Django REST framework

Vulnerability Instance

Lookup for vulnerabilities affecting packages.

Vulnerability_idVCID-7mfq-cvmr-nbf8
SummaryHAProxy: HTTP request smuggling in HAProxy
Aliases
0
alias CVE-2024-53008
Fixed_packages
0
url pkg:deb/debian/haproxy@0?distro=trixie
purl pkg:deb/debian/haproxy@0?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/haproxy@0%3Fdistro=trixie
1
url pkg:deb/debian/haproxy@2.2.9-2%2Bdeb11u6?distro=trixie
purl pkg:deb/debian/haproxy@2.2.9-2%2Bdeb11u6?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-97wa-uwp2-57gu
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/haproxy@2.2.9-2%252Bdeb11u6%3Fdistro=trixie
2
url pkg:deb/debian/haproxy@2.9.10-1?distro=trixie
purl pkg:deb/debian/haproxy@2.9.10-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/haproxy@2.9.10-1%3Fdistro=trixie
3
url pkg:deb/debian/haproxy@3.0.11-1%2Bdeb13u2?distro=trixie
purl pkg:deb/debian/haproxy@3.0.11-1%2Bdeb13u2?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-97wa-uwp2-57gu
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/haproxy@3.0.11-1%252Bdeb13u2%3Fdistro=trixie
4
url pkg:deb/debian/haproxy@3.0.11-1%2Bdeb13u2
purl pkg:deb/debian/haproxy@3.0.11-1%2Bdeb13u2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-97wa-uwp2-57gu
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/haproxy@3.0.11-1%252Bdeb13u2
5
url pkg:deb/debian/haproxy@3.2.15-1?distro=trixie
purl pkg:deb/debian/haproxy@3.2.15-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/haproxy@3.2.15-1%3Fdistro=trixie
Affected_packages
0
url pkg:deb/debian/haproxy@2.6.12-1%2Bdeb12u3
purl pkg:deb/debian/haproxy@2.6.12-1%2Bdeb12u3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-7mfq-cvmr-nbf8
1
vulnerability VCID-97wa-uwp2-57gu
2
vulnerability VCID-rj2h-pnmf-mufp
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/haproxy@2.6.12-1%252Bdeb12u3
1
url pkg:deb/debian/haproxy@2.6.12-1%2Bdeb12u3?distro=trixie
purl pkg:deb/debian/haproxy@2.6.12-1%2Bdeb12u3?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-7mfq-cvmr-nbf8
1
vulnerability VCID-97wa-uwp2-57gu
2
vulnerability VCID-rj2h-pnmf-mufp
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/haproxy@2.6.12-1%252Bdeb12u3%3Fdistro=trixie
References
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-53008.json
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-53008.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2024-53008
reference_id
reference_type
scores
0
value 0.00116
scoring_system epss
scoring_elements 0.30191
published_at 2026-04-18T12:55:00Z
1
value 0.00116
scoring_system epss
scoring_elements 0.3021
published_at 2026-04-16T12:55:00Z
2
value 0.00116
scoring_system epss
scoring_elements 0.30196
published_at 2026-04-13T12:55:00Z
3
value 0.00116
scoring_system epss
scoring_elements 0.30243
published_at 2026-04-12T12:55:00Z
4
value 0.00116
scoring_system epss
scoring_elements 0.30286
published_at 2026-04-11T12:55:00Z
5
value 0.00116
scoring_system epss
scoring_elements 0.30282
published_at 2026-04-09T12:55:00Z
6
value 0.00116
scoring_system epss
scoring_elements 0.30248
published_at 2026-04-08T12:55:00Z
7
value 0.00116
scoring_system epss
scoring_elements 0.30188
published_at 2026-04-07T12:55:00Z
8
value 0.00116
scoring_system epss
scoring_elements 0.30324
published_at 2026-04-02T12:55:00Z
9
value 0.00116
scoring_system epss
scoring_elements 0.30372
published_at 2026-04-04T12:55:00Z
10
value 0.00157
scoring_system epss
scoring_elements 0.36466
published_at 2026-04-21T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2024-53008
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2329284
reference_id 2329284
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2329284
4
reference_url https://jvn.jp/en/jp/JVN88385716/
reference_id JVN88385716
reference_type
scores
0
value 5.3
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-29T20:53:41Z/
url https://jvn.jp/en/jp/JVN88385716/
5
reference_url https://git.haproxy.org/?p=haproxy-2.6.git;a=commit;h=1afca10150ac3e4e2224055cc31b6f1e4a70efe2
reference_id ?p=haproxy-2.6.git;a=commit;h=1afca10150ac3e4e2224055cc31b6f1e4a70efe2
reference_type
scores
0
value 5.3
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-29T20:53:41Z/
url https://git.haproxy.org/?p=haproxy-2.6.git;a=commit;h=1afca10150ac3e4e2224055cc31b6f1e4a70efe2
6
reference_url https://git.haproxy.org/?p=haproxy-2.8.git;a=commit;h=01c1056a44823c5ffb8f74660b32c099d9b5355b
reference_id ?p=haproxy-2.8.git;a=commit;h=01c1056a44823c5ffb8f74660b32c099d9b5355b
reference_type
scores
0
value 5.3
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-29T20:53:41Z/
url https://git.haproxy.org/?p=haproxy-2.8.git;a=commit;h=01c1056a44823c5ffb8f74660b32c099d9b5355b
7
reference_url https://git.haproxy.org/?p=haproxy-2.9.git;a=commit;h=4bcaece344c8738dac1ab5bd8cc81e2a22701d71
reference_id ?p=haproxy-2.9.git;a=commit;h=4bcaece344c8738dac1ab5bd8cc81e2a22701d71
reference_type
scores
0
value 5.3
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-29T20:53:41Z/
url https://git.haproxy.org/?p=haproxy-2.9.git;a=commit;h=4bcaece344c8738dac1ab5bd8cc81e2a22701d71
8
reference_url https://git.haproxy.org/?p=haproxy-3.0.git;a=commit;h=95a607c4b3af09be2a495b9c2872ea252ccff603
reference_id ?p=haproxy-3.0.git;a=commit;h=95a607c4b3af09be2a495b9c2872ea252ccff603
reference_type
scores
0
value 5.3
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-29T20:53:41Z/
url https://git.haproxy.org/?p=haproxy-3.0.git;a=commit;h=95a607c4b3af09be2a495b9c2872ea252ccff603
9
reference_url https://usn.ubuntu.com/7133-1/
reference_id USN-7133-1
reference_type
scores
url https://usn.ubuntu.com/7133-1/
10
reference_url https://www.haproxy.org/
reference_id www.haproxy.org
reference_type
scores
0
value 5.3
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-29T20:53:41Z/
url https://www.haproxy.org/
Weaknesses
0
cwe_id 444
name Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling')
description The product acts as an intermediary HTTP agent (such as a proxy or firewall) in the data flow between two entities such as a client and server, but it does not interpret malformed HTTP requests or responses in ways that are consistent with how the messages will be processed by those entities that are at the ultimate destination.
Exploits
Severity_range_score5.3 - 6.5
Exploitability0.5
Weighted_severity4.8
Risk_score2.4
Resource_urlhttp://public2.vulnerablecode.io/vulnerabilities/VCID-7mfq-cvmr-nbf8