat/atomic-openshift-dockerregistry@3.11.219-1.git.1.8323991?arch=el7
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-dxhw-y156-2kfz
resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/atomic-openshift-dockerregistry@3.11.219-1.git.1.8323991%3Farch=el7
6
url pkg:rpm/redhat/atomic-openshift-metrics-server@3.11.219-1.git.1.6fe54fb?arch=el7
purl pkg:rpm/redhat/atomic-openshift-metrics-server@3.11.219-1.git.1.6fe54fb?arch=el7
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-dxhw-y156-2kfz
resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/atomic-openshift-metrics-server@3.11.219-1.git.1.6fe54fb%3Farch=el7
7
url pkg:rpm/redhat/atomic-openshift-node-problem-detector@3.11.219-1.git.1.5ae8753?arch=el7
purl pkg:rpm/redhat/atomic-openshift-node-problem-detector@3.11.219-1.git.1.5ae8753?arch=el7
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-dxhw-y156-2kfz
resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/atomic-openshift-node-problem-detector@3.11.219-1.git.1.5ae8753%3Farch=el7
8
url pkg:rpm/redhat/atomic-openshift-service-idler@3.11.219-1.git.1.958cdae?arch=el7
purl pkg:rpm/redhat/atomic-openshift-service-idler@3.11.219-1.git.1.958cdae?arch=el7
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-dxhw-y156-2kfz
resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/atomic-openshift-service-idler@3.11.219-1.git.1.958cdae%3Farch=el7
9
url pkg:rpm/redhat/golang-github-openshift-oauth-proxy@3.11.219-1.git.1.076ae14?arch=el7
purl pkg:rpm/redhat/golang-github-openshift-oauth-proxy@3.11.219-1.git.1.076ae14?arch=el7
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-dxhw-y156-2kfz
resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/golang-github-openshift-oauth-proxy@3.11.219-1.git.1.076ae14%3Farch=el7
10
url pkg:rpm/redhat/golang-github-prometheus-alertmanager@3.11.219-1.git.1.9a593f8?arch=el7
purl pkg:rpm/redhat/golang-github-prometheus-alertmanager@3.11.219-1.git.1.9a593f8?arch=el7
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-dxhw-y156-2kfz
resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/golang-github-prometheus-alertmanager@3.11.219-1.git.1.9a593f8%3Farch=el7
11
url pkg:rpm/redhat/golang-github-prometheus-node_exporter@3.11.219-1.git.1.7fa9674?arch=el7
purl pkg:rpm/redhat/golang-github-prometheus-node_exporter@3.11.219-1.git.1.7fa9674?arch=el7
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-dxhw-y156-2kfz
resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/golang-github-prometheus-node_exporter@3.11.219-1.git.1.7fa9674%3Farch=el7
12
url pkg:rpm/redhat/golang-github-prometheus-prometheus@3.11.219-1.git.1.3f6e657?arch=el7
purl pkg:rpm/redhat/golang-github-prometheus-prometheus@3.11.219-1.git.1.3f6e657?arch=el7
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-dxhw-y156-2kfz
resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/golang-github-prometheus-prometheus@3.11.219-1.git.1.3f6e657%3Farch=el7
13
url pkg:rpm/redhat/openshift@4.2.29-202004110432.git.0.f7d02c8?arch=el8
purl pkg:rpm/redhat/openshift@4.2.29-202004110432.git.0.f7d02c8?arch=el8
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-dxhw-y156-2kfz
resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/openshift@4.2.29-202004110432.git.0.f7d02c8%3Farch=el8
14
url pkg:rpm/redhat/openshift@4.3.9-202003230116.git.0.ebf9a26?arch=el7
purl pkg:rpm/redhat/openshift@4.3.9-202003230116.git.0.ebf9a26?arch=el7
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-dxhw-y156-2kfz
resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/openshift@4.3.9-202003230116.git.0.ebf9a26%3Farch=el7
15
url pkg:rpm/redhat/openshift-ansible@3.11.219-1.git.0.8845382?arch=el7
purl pkg:rpm/redhat/openshift-ansible@3.11.219-1.git.0.8845382?arch=el7
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-dxhw-y156-2kfz
resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/openshift-ansible@3.11.219-1.git.0.8845382%3Farch=el7
16
url pkg:rpm/redhat/openshift-enterprise-autoheal@3.11.219-1.git.1.c544df9?arch=el7
purl pkg:rpm/redhat/openshift-enterprise-autoheal@3.11.219-1.git.1.c544df9?arch=el7
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-dxhw-y156-2kfz
resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/openshift-enterprise-autoheal@3.11.219-1.git.1.c544df9%3Farch=el7
17
url pkg:rpm/redhat/openshift-enterprise-cluster-capacity@3.11.219-1.git.1.ca1ee51?arch=el7
purl pkg:rpm/redhat/openshift-enterprise-cluster-capacity@3.11.219-1.git.1.ca1ee51?arch=el7
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-dxhw-y156-2kfz
resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/openshift-enterprise-cluster-capacity@3.11.219-1.git.1.ca1ee51%3Farch=el7
18
url pkg:rpm/redhat/openshift-kuryr@3.11.219-1.git.1.717d59f?arch=el7
purl pkg:rpm/redhat/openshift-kuryr@3.11.219-1.git.1.717d59f?arch=el7
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-dxhw-y156-2kfz
resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/openshift-kuryr@3.11.219-1.git.1.717d59f%3Farch=el7
References
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-8552.json
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-8552.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-8552
reference_id
reference_type
scores
0
value 0.00074
scoring_system epss
scoring_elements 0.22426
published_at 2026-04-21T12:55:00Z
1
value 0.00074
scoring_system epss
scoring_elements 0.2241
published_at 2026-04-01T12:55:00Z
2
value 0.00074
scoring_system epss
