Django REST framework

Vulnerability Instance

Lookup for vulnerabilities affecting packages.

Vulnerability_idVCID-6a6z-bq7m-c3gf
Summarycrypto/x509: Panic in name constraint checking for malformed certificates in crypto/x509
Aliases
0
alias CVE-2026-27138
Fixed_packages
0
url pkg:apk/alpine/go@1.25.8-r0?arch=loongarch64&distroversion=edge&reponame=community
purl pkg:apk/alpine/go@1.25.8-r0?arch=loongarch64&distroversion=edge&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/go@1.25.8-r0%3Farch=loongarch64&distroversion=edge&reponame=community
1
url pkg:apk/alpine/go@1.25.8-r0?arch=aarch64&distroversion=edge&reponame=community
purl pkg:apk/alpine/go@1.25.8-r0?arch=aarch64&distroversion=edge&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/go@1.25.8-r0%3Farch=aarch64&distroversion=edge&reponame=community
2
url pkg:apk/alpine/go@1.25.8-r0?arch=armhf&distroversion=edge&reponame=community
purl pkg:apk/alpine/go@1.25.8-r0?arch=armhf&distroversion=edge&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/go@1.25.8-r0%3Farch=armhf&distroversion=edge&reponame=community
3
url pkg:apk/alpine/go@1.25.8-r0?arch=armv7&distroversion=edge&reponame=community
purl pkg:apk/alpine/go@1.25.8-r0?arch=armv7&distroversion=edge&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/go@1.25.8-r0%3Farch=armv7&distroversion=edge&reponame=community
4
url pkg:apk/alpine/go@1.25.8-r0?arch=riscv64&distroversion=edge&reponame=community
purl pkg:apk/alpine/go@1.25.8-r0?arch=riscv64&distroversion=edge&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/go@1.25.8-r0%3Farch=riscv64&distroversion=edge&reponame=community
5
url pkg:apk/alpine/go@1.25.8-r0?arch=x86&distroversion=edge&reponame=community
purl pkg:apk/alpine/go@1.25.8-r0?arch=x86&distroversion=edge&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/go@1.25.8-r0%3Farch=x86&distroversion=edge&reponame=community
6
url pkg:apk/alpine/go@1.25.8-r0?arch=x86_64&distroversion=edge&reponame=community
purl pkg:apk/alpine/go@1.25.8-r0?arch=x86_64&distroversion=edge&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/go@1.25.8-r0%3Farch=x86_64&distroversion=edge&reponame=community
7
url pkg:apk/alpine/go@1.25.8-r0?arch=ppc64le&distroversion=edge&reponame=community
purl pkg:apk/alpine/go@1.25.8-r0?arch=ppc64le&distroversion=edge&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/go@1.25.8-r0%3Farch=ppc64le&distroversion=edge&reponame=community
8
url pkg:apk/alpine/go@1.25.8-r0?arch=s390x&distroversion=edge&reponame=community
purl pkg:apk/alpine/go@1.25.8-r0?arch=s390x&distroversion=edge&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/go@1.25.8-r0%3Farch=s390x&distroversion=edge&reponame=community
9
url pkg:deb/debian/golang-1.15@0?distro=bullseye
purl pkg:deb/debian/golang-1.15@0?distro=bullseye
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-1.15@0%3Fdistro=bullseye
10
url pkg:deb/debian/golang-1.15@1.15.15-1~deb11u4?distro=bullseye
purl pkg:deb/debian/golang-1.15@1.15.15-1~deb11u4?distro=bullseye
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-1.15@1.15.15-1~deb11u4%3Fdistro=bullseye
11
url pkg:deb/debian/golang-1.19@0?distro=bookworm
purl pkg:deb/debian/golang-1.19@0?distro=bookworm
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-1.19@0%3Fdistro=bookworm
12
url pkg:deb/debian/golang-1.19@1.19.8-2?distro=bookworm
purl pkg:deb/debian/golang-1.19@1.19.8-2?distro=bookworm
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-1.19@1.19.8-2%3Fdistro=bookworm
13
url pkg:deb/debian/golang-1.24@0?distro=trixie
purl pkg:deb/debian/golang-1.24@0?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-1.24@0%3Fdistro=trixie
14
url pkg:deb/debian/golang-1.24@1.24.4-1?distro=trixie
purl pkg:deb/debian/golang-1.24@1.24.4-1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1aty-87pz-5yb8
1
vulnerability VCID-254d-pjst-c7hx
2
vulnerability VCID-3nqb-6mna-jyb4
3
vulnerability VCID-5n8q-zcds-gyen
4
vulnerability VCID-5q9b-a7c4-1yht
5
vulnerability VCID-7n3z-vwk2-3ydr
6
vulnerability VCID-9ky3-s2vk-cuge
7
vulnerability VCID-br2f-7ux9-hkhg
8
vulnerability VCID-bv1f-bee8-cbek
9
vulnerability VCID-csmt-e61b-tued
10
vulnerability VCID-dp1t-v58b-43du
11
vulnerability VCID-dtt9-gmqf-nbaf
12
vulnerability VCID-eyev-qpgs-hfbx
13
vulnerability VCID-hay4-q9m3-ekdj
14
vulnerability VCID-je6z-v5qw-ufew
15
vulnerability VCID-mvsr-c2yh-mbdq
16
vulnerability VCID-q9yj-ze4x-qyfr
17
vulnerability VCID-rvbr-nser-sfe7
18
vulnerability VCID-sb3w-x3yv-ffft
19
vulnerability VCID-t2dr-6dz3-7qgt
20
vulnerability VCID-usyf-s559-pkgx
21
vulnerability VCID-wchc-as62-1fae
