Django REST framework

Lookup for vulnerabilities affecting packages.

Vulnerability_id VCID-gagk-z8js-9kgm

Summary security update

Aliases

alias	CVE-2017-15576

Fixed_packages

url	pkg:deb/debian/redmine@3.3.1-4%2Bdeb9u3
purl	pkg:deb/debian/redmine@3.3.1-4%2Bdeb9u3
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/redmine@3.3.1-4%252Bdeb9u3

url	pkg:deb/debian/redmine@3.4.2-1?distro=trixie
purl	pkg:deb/debian/redmine@3.4.2-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/redmine@3.4.2-1%3Fdistro=trixie

url	pkg:deb/debian/redmine@5.0.4-5%2Bdeb12u1?distro=trixie
purl	pkg:deb/debian/redmine@5.0.4-5%2Bdeb12u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/redmine@5.0.4-5%252Bdeb12u1%3Fdistro=trixie

url	pkg:deb/debian/redmine@6.0.5%2Bds-1?distro=trixie
purl	pkg:deb/debian/redmine@6.0.5%2Bds-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/redmine@6.0.5%252Bds-1%3Fdistro=trixie

url	pkg:deb/debian/redmine@6.0.6%2Bds-6?distro=trixie
purl	pkg:deb/debian/redmine@6.0.6%2Bds-6?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/redmine@6.0.6%252Bds-6%3Fdistro=trixie

Affected_packages

url pkg:deb/debian/redmine@1.0.1-2

purl pkg:deb/debian/redmine@1.0.1-2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1gbj-x56w-qfck

vulnerability	VCID-2fwd-ykd8-bbge

vulnerability	VCID-2mcw-11ja-gfbm

vulnerability	VCID-6p27-dume-v7gu

vulnerability	VCID-6zc2-q7mb-fbf7

vulnerability	VCID-8t1e-fc2y-ayck

vulnerability	VCID-bh4v-9j9j-8ya1

vulnerability	VCID-gagk-z8js-9kgm

vulnerability	VCID-hwb5-sw11-ykcg

vulnerability	VCID-j88j-cdx3-a3ch

vulnerability	VCID-kx78-85xx-yuav

vulnerability	VCID-m3kp-h2d7-h3ap

vulnerability	VCID-p2vy-dhe9-jyaa

vulnerability	VCID-pe8x-mqwn-gbaa

vulnerability	VCID-rf3d-ve7z-53ek

vulnerability	VCID-tfsu-xjfx-1qfs

vulnerability	VCID-u87x-ypam-zyft

vulnerability	VCID-vbfb-96wd-wbbb

vulnerability	VCID-x6m2-rpuj-cbdx

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/redmine@1.0.1-2

url pkg:deb/debian/redmine@1.0.1-2%2Bdeb6u11

purl pkg:deb/debian/redmine@1.0.1-2%2Bdeb6u11

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1gbj-x56w-qfck

vulnerability	VCID-2fwd-ykd8-bbge

vulnerability	VCID-2mcw-11ja-gfbm

vulnerability	VCID-6p27-dume-v7gu

vulnerability	VCID-6zc2-q7mb-fbf7

vulnerability	VCID-8t1e-fc2y-ayck

vulnerability	VCID-bh4v-9j9j-8ya1

vulnerability	VCID-gagk-z8js-9kgm

vulnerability	VCID-hwb5-sw11-ykcg

vulnerability	VCID-j88j-cdx3-a3ch

vulnerability	VCID-kx78-85xx-yuav

vulnerability	VCID-m3kp-h2d7-h3ap

vulnerability	VCID-p2vy-dhe9-jyaa

vulnerability	VCID-pe8x-mqwn-gbaa

vulnerability	VCID-rf3d-ve7z-53ek

vulnerability	VCID-tfsu-xjfx-1qfs

vulnerability	VCID-u87x-ypam-zyft

vulnerability	VCID-vbfb-96wd-wbbb

vulnerability	VCID-x6m2-rpuj-cbdx

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/redmine@1.0.1-2%252Bdeb6u11

url pkg:deb/debian/redmine@1.4.4%2Bdfsg1-2%2Bdeb7u1

purl pkg:deb/debian/redmine@1.4.4%2Bdfsg1-2%2Bdeb7u1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1gbj-x56w-qfck

vulnerability	VCID-2fwd-ykd8-bbge

vulnerability	VCID-2mcw-11ja-gfbm

vulnerability	VCID-6p27-dume-v7gu

vulnerability	VCID-6zc2-q7mb-fbf7

vulnerability	VCID-8t1e-fc2y-ayck

vulnerability	VCID-bh4v-9j9j-8ya1

vulnerability	VCID-gagk-z8js-9kgm

vulnerability	VCID-hwb5-sw11-ykcg

vulnerability	VCID-j88j-cdx3-a3ch

vulnerability	VCID-kx78-85xx-yuav

vulnerability	VCID-m3kp-h2d7-h3ap

vulnerability	VCID-p2vy-dhe9-jyaa

vulnerability	VCID-pe8x-mqwn-gbaa

vulnerability	VCID-rf3d-ve7z-53ek

vulnerability	VCID-tfsu-xjfx-1qfs

vulnerability	VCID-u87x-ypam-zyft

vulnerability	VCID-vbfb-96wd-wbbb

vulnerability	VCID-x6m2-rpuj-cbdx

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/redmine@1.4.4%252Bdfsg1-2%252Bdeb7u1

