Django REST framework

Lookup for vulnerabilities affecting packages.

Vulnerability_id VCID-s5yq-pjhc-fbcm

Summary python: Default mimetype known files writeable on Windows

Aliases

alias	CVE-2024-3220

Fixed_packages

url	pkg:deb/debian/python3.11@0?distro=bookworm
purl	pkg:deb/debian/python3.11@0?distro=bookworm
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/python3.11@0%3Fdistro=bookworm

url	pkg:deb/debian/python3.11@3.11.2-6%2Bdeb12u6?distro=bookworm
purl	pkg:deb/debian/python3.11@3.11.2-6%2Bdeb12u6?distro=bookworm
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/python3.11@3.11.2-6%252Bdeb12u6%3Fdistro=bookworm

url	pkg:deb/debian/python3.13@0?distro=trixie
purl	pkg:deb/debian/python3.13@0?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/python3.13@0%3Fdistro=trixie

url pkg:deb/debian/python3.13@3.13.5-2?distro=trixie

purl pkg:deb/debian/python3.13@3.13.5-2?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1uk5-6yqb-dyb5

vulnerability	VCID-8b19-pezx-6bcd

vulnerability	VCID-8dtv-379a-wqfs

vulnerability	VCID-94n7-6q4s-3udv

vulnerability	VCID-bn83-d2qp-9bfy

vulnerability	VCID-emaw-jmek-9bcy

vulnerability	VCID-fcsb-dn49-47gy

vulnerability	VCID-kn9b-2gxw-gqgx

vulnerability	VCID-mtk7-qut6-syd8

vulnerability	VCID-nqqc-u8d5-8qf6

vulnerability	VCID-zh1r-7rzh-2bez

vulnerability	VCID-znkr-fxtj-4uc7

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/python3.13@3.13.5-2%3Fdistro=trixie

url pkg:deb/debian/python3.13@3.13.12-1?distro=trixie

purl pkg:deb/debian/python3.13@3.13.12-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-zxzn-25zt-ukct

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/python3.13@3.13.12-1%3Fdistro=trixie

url	pkg:deb/debian/python3.9@0?distro=bullseye
purl	pkg:deb/debian/python3.9@0?distro=bullseye
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/python3.9@0%3Fdistro=bullseye

url	pkg:deb/debian/python3.9@3.9.2-1?distro=bullseye
purl	pkg:deb/debian/python3.9@3.9.2-1?distro=bullseye
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/python3.9@3.9.2-1%3Fdistro=bullseye

Affected_packages

References

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-3220.json

reference_id

reference_type

scores

value	4.6
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-3220.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2024-3220

reference_id

reference_type

scores

value	0.00288
scoring_system	epss
scoring_elements	0.52287
published_at	2026-04-21T12:55:00Z

value	0.00288
scoring_system	epss
scoring_elements	0.52301
published_at	2026-04-16T12:55:00Z

value	0.00288
scoring_system	epss
scoring_elements	0.52305
published_at	2026-04-18T12:55:00Z

value	0.00288
scoring_system	epss
scoring_elements	0.52202
published_at	2026-04-02T12:55:00Z

value	0.00288
scoring_system	epss
scoring_elements	0.5223
published_at	2026-04-04T12:55:00Z

value	0.00288
scoring_system	epss
scoring_elements	0.52194
published_at	2026-04-07T12:55:00Z

value	0.00288
scoring_system	epss
scoring_elements	0.52248
published_at	2026-04-08T12:55:00Z

value	0.00288
scoring_system	epss
scoring_elements	0.52243
published_at	2026-04-09T12:55:00Z

value	0.00288
scoring_system	epss
scoring_elements	0.52294
published_at	2026-04-11T12:55:00Z

value	0.00288
scoring_system	epss
scoring_elements	0.52277
published_at	2026-04-12T12:55:00Z

value	0.00288
scoring_system	epss
scoring_elements	0.52263
published_at	2026-04-13T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2024-3220

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2345794
reference_id	2345794
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2345794

reference_url

https://mail.python.org/archives/list/security-announce@python.org/thread/CDXW34ND2LSAOYAR5N6UNONP4ZBX4D6R/

reference_id

CDXW34ND2LSAOYAR5N6UNONP4ZBX4D6R

reference_type

scores

value	2.3
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-14T16:46:00Z/

url

https://mail.python.org/archives/list/security-announce@python.org/thread/CDXW34ND2LSAOYAR5N6UNONP4ZBX4D6R/

Weaknesses

cwe_id	426
name	Untrusted Search Path
description	The product searches for critical resources using an externally-supplied search path that can point to resources that are not under the product's direct control.

Exploits

Severity_range_score 2.3 - 4.6

Exploitability null

Weighted_severity null

Risk_score null

Resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-s5yq-pjhc-fbcm

Vulnerability Instance