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-1.24@1.24.4-1%3Fdistro=trixie
15
url pkg:deb/debian/golang-1.24@1.24.13-2?distro=trixie
purl pkg:deb/debian/golang-1.24@1.24.13-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-1.24@1.24.13-2%3Fdistro=trixie
16
url pkg:deb/debian/golang-1.25@0?distro=sid
purl pkg:deb/debian/golang-1.25@0?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-1.25@0%3Fdistro=sid
17
url pkg:deb/debian/golang-1.25@1.25.8-1?distro=sid
purl pkg:deb/debian/golang-1.25@1.25.8-1?distro=sid
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-245f-jhkn-w3ck
1
vulnerability VCID-91yp-p6st-8ucd
2
vulnerability VCID-ju53-xpej-3qca
3
vulnerability VCID-s176-xcrb-e3ea
4
vulnerability VCID-svbs-h3y5-wfbn
5
vulnerability VCID-t19m-gs1u-rbfp
6
vulnerability VCID-tf52-aa91-4kf3
7
vulnerability VCID-tmb1-tq9e-puhd
8
vulnerability VCID-vw1r-8zev-ykf4
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-1.25@1.25.8-1%3Fdistro=sid
18
url pkg:deb/debian/golang-1.25@1.25.9-1?distro=sid
purl pkg:deb/debian/golang-1.25@1.25.9-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-1.25@1.25.9-1%3Fdistro=sid
19
url pkg:deb/debian/golang-1.26@1.26.1-1?distro=sid
purl pkg:deb/debian/golang-1.26@1.26.1-1?distro=sid
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-245f-jhkn-w3ck
1
vulnerability VCID-91yp-p6st-8ucd
2
vulnerability VCID-gtys-5r5h-p7ht
3
vulnerability VCID-ju53-xpej-3qca
4
vulnerability VCID-s176-xcrb-e3ea
5
vulnerability VCID-svbs-h3y5-wfbn
6
vulnerability VCID-t19m-gs1u-rbfp
7
vulnerability VCID-tf52-aa91-4kf3
8
vulnerability VCID-tmb1-tq9e-puhd
9
vulnerability VCID-vw1r-8zev-ykf4
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-1.26@1.26.1-1%3Fdistro=sid
20
url pkg:deb/debian/golang-1.26@1.26.2-1?distro=sid
purl pkg:deb/debian/golang-1.26@1.26.2-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-1.26@1.26.2-1%3Fdistro=sid
Affected_packages
References
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-27138.json
reference_id
reference_type
scores
0
value 3.7
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-27138.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-27138
reference_id
reference_type
scores
0
value 0.0002
scoring_system epss
scoring_elements 0.05245
published_at 2026-04-04T12:55:00Z
1
value 0.0002
scoring_system epss
scoring_elements 0.05215
published_at 2026-04-02T12:55:00Z
2
value 0.00021
scoring_system epss
scoring_elements 0.05741
published_at 2026-04-16T12:55:00Z
3
value 0.00021
scoring_system epss
scoring_elements 0.05749
published_at 2026-04-18T12:55:00Z
4
value 0.00021
scoring_system epss
scoring_elements 0.05788
published_at 2026-04-08T12:55:00Z
5
value 0.00021
scoring_system epss
scoring_elements 0.05813
published_at 2026-04-09T12:55:00Z
6
value 0.00021
scoring_system epss
scoring_elements 0.05792
published_at 2026-04-11T12:55:00Z
7
value 0.00021
scoring_system epss
scoring_elements 0.05784
published_at 2026-04-12T12:55:00Z
8
value 0.00021
scoring_system epss
scoring_elements 0.05778
published_at 2026-04-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-27138
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2445344
reference_id 2445344
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2445344
4
reference_url https://go.dev/cl/752183
reference_id 752183
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-10T13:34:15Z/
url https://go.dev/cl/752183
5
reference_url https://go.dev/issue/77953
reference_id 77953
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-10T13:34:15Z/
url https://go.dev/issue/77953
6
reference_url https://groups.google.com/g/golang-announce/c/EdhZqrQ98hk
reference_id EdhZqrQ98hk
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-10T13:34:15Z/
url https://groups.google.com/g/golang-announce/c/EdhZqrQ98hk
7
reference_url https://pkg.go.dev/vuln/GO-2026-4600
reference_id GO-2026-4600
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-10T13:34:15Z/
url https://pkg.go.dev/vuln/GO-2026-4600
Weaknesses
0
cwe_id 295
name Improper Certificate Validation
description The product does not validate, or incorrectly validates, a certificate.
1
cwe_id 1285
name Improper Validation of Specified Index, Position, or Offset in Input
description The product receives input that is expected to specify an index, position, or offset into an indexable resource such as a buffer or file, but it does not validate or incorrectly validates that the specified index/position/offset has the required properties.
Exploits
Severity_range_score3.7 - 7.5
Exploitabilitynull
Weighted_severitynull
Risk_scorenull
Resource_urlhttp://public2.vulnerablecode.io/vulnerabilities/VCID-6a6z-bq7m-c3gf