url pkg:deb/debian/redmine@2.5.1-2~bpo70%2B6

purl pkg:deb/debian/redmine@2.5.1-2~bpo70%2B6

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1gbj-x56w-qfck

vulnerability	VCID-2fwd-ykd8-bbge

vulnerability	VCID-2mcw-11ja-gfbm

vulnerability	VCID-6p27-dume-v7gu

vulnerability	VCID-6zc2-q7mb-fbf7

vulnerability	VCID-8t1e-fc2y-ayck

vulnerability	VCID-bh4v-9j9j-8ya1

vulnerability	VCID-gagk-z8js-9kgm

vulnerability	VCID-hwb5-sw11-ykcg

vulnerability	VCID-j88j-cdx3-a3ch

vulnerability	VCID-kx78-85xx-yuav

vulnerability	VCID-m3kp-h2d7-h3ap

vulnerability	VCID-p2vy-dhe9-jyaa

vulnerability	VCID-pe8x-mqwn-gbaa

vulnerability	VCID-rf3d-ve7z-53ek

vulnerability	VCID-tfsu-xjfx-1qfs

vulnerability	VCID-u87x-ypam-zyft

vulnerability	VCID-vbfb-96wd-wbbb

vulnerability	VCID-x6m2-rpuj-cbdx

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/redmine@2.5.1-2~bpo70%252B6

url pkg:deb/debian/redmine@3.0~20140825-5

purl pkg:deb/debian/redmine@3.0~20140825-5

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1gbj-x56w-qfck

vulnerability	VCID-2fwd-ykd8-bbge

vulnerability	VCID-2mcw-11ja-gfbm

vulnerability	VCID-6p27-dume-v7gu

vulnerability	VCID-6zc2-q7mb-fbf7

vulnerability	VCID-8t1e-fc2y-ayck

vulnerability	VCID-bh4v-9j9j-8ya1

vulnerability	VCID-gagk-z8js-9kgm

vulnerability	VCID-hwb5-sw11-ykcg

vulnerability	VCID-j88j-cdx3-a3ch

vulnerability	VCID-kx78-85xx-yuav

vulnerability	VCID-m3kp-h2d7-h3ap

vulnerability	VCID-p2vy-dhe9-jyaa

vulnerability	VCID-pe8x-mqwn-gbaa

vulnerability	VCID-rf3d-ve7z-53ek

vulnerability	VCID-tfsu-xjfx-1qfs

vulnerability	VCID-u87x-ypam-zyft

vulnerability	VCID-vbfb-96wd-wbbb

vulnerability	VCID-x6m2-rpuj-cbdx

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/redmine@3.0~20140825-5

References

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2017-15576

reference_id

reference_type

scores

value	0.00537
scoring_system	epss
scoring_elements	0.67553
published_at	2026-04-21T12:55:00Z

value	0.00537
scoring_system	epss
scoring_elements	0.67575
published_at	2026-04-18T12:55:00Z

value	0.00537
scoring_system	epss
scoring_elements	0.67451
published_at	2026-04-01T12:55:00Z

value	0.00537
scoring_system	epss
scoring_elements	0.67487
published_at	2026-04-02T12:55:00Z

value	0.00537
scoring_system	epss
scoring_elements	0.67508
published_at	2026-04-04T12:55:00Z

value	0.00537
scoring_system	epss
scoring_elements	0.67486
published_at	2026-04-07T12:55:00Z

value	0.00537
scoring_system	epss
scoring_elements	0.67537
published_at	2026-04-08T12:55:00Z

value	0.00537
scoring_system	epss
scoring_elements	0.67552
published_at	2026-04-09T12:55:00Z

value	0.00537
scoring_system	epss
scoring_elements	0.67574
published_at	2026-04-11T12:55:00Z

value	0.00537
scoring_system	epss
scoring_elements	0.6756
published_at	2026-04-12T12:55:00Z

value	0.00537
scoring_system	epss
scoring_elements	0.67527
published_at	2026-04-13T12:55:00Z

value	0.00537
scoring_system	epss
scoring_elements	0.67562
published_at	2026-04-16T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2017-15576

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15568
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15568

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15569
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15569

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15570
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15570

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15571
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15571

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15572
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15572

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15573
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15573

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15574
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15574

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15575
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15575

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15576
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15576

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15577
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15577

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-16804
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-16804

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-18026
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-18026

reference_url	https://www.debian.org/security/2018/dsa-4191
reference_id
reference_type
scores
url	https://www.debian.org/security/2018/dsa-4191

reference_url	https://www.redmine.org/issues/23803
reference_id
reference_type
scores
url	https://www.redmine.org/issues/23803

reference_url	https://www.redmine.org/projects/redmine/wiki/Security_Advisories
reference_id
reference_type
scores
url	https://www.redmine.org/projects/redmine/wiki/Security_Advisories

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redmine:redmine::::::::
reference_id	cpe:2.3:a:redmine:redmine::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redmine:redmine::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redmine:redmine:3.3.0:::::::*
reference_id	cpe:2.3:a:redmine:redmine:3.3.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redmine:redmine:3.3.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redmine:redmine:3.3.1:::::::*
reference_id	cpe:2.3:a:redmine:redmine:3.3.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redmine:redmine:3.3.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redmine:redmine:3.3.2:::::::*
reference_id	cpe:2.3:a:redmine:redmine:3.3.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redmine:redmine:3.3.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:9.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2017-15576

reference_id

CVE-2017-15576

reference_type

scores

value	5.0
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:P/I:N/A:N

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

url

https://nvd.nist.gov/vuln/detail/CVE-2017-15576

Weaknesses

cwe_id	200
name	Exposure of Sensitive Information to an Unauthorized Actor
description	The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.

Exploits

Severity_range_score 5.0 - 7.5

Exploitability 0.5

Weighted_severity 6.8

Risk_score 3.4

Resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-gagk-z8js-9kgm

Vulnerability Instance