Django REST framework

Vulnerability Instance

Lookup for vulnerabilities affecting packages.

Vulnerability_idVCID-cg4b-6e8x-q3df
Summaryzsh: buffer overrun in symlinks
Aliases
0
alias CVE-2017-18206
Fixed_packages
0
url pkg:deb/debian/zsh@5.4.1-1?distro=trixie
purl pkg:deb/debian/zsh@5.4.1-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/zsh@5.4.1-1%3Fdistro=trixie
1
url pkg:deb/debian/zsh@5.8-6%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/zsh@5.8-6%2Bdeb11u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/zsh@5.8-6%252Bdeb11u1%3Fdistro=trixie
2
url pkg:deb/debian/zsh@5.9-4?distro=trixie
purl pkg:deb/debian/zsh@5.9-4?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/zsh@5.9-4%3Fdistro=trixie
3
url pkg:deb/debian/zsh@5.9-8?distro=trixie
purl pkg:deb/debian/zsh@5.9-8?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/zsh@5.9-8%3Fdistro=trixie
4
url pkg:ebuild/app-shells/zsh@5.5
purl pkg:ebuild/app-shells/zsh@5.5
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/app-shells/zsh@5.5
Affected_packages
0
url pkg:rpm/redhat/zsh@4.3.11-8?arch=el6
purl pkg:rpm/redhat/zsh@4.3.11-8?arch=el6
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-8yxh-yjg6-xfee
1
vulnerability VCID-cg4b-6e8x-q3df
2
vulnerability VCID-e99p-x9s7-cbgq
3
vulnerability VCID-uxpx-5d4y-nfhc
resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/zsh@4.3.11-8%3Farch=el6
1
url pkg:rpm/redhat/zsh@5.0.2-31?arch=el7
purl pkg:rpm/redhat/zsh@5.0.2-31?arch=el7
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-76vv-2fcf-vuct
1
vulnerability VCID-8yxh-yjg6-xfee
2
vulnerability VCID-cg4b-6e8x-q3df
3
vulnerability VCID-e99p-x9s7-cbgq
4
vulnerability VCID-k4yz-hdfb-q3eu
5
vulnerability VCID-mduk-jw51-9bbn
6
vulnerability VCID-uxpx-5d4y-nfhc
7
vulnerability VCID-yd6c-52h4-p3e2
resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/zsh@5.0.2-31%3Farch=el7
References
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-18206.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-18206.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2017-18206
reference_id
reference_type
scores
0
value 0.00396
scoring_system epss
scoring_elements 0.6072
published_at 2026-05-29T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2017-18206
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-18206
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-18206
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1549861
reference_id 1549861
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1549861
5
reference_url https://security.gentoo.org/glsa/201805-10
reference_id GLSA-201805-10
reference_type
scores
url https://security.gentoo.org/glsa/201805-10
6
reference_url https://access.redhat.com/errata/RHSA-2018:1932
reference_id RHSA-2018:1932
reference_type
scores
url https://access.redhat.com/errata/RHSA-2018:1932
7
reference_url https://access.redhat.com/errata/RHSA-2018:3073
reference_id RHSA-2018:3073
reference_type
scores
url https://access.redhat.com/errata/RHSA-2018:3073
8
reference_url https://usn.ubuntu.com/3593-1/
reference_id USN-3593-1
reference_type
scores
url https://usn.ubuntu.com/3593-1/
Weaknesses
0
cwe_id 120
name Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
description The product copies an input buffer to an output buffer without verifying that the size of the input buffer is less than the size of the output buffer, leading to a buffer overflow.
1
cwe_id 121
name Stack-based Buffer Overflow
description A stack-based buffer overflow condition is a condition where the buffer being overwritten is allocated on the stack (i.e., is a local variable or, rarely, a parameter to a function).
Exploits
Severity_range_score5.3 - 7.5
Exploitabilitynull
Weighted_severitynull
Risk_scorenull
Resource_urlhttp://public2.vulnerablecode.io/vulnerabilities/VCID-cg4b-6e8x-q3df