Django REST framework

Vulnerability Instance

Lookup for vulnerabilities affecting packages.

Vulnerability_idVCID-cjwc-3fs8-17ef
Summarylibsoup: libsoup: HTTP Request Smuggling via malformed chunk headers
Aliases
0
alias CVE-2026-1801
Fixed_packages
0
url pkg:deb/debian/libsoup3@3.6.5-8?distro=trixie
purl pkg:deb/debian/libsoup3@3.6.5-8?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libsoup3@3.6.5-8%3Fdistro=trixie
1
url pkg:deb/debian/libsoup3@3.6.6-1?distro=trixie
purl pkg:deb/debian/libsoup3@3.6.6-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libsoup3@3.6.6-1%3Fdistro=trixie
2
url pkg:deb/debian/libsoup3@3.6.6-1
purl pkg:deb/debian/libsoup3@3.6.6-1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libsoup3@3.6.6-1
Affected_packages
0
url pkg:deb/debian/libsoup3@3.2.3-0%2Bdeb12u2
purl pkg:deb/debian/libsoup3@3.2.3-0%2Bdeb12u2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1vz1-x5py-dkg5
1
vulnerability VCID-3zqd-pcvp-a7ed
2
vulnerability VCID-4scr-ppqy-5ugf
3
vulnerability VCID-6sbg-fgfs-43b6
4
vulnerability VCID-7hhg-3u9v-nqfw
5
vulnerability VCID-9uua-rxjd-fkf6
6
vulnerability VCID-cjwc-3fs8-17ef
7
vulnerability VCID-dnrq-3tff-nfc3
8
vulnerability VCID-ka6q-xta6-ukdp
9
vulnerability VCID-mxjn-d8v7-8ubc
10
vulnerability VCID-nbx2-3qh6-tqa3
11
vulnerability VCID-nu2x-tpra-4few
12
vulnerability VCID-rd74-1427-eybf
13
vulnerability VCID-sabm-gujq-j3fb
14
vulnerability VCID-sccj-juvj-5ud5
15
vulnerability VCID-tpky-j79x-pqd4
16
vulnerability VCID-v11f-c1ed-j7d1
17
vulnerability VCID-vsry-jr8n-zba8
18
vulnerability VCID-yx68-81fu-ffar
19
vulnerability VCID-zhp7-2ks9-m7es
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libsoup3@3.2.3-0%252Bdeb12u2
1
url pkg:deb/debian/libsoup3@3.2.3-0%2Bdeb12u2?distro=trixie
purl pkg:deb/debian/libsoup3@3.2.3-0%2Bdeb12u2?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1vz1-x5py-dkg5
1
vulnerability VCID-3zqd-pcvp-a7ed
2
vulnerability VCID-4scr-ppqy-5ugf
3
vulnerability VCID-6sbg-fgfs-43b6
4
vulnerability VCID-7hhg-3u9v-nqfw
5
vulnerability VCID-9uua-rxjd-fkf6
6
vulnerability VCID-cjwc-3fs8-17ef
7
vulnerability VCID-dnrq-3tff-nfc3
8
vulnerability VCID-ka6q-xta6-ukdp
9
vulnerability VCID-mxjn-d8v7-8ubc
10
vulnerability VCID-nbx2-3qh6-tqa3
11
vulnerability VCID-nu2x-tpra-4few
12
vulnerability VCID-rd74-1427-eybf
13
vulnerability VCID-sabm-gujq-j3fb
14
vulnerability VCID-sccj-juvj-5ud5
15
vulnerability VCID-tpky-j79x-pqd4
16
vulnerability VCID-v11f-c1ed-j7d1
17
vulnerability VCID-vsry-jr8n-zba8
18
vulnerability VCID-yx68-81fu-ffar
19
vulnerability VCID-zhp7-2ks9-m7es
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libsoup3@3.2.3-0%252Bdeb12u2%3Fdistro=trixie
2
url pkg:deb/debian/libsoup3@3.6.5-3?distro=trixie
purl pkg:deb/debian/libsoup3@3.6.5-3?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1vz1-x5py-dkg5
1
vulnerability VCID-3zqd-pcvp-a7ed
2
vulnerability VCID-6sbg-fgfs-43b6
3
vulnerability VCID-cjwc-3fs8-17ef
4
vulnerability VCID-dnrq-3tff-nfc3
5
vulnerability VCID-ka6q-xta6-ukdp
6
vulnerability VCID-mxjn-d8v7-8ubc
7
vulnerability VCID-nbx2-3qh6-tqa3
8
vulnerability VCID-nu2x-tpra-4few
9
vulnerability VCID-sccj-juvj-5ud5
10
vulnerability VCID-tpky-j79x-pqd4
11
vulnerability VCID-vsry-jr8n-zba8
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libsoup3@3.6.5-3%3Fdistro=trixie
3
url pkg:deb/debian/libsoup3@3.6.5-3
purl pkg:deb/debian/libsoup3@3.6.5-3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1vz1-x5py-dkg5
1
vulnerability VCID-3zqd-pcvp-a7ed
2
vulnerability VCID-6sbg-fgfs-43b6
3
vulnerability VCID-cjwc-3fs8-17ef
4
vulnerability VCID-dnrq-3tff-nfc3
5
vulnerability VCID-ka6q-xta6-ukdp
6
vulnerability VCID-mxjn-d8v7-8ubc
7
vulnerability VCID-nbx2-3qh6-tqa3
