Django REST framework

Lookup for vulnerabilities affecting packages.

Vulnerability_id VCID-w8qv-heb5-87fd

Summary multiple issues

Aliases

alias	CVE-2021-34532

alias	GHSA-q7cg-43mg-qp69

Fixed_packages

url	pkg:alpm/archlinux/dotnet-sdk@6.0.0.sdk100-1
purl	pkg:alpm/archlinux/dotnet-sdk@6.0.0.sdk100-1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/dotnet-sdk@6.0.0.sdk100-1

url	pkg:nuget/Microsoft.AspNetCore.All@2.1.30
purl	pkg:nuget/Microsoft.AspNetCore.All@2.1.30
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.AspNetCore.All@2.1.30

url	pkg:nuget/Microsoft.AspNetCore.All@3.1.18
purl	pkg:nuget/Microsoft.AspNetCore.All@3.1.18
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.AspNetCore.All@3.1.18

url	pkg:nuget/Microsoft.AspNetCore.All@5.0.9
purl	pkg:nuget/Microsoft.AspNetCore.All@5.0.9
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.AspNetCore.All@5.0.9

url	pkg:nuget/Microsoft.AspNetCore.Authentication.JwtBearer@2.1.29
purl	pkg:nuget/Microsoft.AspNetCore.Authentication.JwtBearer@2.1.29
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.AspNetCore.Authentication.JwtBearer@2.1.29

url	pkg:nuget/Microsoft.AspNetCore.Authentication.JwtBearer@3.1.18
purl	pkg:nuget/Microsoft.AspNetCore.Authentication.JwtBearer@3.1.18
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.AspNetCore.Authentication.JwtBearer@3.1.18

url	pkg:nuget/Microsoft.AspNetCore.Authentication.JwtBearer@5.0.9
purl	pkg:nuget/Microsoft.AspNetCore.Authentication.JwtBearer@5.0.9
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.AspNetCore.Authentication.JwtBearer@5.0.9

Affected_packages

url pkg:alpm/archlinux/dotnet-sdk@5.0.8.sdk205-1

purl pkg:alpm/archlinux/dotnet-sdk@5.0.8.sdk205-1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-73ve-k52p-xba9

vulnerability	VCID-r8m2-7wyx-p7cn

vulnerability	VCID-w8qv-heb5-87fd

resource_url http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/dotnet-sdk@5.0.8.sdk205-1

url pkg:nuget/Microsoft.AspNetCore.All@2.1.0

purl pkg:nuget/Microsoft.AspNetCore.All@2.1.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-3nh7-wm35-3kb2

vulnerability	VCID-c94t-hevg-xych

vulnerability	VCID-d4mn-hm9u-3qbk

vulnerability	VCID-dq9y-u457-6uhc

vulnerability	VCID-dw22-bazh-4qa9

vulnerability	VCID-kv27-b4ve-d3ax

vulnerability	VCID-v6vu-9ybt-tqbc

vulnerability	VCID-vrkf-8nhe-7uc6

vulnerability	VCID-w8qv-heb5-87fd

vulnerability	VCID-xgtm-9d66-rugc

resource_url http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.AspNetCore.All@2.1.0

url pkg:nuget/Microsoft.AspNetCore.All@2.1.2

purl pkg:nuget/Microsoft.AspNetCore.All@2.1.2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-3nh7-wm35-3kb2

vulnerability	VCID-v6vu-9ybt-tqbc

vulnerability	VCID-w8qv-heb5-87fd

vulnerability	VCID-xgtm-9d66-rugc

resource_url http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.AspNetCore.All@2.1.2

url pkg:nuget/Microsoft.AspNetCore.All@3.1.0

purl pkg:nuget/Microsoft.AspNetCore.All@3.1.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-b1wy-4qp2-f7hp

vulnerability	VCID-w8qv-heb5-87fd

resource_url http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.AspNetCore.All@3.1.0

url pkg:nuget/Microsoft.AspNetCore.All@3.1.17

purl pkg:nuget/Microsoft.AspNetCore.All@3.1.17

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-w8qv-heb5-87fd

resource_url http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.AspNetCore.All@3.1.17

url pkg:nuget/Microsoft.AspNetCore.All@5.0.0

purl pkg:nuget/Microsoft.AspNetCore.All@5.0.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-b1wy-4qp2-f7hp

vulnerability	VCID-w8qv-heb5-87fd

resource_url http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.AspNetCore.All@5.0.0

url pkg:nuget/Microsoft.AspNetCore.All@5.0.8

purl pkg:nuget/Microsoft.AspNetCore.All@5.0.8

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-w8qv-heb5-87fd

resource_url http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.AspNetCore.All@5.0.8

url pkg:nuget/Microsoft.AspNetCore.Authentication.JwtBearer@3.0.0

purl pkg:nuget/Microsoft.AspNetCore.Authentication.JwtBearer@3.0.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-w8qv-heb5-87fd

resource_url http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.AspNetCore.Authentication.JwtBearer@3.0.0

url pkg:nuget/Microsoft.AspNetCore.Authentication.JwtBearer@5.0.0

purl pkg:nuget/Microsoft.AspNetCore.Authentication.JwtBearer@5.0.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-w8qv-heb5-87fd

resource_url http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.AspNetCore.Authentication.JwtBearer@5.0.0

References

reference_url	https://github.com/dotnet/announcements/issues/195
reference_id
reference_type
scores
url	https://github.com/dotnet/announcements/issues/195

reference_url

https://security.archlinux.org/AVG-2277

reference_id

AVG-2277

reference_type

scores

value	Medium
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-2277

reference_url	https://nvd.nist.gov/vuln/detail/CVE-2021-34532
reference_id	CVE-2021-34532
reference_type
scores
url	https://nvd.nist.gov/vuln/detail/CVE-2021-34532

reference_url	https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-34532
reference_id	CVE-2021-34532
reference_type
scores
url	https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-34532

reference_url	https://github.com/advisories/GHSA-q7cg-43mg-qp69
reference_id	GHSA-q7cg-43mg-qp69
reference_type
scores
url	https://github.com/advisories/GHSA-q7cg-43mg-qp69

reference_url	https://github.com/dotnet/aspnetcore/security/advisories/GHSA-q7cg-43mg-qp69
reference_id	GHSA-q7cg-43mg-qp69
reference_type
scores
url	https://github.com/dotnet/aspnetcore/security/advisories/GHSA-q7cg-43mg-qp69

Weaknesses

cwe_id	1035
name	OWASP Top Ten 2017 Category A9 - Using Components with Known Vulnerabilities
description	Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2017.

cwe_id	937
name	OWASP Top Ten 2013 Category A9 - Using Components with Known Vulnerabilities
description	Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2013.

Exploits

Severity_range_score 4.0 - 6.9

Exploitability null

Weighted_severity null

Risk_score null

Resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-w8qv-heb5-87fd

Vulnerability Instance