Django REST framework

Vulnerability Instance

Lookup for vulnerabilities affecting packages.

Vulnerability_idVCID-ffvg-6mve-zuee
Summaryspice: Improper input validation in function async_READ_handler
Aliases
0
alias CVE-2020-23793
Fixed_packages
0
url pkg:deb/debian/spice@0.13.90-0.1?distro=trixie
purl pkg:deb/debian/spice@0.13.90-0.1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/spice@0.13.90-0.1%3Fdistro=trixie
1
url pkg:deb/debian/spice@0.14.0-1.3%2Bdeb10u1
purl pkg:deb/debian/spice@0.14.0-1.3%2Bdeb10u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-15db-nrnx-wbcw
1
vulnerability VCID-7rdm-m2fr-qbb6
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/spice@0.14.0-1.3%252Bdeb10u1
2
url pkg:deb/debian/spice@0.14.3-2.1?distro=trixie
purl pkg:deb/debian/spice@0.14.3-2.1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/spice@0.14.3-2.1%3Fdistro=trixie
3
url pkg:deb/debian/spice@0.15.1-1?distro=trixie
purl pkg:deb/debian/spice@0.15.1-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/spice@0.15.1-1%3Fdistro=trixie
4
url pkg:deb/debian/spice@0.15.2-1?distro=trixie
purl pkg:deb/debian/spice@0.15.2-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/spice@0.15.2-1%3Fdistro=trixie
5
url pkg:deb/debian/spice@0.16.0-1?distro=trixie
purl pkg:deb/debian/spice@0.16.0-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/spice@0.16.0-1%3Fdistro=trixie
6
url pkg:deb/debian/spice@0.16.0-2?distro=trixie
purl pkg:deb/debian/spice@0.16.0-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/spice@0.16.0-2%3Fdistro=trixie
Affected_packages
0
url pkg:deb/debian/spice@0.11.0-1%2Bdeb7u2
purl pkg:deb/debian/spice@0.11.0-1%2Bdeb7u2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-15db-nrnx-wbcw
1
vulnerability VCID-7rdm-m2fr-qbb6
2
vulnerability VCID-8hpc-axe9-p7am
3
vulnerability VCID-9uj2-9xph-y3hm
4
vulnerability VCID-btxr-2zwf-hfdc
5
vulnerability VCID-c2qd-zga1-vycn
6
vulnerability VCID-cqg7-9pas-5ffk
7
vulnerability VCID-ffvg-6mve-zuee
8
vulnerability VCID-jqee-tzwm-yqay
9
vulnerability VCID-md4t-zmhj-cbhf
10
vulnerability VCID-qep8-yync-3kch
11
vulnerability VCID-vbf4-zj87-rkck
12
vulnerability VCID-w9nw-q8yp-qugm
13
vulnerability VCID-we7z-vyz3-3udn
14
vulnerability VCID-ybnj-b9b4-cuhr
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/spice@0.11.0-1%252Bdeb7u2
1
url pkg:deb/debian/spice@0.12.5-1
purl pkg:deb/debian/spice@0.12.5-1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-15db-nrnx-wbcw
1
vulnerability VCID-7rdm-m2fr-qbb6
2
vulnerability VCID-8hpc-axe9-p7am
3
vulnerability VCID-9uj2-9xph-y3hm
4
vulnerability VCID-btxr-2zwf-hfdc
5
vulnerability VCID-c2qd-zga1-vycn
6
vulnerability VCID-cqg7-9pas-5ffk
7
vulnerability VCID-ffvg-6mve-zuee
8
vulnerability VCID-md4t-zmhj-cbhf
9
vulnerability VCID-qep8-yync-3kch
10
vulnerability VCID-vbf4-zj87-rkck
11
vulnerability VCID-w9nw-q8yp-qugm
12
vulnerability VCID-we7z-vyz3-3udn
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/spice@0.12.5-1
2
url pkg:deb/debian/spice@0.12.5-1%2Bdeb8u5
purl pkg:deb/debian/spice@0.12.5-1%2Bdeb8u5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-15db-nrnx-wbcw
1
vulnerability VCID-7rdm-m2fr-qbb6
2
vulnerability VCID-8hpc-axe9-p7am
3
vulnerability VCID-9uj2-9xph-y3hm
4
vulnerability VCID-btxr-2zwf-hfdc
5
vulnerability VCID-c2qd-zga1-vycn
6
vulnerability VCID-cqg7-9pas-5ffk
7
vulnerability VCID-ffvg-6mve-zuee
8
vulnerability VCID-md4t-zmhj-cbhf
9
vulnerability VCID-qep8-yync-3kch
10
vulnerability VCID-vbf4-zj87-rkck
11
vulnerability VCID-w9nw-q8yp-qugm
12
vulnerability VCID-we7z-vyz3-3udn
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/spice@0.12.5-1%252Bdeb8u5
3
url pkg:deb/debian/spice@0.12.8-2.1%2Bdeb9u3
purl pkg:deb/debian/spice@0.12.8-2.1%2Bdeb9u3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-15db-nrnx-wbcw
1
vulnerability VCID-7rdm-m2fr-qbb6
2
vulnerability VCID-8hpc-axe9-p7am
3
vulnerability VCID-btxr-2zwf-hfdc
4
vulnerability VCID-ffvg-6mve-zuee
5
vulnerability VCID-qep8-yync-3kch
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/spice@0.12.8-2.1%252Bdeb9u3
References
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-23793.json
reference_id
reference_type
scores
0
value 7.4
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-23793.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-23793
reference_id
reference_type
scores
0
value 0.0009
scoring_system epss
scoring_elements 0.25476
published_at 2026-04-01T12:55:00Z
1
value 0.0009
scoring_system epss
scoring_elements 0.25542
published_at 2026-04-02T12:55:00Z
2
value 0.0009
scoring_system epss
scoring_elements 0.2538
published_at 2026-04-18T12:55:00Z
3
value 0.0009
scoring_system epss
scoring_elements 0.25383
published_at 2026-04-13T12:55:00Z
4
value 0.0009
scoring_system epss
scoring_elements 0.2539
published_at 2026-04-16T12:55:00Z
5
value 0.0009
scoring_system epss
scoring_elements 0.25579
published_at 2026-04-04T12:55:00Z
6
value 0.0009
scoring_system epss
scoring_elements 0.25352
published_at 2026-04-07T12:55:00Z
7
value 0.0009
scoring_system epss
scoring_elements 0.2542
published_at 2026-04-08T12:55:00Z
8
value 0.0009
scoring_system epss
scoring_elements 0.25467
published_at 2026-04-09T12:55:00Z
9
value 0.0009
scoring_system epss
scoring_elements 0.25479
published_at 2026-04-11T12:55:00Z
10
value 0.0009
scoring_system epss
scoring_elements 0.25437
published_at 2026-04-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-23793
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-23793
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-23793
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 8.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2234984
reference_id 2234984
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2234984
5
reference_url https://github.com/zelat/spice-security-issues
reference_id spice-security-issues
reference_type
scores
0
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:56:53Z/
url https://github.com/zelat/spice-security-issues
Weaknesses
0
cwe_id 20
name Improper Input Validation
description The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.
Exploits
Severity_range_score7.4 - 8.6
Exploitability0.5
Weighted_severity6.7
Risk_score3.4
Resource_urlhttp://public2.vulnerablecode.io/vulnerabilities/VCID-ffvg-6mve-zuee