Django REST framework

Vulnerability Instance

Lookup for vulnerabilities affecting packages.

Vulnerability_idVCID-uv2e-h2ju-2fgj
Summaryzabbix: Zabbix: Authenticated Super Admin can read arbitrary files via oauth.authorize action
Aliases
0
alias CVE-2025-27232
Fixed_packages
0
url pkg:apk/alpine/zabbix@7.4.3-r0?arch=armv7&distroversion=v3.23&reponame=community
purl pkg:apk/alpine/zabbix@7.4.3-r0?arch=armv7&distroversion=v3.23&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/zabbix@7.4.3-r0%3Farch=armv7&distroversion=v3.23&reponame=community
1
url pkg:apk/alpine/zabbix@7.4.3-r0?arch=s390x&distroversion=v3.23&reponame=community
purl pkg:apk/alpine/zabbix@7.4.3-r0?arch=s390x&distroversion=v3.23&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/zabbix@7.4.3-r0%3Farch=s390x&distroversion=v3.23&reponame=community
2
url pkg:apk/alpine/zabbix@7.4.3-r0?arch=loongarch64&distroversion=edge&reponame=community
purl pkg:apk/alpine/zabbix@7.4.3-r0?arch=loongarch64&distroversion=edge&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/zabbix@7.4.3-r0%3Farch=loongarch64&distroversion=edge&reponame=community
3
url pkg:apk/alpine/zabbix@7.4.3-r0?arch=aarch64&distroversion=edge&reponame=community
purl pkg:apk/alpine/zabbix@7.4.3-r0?arch=aarch64&distroversion=edge&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/zabbix@7.4.3-r0%3Farch=aarch64&distroversion=edge&reponame=community
4
url pkg:apk/alpine/zabbix@7.4.3-r0?arch=armv7&distroversion=edge&reponame=community
purl pkg:apk/alpine/zabbix@7.4.3-r0?arch=armv7&distroversion=edge&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/zabbix@7.4.3-r0%3Farch=armv7&distroversion=edge&reponame=community
5
url pkg:apk/alpine/zabbix@7.4.3-r0?arch=ppc64le&distroversion=edge&reponame=community
purl pkg:apk/alpine/zabbix@7.4.3-r0?arch=ppc64le&distroversion=edge&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/zabbix@7.4.3-r0%3Farch=ppc64le&distroversion=edge&reponame=community
6
url pkg:apk/alpine/zabbix@7.4.3-r0?arch=riscv64&distroversion=edge&reponame=community
purl pkg:apk/alpine/zabbix@7.4.3-r0?arch=riscv64&distroversion=edge&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/zabbix@7.4.3-r0%3Farch=riscv64&distroversion=edge&reponame=community
7
url pkg:apk/alpine/zabbix@7.4.3-r0?arch=s390x&distroversion=edge&reponame=community
purl pkg:apk/alpine/zabbix@7.4.3-r0?arch=s390x&distroversion=edge&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/zabbix@7.4.3-r0%3Farch=s390x&distroversion=edge&reponame=community
8
url pkg:apk/alpine/zabbix@7.4.3-r0?arch=x86&distroversion=edge&reponame=community
purl pkg:apk/alpine/zabbix@7.4.3-r0?arch=x86&distroversion=edge&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/zabbix@7.4.3-r0%3Farch=x86&distroversion=edge&reponame=community
9
url pkg:apk/alpine/zabbix@7.4.3-r0?arch=x86_64&distroversion=edge&reponame=community
purl pkg:apk/alpine/zabbix@7.4.3-r0?arch=x86_64&distroversion=edge&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/zabbix@7.4.3-r0%3Farch=x86_64&distroversion=edge&reponame=community
10
url pkg:apk/alpine/zabbix@7.4.3-r0?arch=aarch64&distroversion=v3.23&reponame=community
purl pkg:apk/alpine/zabbix@7.4.3-r0?arch=aarch64&distroversion=v3.23&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/zabbix@7.4.3-r0%3Farch=aarch64&distroversion=v3.23&reponame=community
11
url pkg:apk/alpine/zabbix@7.4.3-r0?arch=armhf&distroversion=v3.23&reponame=community
purl pkg:apk/alpine/zabbix@7.4.3-r0?arch=armhf&distroversion=v3.23&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/zabbix@7.4.3-r0%3Farch=armhf&distroversion=v3.23&reponame=community