8
vulnerability VCID-nu2x-tpra-4few
9
vulnerability VCID-sccj-juvj-5ud5
10
vulnerability VCID-tpky-j79x-pqd4
11
vulnerability VCID-vsry-jr8n-zba8
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libsoup3@3.6.5-3
References
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-1801.json
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-1801.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-1801
reference_id
reference_type
scores
0
value 0.00029
scoring_system epss
scoring_elements 0.08383
published_at 2026-04-21T12:55:00Z
1
value 0.00029
scoring_system epss
scoring_elements 0.0836
published_at 2026-04-12T12:55:00Z
2
value 0.00029
scoring_system epss
scoring_elements 0.08343
published_at 2026-04-13T12:55:00Z
3
value 0.00029
scoring_system epss
scoring_elements 0.08236
published_at 2026-04-16T12:55:00Z
4
value 0.00029
scoring_system epss
scoring_elements 0.08222
published_at 2026-04-18T12:55:00Z
5
value 0.00038
scoring_system epss
scoring_elements 0.11316
published_at 2026-04-02T12:55:00Z
6
value 0.00038
scoring_system epss
scoring_elements 0.11376
published_at 2026-04-04T12:55:00Z
7
value 0.00038
scoring_system epss
scoring_elements 0.1118
published_at 2026-04-07T12:55:00Z
8
value 0.00038
scoring_system epss
scoring_elements 0.1126
published_at 2026-04-08T12:55:00Z
9
value 0.00038
scoring_system epss
scoring_elements 0.11315
published_at 2026-04-09T12:55:00Z
10
value 0.00038
scoring_system epss
scoring_elements 0.1132
published_at 2026-04-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-1801
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-1801
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-1801
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2436315
reference_id 2436315
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-02-03T20:40:42Z/
url https://bugzilla.redhat.com/show_bug.cgi?id=2436315
5
reference_url https://gitlab.gnome.org/GNOME/libsoup/-/issues/481
reference_id 481
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-02-03T20:40:42Z/
url https://gitlab.gnome.org/GNOME/libsoup/-/issues/481
6
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10
reference_id cpe:/o:redhat:enterprise_linux:10
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10
7
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6
reference_id cpe:/o:redhat:enterprise_linux:6
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6
8
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7
reference_id cpe:/o:redhat:enterprise_linux:7
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7
9
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8
reference_id cpe:/o:redhat:enterprise_linux:8
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8
10
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9
reference_id cpe:/o:redhat:enterprise_linux:9
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9
11
reference_url https://access.redhat.com/security/cve/CVE-2026-1801
reference_id CVE-2026-1801
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-02-03T20:40:42Z/
url https://access.redhat.com/security/cve/CVE-2026-1801
Weaknesses
0
cwe_id 444
name Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling')
description The product acts as an intermediary HTTP agent (such as a proxy or firewall) in the data flow between two entities such as a client and server, but it does not interpret malformed HTTP requests or responses in ways that are consistent with how the messages will be processed by those entities that are at the ultimate destination.
Exploits
Severity_range_score5.3 - 5.3
Exploitability0.5
Weighted_severity4.8
Risk_score2.4
Resource_urlhttp://public2.vulnerablecode.io/vulnerabilities/VCID-cjwc-3fs8-17ef