Django REST framework

Lookup for vulnerabilities affecting packages.

Vulnerability_id VCID-xnny-adma-pycj

Summary ceph: RGW crash upon misconfigured CORS rule

Aliases

alias	CVE-2023-46159

Fixed_packages

Affected_packages

url pkg:rpm/redhat/ceph@2:16.2.10-248?arch=el8cp

purl pkg:rpm/redhat/ceph@2:16.2.10-248?arch=el8cp

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-xnny-adma-pycj

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/ceph@2:16.2.10-248%3Farch=el8cp

url pkg:rpm/redhat/ceph@2:17.2.6-148?arch=el9cp

purl pkg:rpm/redhat/ceph@2:17.2.6-148?arch=el9cp

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-3gg5-1921-rbfs

vulnerability	VCID-47cr-h639-tqd4

vulnerability	VCID-br4c-7x9j-g3f6

vulnerability	VCID-hqne-7h6h-3ff8

vulnerability	VCID-xnny-adma-pycj

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/ceph@2:17.2.6-148%3Farch=el9cp

url pkg:rpm/redhat/ceph@2:19.2.1-222?arch=el9cp

purl pkg:rpm/redhat/ceph@2:19.2.1-222?arch=el9cp

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-9bm9-9f5h-2yg5

vulnerability	VCID-ae1s-qa4g-eyes

vulnerability	VCID-bxfr-hpkh-cyby

vulnerability	VCID-ks48-yq6s-aue1

vulnerability	VCID-kycs-rbvn-z3e7

vulnerability	VCID-qn4r-71h3-sbgb

vulnerability	VCID-rk14-bw25-2yhe

vulnerability	VCID-xnny-adma-pycj

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/ceph@2:19.2.1-222%3Farch=el9cp

url pkg:rpm/redhat/cephadm-ansible@3.0.0-1?arch=el9cp

purl pkg:rpm/redhat/cephadm-ansible@3.0.0-1?arch=el9cp

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-xnny-adma-pycj

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/cephadm-ansible@3.0.0-1%3Farch=el9cp

url pkg:rpm/redhat/cephadm-ansible@1:4.1.4-1?arch=el9cp

purl pkg:rpm/redhat/cephadm-ansible@1:4.1.4-1?arch=el9cp

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-9bm9-9f5h-2yg5

vulnerability	VCID-ae1s-qa4g-eyes

vulnerability	VCID-bxfr-hpkh-cyby

vulnerability	VCID-ks48-yq6s-aue1

vulnerability	VCID-kycs-rbvn-z3e7

vulnerability	VCID-qn4r-71h3-sbgb

vulnerability	VCID-rk14-bw25-2yhe

vulnerability	VCID-xnny-adma-pycj

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/cephadm-ansible@1:4.1.4-1%3Farch=el9cp

url pkg:rpm/redhat/ceph-ansible@6.0.28.7-1?arch=el8cp

purl pkg:rpm/redhat/ceph-ansible@6.0.28.7-1?arch=el8cp

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-47cr-h639-tqd4

vulnerability	VCID-xnny-adma-pycj

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/ceph-ansible@6.0.28.7-1%3Farch=el8cp

url pkg:rpm/redhat/haproxy@2.2.19-5?arch=el8cp

purl pkg:rpm/redhat/haproxy@2.2.19-5?arch=el8cp

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-47cr-h639-tqd4

vulnerability	VCID-xnny-adma-pycj

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/haproxy@2.2.19-5%3Farch=el8cp

url pkg:rpm/redhat/oath-toolkit@2.6.12-1?arch=el9cp

purl pkg:rpm/redhat/oath-toolkit@2.6.12-1?arch=el9cp

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-9bm9-9f5h-2yg5

vulnerability	VCID-ae1s-qa4g-eyes

vulnerability	VCID-bxfr-hpkh-cyby

vulnerability	VCID-ks48-yq6s-aue1

vulnerability	VCID-kycs-rbvn-z3e7

vulnerability	VCID-qn4r-71h3-sbgb

vulnerability	VCID-rk14-bw25-2yhe

vulnerability	VCID-xnny-adma-pycj

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/oath-toolkit@2.6.12-1%3Farch=el9cp

References

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-46159.json

reference_id

reference_type

scores

value	2.6
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-46159.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2023-46159

reference_id

reference_type

scores

value	0.00026
scoring_system	epss
scoring_elements	0.07004
published_at	2026-04-02T12:55:00Z

value	0.00026
scoring_system	epss
scoring_elements	0.07153
published_at	2026-04-21T12:55:00Z

value	0.00026
scoring_system	epss
scoring_elements	0.07121
published_at	2026-04-11T12:55:00Z

value	0.00026
scoring_system	epss
scoring_elements	0.0711
published_at	2026-04-12T12:55:00Z

value	0.00026
scoring_system	epss
scoring_elements	0.071
published_at	2026-04-13T12:55:00Z

value	0.00026
scoring_system	epss
scoring_elements	0.07036
published_at	2026-04-16T12:55:00Z

value	0.00026
scoring_system	epss
scoring_elements	0.07021
published_at	2026-04-18T12:55:00Z

value	0.00026
scoring_system	epss
scoring_elements	0.07057
published_at	2026-04-04T12:55:00Z

value	0.00026
scoring_system	epss
scoring_elements	0.07037
published_at	2026-04-07T12:55:00Z

value	0.00026
scoring_system	epss
scoring_elements	0.07091
published_at	2026-04-08T12:55:00Z

value	0.00026
scoring_system	epss
scoring_elements	0.07122
published_at	2026-04-09T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2023-46159

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	5.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2215374
reference_id	2215374
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2215374

reference_url

https://exchange.xforce.ibmcloud.com/vulnerabilities/268906

reference_id

268906

reference_type

scores

value	2.6
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-22T14:17:32Z/

url

https://exchange.xforce.ibmcloud.com/vulnerabilities/268906

reference_url

https://www.ibm.com/support/pages/node/7112263

reference_id

7112263

reference_type

scores

value	2.6
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-22T14:17:32Z/

url

https://www.ibm.com/support/pages/node/7112263

reference_url	https://access.redhat.com/errata/RHSA-2023:5693
reference_id	RHSA-2023:5693
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:5693

reference_url	https://access.redhat.com/errata/RHSA-2024:0745
reference_id	RHSA-2024:0745
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0745

reference_url	https://access.redhat.com/errata/RHSA-2025:9775
reference_id	RHSA-2025:9775
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:9775

Weaknesses

cwe_id	20
name	Improper Input Validation
description	The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

Exploits

Severity_range_score 2.6 - 5.5

Exploitability 0.5

Weighted_severity 2.8

Risk_score 1.4

Resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-xnny-adma-pycj

Vulnerability Instance