scoring_elements 0.22577
published_at 2026-04-02T12:55:00Z
3
value 0.00074
scoring_system epss
scoring_elements 0.2262
published_at 2026-04-04T12:55:00Z
4
value 0.00074
scoring_system epss
scoring_elements 0.22407
published_at 2026-04-07T12:55:00Z
5
value 0.00074
scoring_system epss
scoring_elements 0.22488
published_at 2026-04-08T12:55:00Z
6
value 0.00074
scoring_system epss
scoring_elements 0.22543
published_at 2026-04-09T12:55:00Z
7
value 0.00074
scoring_system epss
scoring_elements 0.22561
published_at 2026-04-11T12:55:00Z
8
value 0.00074
scoring_system epss
scoring_elements 0.2252
published_at 2026-04-12T12:55:00Z
9
value 0.00074
scoring_system epss
scoring_elements 0.22465
published_at 2026-04-13T12:55:00Z
10
value 0.00074
scoring_system epss
scoring_elements 0.22481
published_at 2026-04-16T12:55:00Z
11
value 0.00074
scoring_system epss
scoring_elements 0.22477
published_at 2026-04-18T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-8552
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8552
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8552
3
reference_url https://github.com/kubernetes/kubernetes/commit/5978856c4c7f10737a11c9540fe60b8475beecbb
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/kubernetes/kubernetes/commit/5978856c4c7f10737a11c9540fe60b8475beecbb
4
reference_url https://github.com/kubernetes/kubernetes/issues/89378
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/kubernetes/kubernetes/issues/89378
5
reference_url https://github.com/kubernetes/kubernetes/pull/87669
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/kubernetes/kubernetes/pull/87669
6
reference_url https://groups.google.com/forum/#%21topic/kubernetes-security-announce/2UOlsba2g0s
reference_id
reference_type
scores
url https://groups.google.com/forum/#%21topic/kubernetes-security-announce/2UOlsba2g0s
7
reference_url https://groups.google.com/forum/#!topic/kubernetes-security-announce/2UOlsba2g0s
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://groups.google.com/forum/#!topic/kubernetes-security-announce/2UOlsba2g0s
8
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3SOCLOPTSYABTE4CLTSPDIFE6ZZZR4LX/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3SOCLOPTSYABTE4CLTSPDIFE6ZZZR4LX/
9
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3SOCLOPTSYABTE4CLTSPDIFE6ZZZR4LX
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3SOCLOPTSYABTE4CLTSPDIFE6ZZZR4LX
10
reference_url https://nvd.nist.gov/vuln/detail/CVE-2020-8552
reference_id
reference_type
scores
0
value 4.0
scoring_system cvssv2
scoring_elements AV:N/AC:L/Au:S/C:N/I:N/A:P
1
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
2
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
3
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2020-8552
11
reference_url https://security.netapp.com/advisory/ntap-20200413-0003
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://security.netapp.com/advisory/ntap-20200413-0003
12
reference_url https://security.netapp.com/advisory/ntap-20200413-0003/
reference_id
reference_type
scores
url https://security.netapp.com/advisory/ntap-20200413-0003/
13
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1797909
reference_id 1797909
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1797909
14
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:kubernetes:kubernetes:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes:*:*:*:*:*:*:*:*
15
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:32:*:*:*:*:*:*:*
reference_id cpe:2.3:o:fedoraproject:fedora:32:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:32:*:*:*:*:*:*:*
16
reference_url https://access.redhat.com/errata/RHSA-2020:0933
reference_id RHSA-2020:0933
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:0933
17
reference_url https://access.redhat.com/errata/RHSA-2020:1526
reference_id RHSA-2020:1526
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:1526
18
reference_url https://access.redhat.com/errata/RHSA-2020:1527
reference_id RHSA-2020:1527
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:1527
19
reference_url https://access.redhat.com/errata/RHSA-2020:2306
reference_id RHSA-2020:2306
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:2306
20
reference_url https://access.redhat.com/errata/RHSA-2020:2992
reference_id RHSA-2020:2992
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:2992
Weaknesses
0
cwe_id 400
name Uncontrolled Resource Consumption
description The product does not properly control the allocation and maintenance of a limited resource, thereby enabling an actor to influence the amount of resources consumed, eventually leading to the exhaustion of available resources.
1
cwe_id 770
name Allocation of Resources Without Limits or Throttling
description The product allocates a reusable resource or group of resources on behalf of an actor without imposing any restrictions on the size or number of resources that can be allocated, in violation of the intended security policy for that actor.
2
cwe_id 789
name Memory Allocation with Excessive Size Value
description The product allocates memory based on an untrusted, large size value, but it does not ensure that the size is within expected limits, allowing arbitrary amounts of memory to be allocated.
Exploits
Severity_range_score4.0 - 6.9
Exploitability0.5
Weighted_severity6.2
Risk_score3.1
Resource_urlhttp://public2.vulnerablecode.io/vulnerabilities/VCID-dxhw-y156-2kfz