Django REST framework

Vulnerability Instance

Lookup for vulnerabilities affecting packages.

Vulnerability_idVCID-rj2h-pnmf-mufp
Summaryhaproxy: Spoofed IP Bypass in HAProxy QUIC Listener 0-RTT Sessions
Aliases
0
alias CVE-2024-49214
Fixed_packages
0
url pkg:deb/debian/haproxy@0?distro=trixie
purl pkg:deb/debian/haproxy@0?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/haproxy@0%3Fdistro=trixie
1
url pkg:deb/debian/haproxy@2.2.9-2%2Bdeb11u6?distro=trixie
purl pkg:deb/debian/haproxy@2.2.9-2%2Bdeb11u6?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-97wa-uwp2-57gu
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/haproxy@2.2.9-2%252Bdeb11u6%3Fdistro=trixie
2
url pkg:deb/debian/haproxy@2.9.11-1?distro=trixie
purl pkg:deb/debian/haproxy@2.9.11-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/haproxy@2.9.11-1%3Fdistro=trixie
3
url pkg:deb/debian/haproxy@3.0.11-1%2Bdeb13u2?distro=trixie
purl pkg:deb/debian/haproxy@3.0.11-1%2Bdeb13u2?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-97wa-uwp2-57gu
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/haproxy@3.0.11-1%252Bdeb13u2%3Fdistro=trixie
4
url pkg:deb/debian/haproxy@3.0.11-1%2Bdeb13u2
purl pkg:deb/debian/haproxy@3.0.11-1%2Bdeb13u2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-97wa-uwp2-57gu
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/haproxy@3.0.11-1%252Bdeb13u2
5
url pkg:deb/debian/haproxy@3.2.15-1?distro=trixie
purl pkg:deb/debian/haproxy@3.2.15-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/haproxy@3.2.15-1%3Fdistro=trixie
Affected_packages
0
url pkg:deb/debian/haproxy@2.6.12-1%2Bdeb12u3
purl pkg:deb/debian/haproxy@2.6.12-1%2Bdeb12u3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-7mfq-cvmr-nbf8
1
vulnerability VCID-97wa-uwp2-57gu
2
vulnerability VCID-rj2h-pnmf-mufp
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/haproxy@2.6.12-1%252Bdeb12u3
1
url pkg:deb/debian/haproxy@2.6.12-1%2Bdeb12u3?distro=trixie
purl pkg:deb/debian/haproxy@2.6.12-1%2Bdeb12u3?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-7mfq-cvmr-nbf8
1
vulnerability VCID-97wa-uwp2-57gu
2
vulnerability VCID-rj2h-pnmf-mufp
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/haproxy@2.6.12-1%252Bdeb12u3%3Fdistro=trixie
References
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-49214.json
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-49214.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2024-49214
reference_id
reference_type
scores
0
value 0.00105
scoring_system epss
scoring_elements 0.28485
published_at 2026-04-21T12:55:00Z
1
value 0.00105
scoring_system epss
scoring_elements 0.28671
published_at 2026-04-02T12:55:00Z
2
value 0.00105
scoring_system epss
scoring_elements 0.28716
published_at 2026-04-04T12:55:00Z
3
value 0.00105
scoring_system epss
scoring_elements 0.28522
published_at 2026-04-07T12:55:00Z
4
value 0.00105
scoring_system epss
scoring_elements 0.28587
published_at 2026-04-08T12:55:00Z
5
value 0.00105
scoring_system epss
scoring_elements 0.28627
published_at 2026-04-09T12:55:00Z
6
value 0.00105
scoring_system epss
scoring_elements 0.2863
published_at 2026-04-11T12:55:00Z
7
value 0.00105
scoring_system epss
scoring_elements 0.28586
published_at 2026-04-12T12:55:00Z
8
value 0.00105
scoring_system epss
scoring_elements 0.28538
published_at 2026-04-13T12:55:00Z
9
value 0.00105
scoring_system epss
scoring_elements 0.28558
published_at 2026-04-16T12:55:00Z
10
value 0.00105
scoring_system epss
scoring_elements 0.28532
published_at 2026-04-18T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2024-49214
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2318475
reference_id 2318475
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2318475
4
reference_url https://www.haproxy.org/download/2.9/src/CHANGELOG
reference_id CHANGELOG
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AC:L/AV:N/A:N/C:N/I:L/PR:N/S:U/UI:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-15T15:56:01Z/
url https://www.haproxy.org/download/2.9/src/CHANGELOG
5
reference_url https://www.haproxy.org/download/3.0/src/CHANGELOG
reference_id CHANGELOG
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AC:L/AV:N/A:N/C:N/I:L/PR:N/S:U/UI:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-15T15:56:01Z/
url https://www.haproxy.org/download/3.0/src/CHANGELOG
6
reference_url https://www.haproxy.org/download/3.1/src/CHANGELOG
reference_id CHANGELOG
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AC:L/AV:N/A:N/C:N/I:L/PR:N/S:U/UI:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-15T15:56:01Z/
url https://www.haproxy.org/download/3.1/src/CHANGELOG
7
reference_url https://github.com/haproxy/haproxy/commit/f627b9272bd8ffca6f2f898bfafc6bf0b84b7d46
reference_id f627b9272bd8ffca6f2f898bfafc6bf0b84b7d46
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AC:L/AV:N/A:N/C:N/I:L/PR:N/S:U/UI:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-15T15:56:01Z/
url https://github.com/haproxy/haproxy/commit/f627b9272bd8ffca6f2f898bfafc6bf0b84b7d46
8
reference_url https://www.mail-archive.com/haproxy%40formilux.org/msg45291.html
reference_id msg45291.html
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AC:L/AV:N/A:N/C:N/I:L/PR:N/S:U/UI:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-15T15:56:01Z/
url https://www.mail-archive.com/haproxy%40formilux.org/msg45291.html
9
reference_url https://www.mail-archive.com/haproxy%40formilux.org/msg45314.html
reference_id msg45314.html
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AC:L/AV:N/A:N/C:N/I:L/PR:N/S:U/UI:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-15T15:56:01Z/
url https://www.mail-archive.com/haproxy%40formilux.org/msg45314.html
10
reference_url https://www.mail-archive.com/haproxy%40formilux.org/msg45315.html
reference_id msg45315.html
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AC:L/AV:N/A:N/C:N/I:L/PR:N/S:U/UI:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-15T15:56:01Z/
url https://www.mail-archive.com/haproxy%40formilux.org/msg45315.html
Weaknesses
0
cwe_id 940
name Improper Verification of Source of a Communication Channel
description The product establishes a communication channel to handle an incoming request that has been initiated by an actor, but it does not properly verify that the request is coming from the expected origin.
Exploits
Severity_range_score5.3 - 5.3
Exploitability0.5
Weighted_severity4.8
Risk_score2.4
Resource_urlhttp://public2.vulnerablecode.io/vulnerabilities/VCID-rj2h-pnmf-mufp