12
url pkg:apk/alpine/zabbix@7.4.3-r0?arch=loongarch64&distroversion=v3.23&reponame=community
purl pkg:apk/alpine/zabbix@7.4.3-r0?arch=loongarch64&distroversion=v3.23&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/zabbix@7.4.3-r0%3Farch=loongarch64&distroversion=v3.23&reponame=community
13
url pkg:apk/alpine/zabbix@7.4.3-r0?arch=ppc64le&distroversion=v3.23&reponame=community
purl pkg:apk/alpine/zabbix@7.4.3-r0?arch=ppc64le&distroversion=v3.23&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/zabbix@7.4.3-r0%3Farch=ppc64le&distroversion=v3.23&reponame=community
14
url pkg:apk/alpine/zabbix@7.4.3-r0?arch=riscv64&distroversion=v3.23&reponame=community
purl pkg:apk/alpine/zabbix@7.4.3-r0?arch=riscv64&distroversion=v3.23&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/zabbix@7.4.3-r0%3Farch=riscv64&distroversion=v3.23&reponame=community
15
url pkg:apk/alpine/zabbix@7.4.3-r0?arch=x86&distroversion=v3.23&reponame=community
purl pkg:apk/alpine/zabbix@7.4.3-r0?arch=x86&distroversion=v3.23&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/zabbix@7.4.3-r0%3Farch=x86&distroversion=v3.23&reponame=community
16
url pkg:apk/alpine/zabbix@7.4.3-r0?arch=x86_64&distroversion=v3.23&reponame=community
purl pkg:apk/alpine/zabbix@7.4.3-r0?arch=x86_64&distroversion=v3.23&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/zabbix@7.4.3-r0%3Farch=x86_64&distroversion=v3.23&reponame=community
17
url pkg:apk/alpine/zabbix@7.4.3-r0?arch=armhf&distroversion=edge&reponame=community
purl pkg:apk/alpine/zabbix@7.4.3-r0?arch=armhf&distroversion=edge&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/zabbix@7.4.3-r0%3Farch=armhf&distroversion=edge&reponame=community
18
url pkg:deb/debian/zabbix@0?distro=trixie
purl pkg:deb/debian/zabbix@0?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@0%3Fdistro=trixie
19
url pkg:deb/debian/zabbix@1:5.0.8%2Bdfsg-1?distro=trixie
purl pkg:deb/debian/zabbix@1:5.0.8%2Bdfsg-1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-5nmy-hdh8-xbg1
1
vulnerability VCID-cdyd-79m9-pyhv
2
vulnerability VCID-dej6-dxbp-a3bt
3
vulnerability VCID-fxqr-51kp-3ber
4
vulnerability VCID-qzp5-px2f-vqc8
5
vulnerability VCID-qzzk-mcfu-sfhv
6
vulnerability VCID-r8yr-aet5-yydn
7
vulnerability VCID-s1mb-1gsj-pbed
8
vulnerability VCID-uh37-bv9z-1bdz
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:5.0.8%252Bdfsg-1%3Fdistro=trixie
20
url pkg:deb/debian/zabbix@1:6.0.14%2Bdfsg-1?distro=trixie
purl pkg:deb/debian/zabbix@1:6.0.14%2Bdfsg-1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-172p-q6d5-9ya3
1
vulnerability VCID-1xr6-n296-cyfd
2
vulnerability VCID-3g1d-2tvh-akh4
3
vulnerability VCID-3qru-uxsd-e3c8
4
vulnerability VCID-464s-8ex9-kqdz
5
vulnerability VCID-4s92-5es4-yka5
6
vulnerability VCID-4uxg-fxv7-rua8
7
vulnerability VCID-547a-p94b-6fep
8
vulnerability VCID-5nmy-hdh8-xbg1
9
vulnerability VCID-5s7j-6aea-qucr
10
vulnerability VCID-5t3e-bfve-d3he
11
vulnerability VCID-673b-qsd3-e3hz
12
vulnerability VCID-6u3x-x7qt-g3fa
13
vulnerability VCID-76qf-8jm4-8kct
14
vulnerability VCID-7bzf-3c9x-8qc4
15
vulnerability VCID-7f3g-hebk-3qad
16
vulnerability VCID-7yp1-231f-a3eq
17
vulnerability VCID-9jfn-6nvg-a3b6
18
vulnerability VCID-9z8h-gg7t-b7f8
19
vulnerability VCID-aetr-jrab-6fg5
20
vulnerability VCID-b8tm-2187-wkhz
21
vulnerability VCID-batr-txtv-s3cf
22
vulnerability VCID-cdyd-79m9-pyhv
23
vulnerability VCID-cuqx-wxkd-nffa
24
vulnerability VCID-d7uk-h423-77f5
25
vulnerability VCID-dej6-dxbp-a3bt
26
vulnerability VCID-ftt2-5jnt-9ye2
27
vulnerability VCID-fxqr-51kp-3ber
28
vulnerability VCID-gp3f-yz9h-eqax
29
vulnerability VCID-gyqk-zsww-ykdj
30
vulnerability VCID-kx3g-p2zj-duaj
31
vulnerability VCID-mhx5-hcg2-wfc4
32
vulnerability VCID-n5md-76wa-dbaa
33
vulnerability VCID-nrkb-pzcu-8ueg
34
vulnerability VCID-nyhx-57xy-wugc
35
vulnerability VCID-psak-h1x6-1kca
36
vulnerability VCID-qzp5-px2f-vqc8
37
vulnerability VCID-qzzk-mcfu-sfhv
38
vulnerability VCID-r65p-6wkq-sfb9
39
vulnerability VCID-r8yr-aet5-yydn
40
vulnerability VCID-ry8x-mjbp-qqct
41
vulnerability VCID-s1mb-1gsj-pbed
42
vulnerability VCID-sudd-unuw-wqa9
43
vulnerability VCID-uh37-bv9z-1bdz
44
vulnerability VCID-uxdf-6tyd-rucd
45
vulnerability VCID-vkfp-asar-7bhw
46
vulnerability VCID-wczj-cv1m-7qce
47
vulnerability VCID-zc7p-7yts-5yae
48
vulnerability VCID-zrfp-skzu-cbet
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:6.0.14%252Bdfsg-1%3Fdistro=trixie
21
url pkg:deb/debian/zabbix@1:7.0.22%2Bdfsg-1~deb13u1?distro=trixie
purl pkg:deb/debian/zabbix@1:7.0.22%2Bdfsg-1~deb13u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:7.0.22%252Bdfsg-1~deb13u1%3Fdistro=trixie
22
url pkg:deb/debian/zabbix@1:7.0.22%2Bdfsg-1?distro=trixie
purl pkg:deb/debian/zabbix@1:7.0.22%2Bdfsg-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:7.0.22%252Bdfsg-1%3Fdistro=trixie
Affected_packages
References
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-27232.json
reference_id
reference_type
scores
0
value 6.8
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-27232.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-27232
reference_id
reference_type
scores
0
value 0.00048
scoring_system epss
scoring_elements 0.15
published_at 2026-04-02T12:55:00Z
1
value 0.00048
scoring_system epss
scoring_elements 0.14799
published_at 2026-04-18T12:55:00Z
2
value 0.00048
scoring_system epss
scoring_elements 0.14892
published_at 2026-04-13T12:55:00Z
3
value 0.00048
scoring_system epss
scoring_elements 0.14792
published_at 2026-04-16T12:55:00Z
4
value 0.00048
scoring_system epss
scoring_elements 0.15078
published_at 2026-04-04T12:55:00Z
5
value 0.00048
scoring_system epss
scoring_elements 0.14882
published_at 2026-04-07T12:55:00Z
6
value 0.00048
scoring_system epss
scoring_elements 0.14971
published_at 2026-04-08T12:55:00Z
7
value 0.00048
scoring_system epss
scoring_elements 0.15022
published_at 2026-04-09T12:55:00Z
8
value 0.00048
scoring_system epss
scoring_elements 0.14986
published_at 2026-04-11T12:55:00Z
9
value 0.00048
scoring_system epss
scoring_elements 0.1495
published_at 2026-04-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-27232
2
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2417984
reference_id 2417984
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2417984
3
reference_url https://support.zabbix.com/browse/ZBX-27282
reference_id ZBX-27282
reference_type
scores
0
value 6.8
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:A/AC:L/AT:N/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-01T14:38:44Z/
url https://support.zabbix.com/browse/ZBX-27282
Weaknesses
0
cwe_id 918
name Server-Side Request Forgery (SSRF)
description The web server receives a URL or similar request from an upstream component and retrieves the contents of this URL, but it does not sufficiently ensure that the request is being sent to the expected destination.
Exploits
Severity_range_score6.8 - 6.8
Exploitabilitynull
Weighted_severitynull
Risk_scorenull
Resource_urlhttp://public2.vulnerablecode.io/vulnerabilities/VCID-uv2e-h2ju-2fgj