Django REST framework

Lookup for vulnerabilities affecting packages.

Vulnerability_id VCID-61nu-645a-dyhx

Summary util-linux: arbitrary commands execution via the path parameter

Aliases

alias	CVE-2020-21583

Fixed_packages

url	pkg:deb/debian/util-linux@2.27-1?distro=trixie
purl	pkg:deb/debian/util-linux@2.27-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/util-linux@2.27-1%3Fdistro=trixie

url pkg:deb/debian/util-linux@2.29.2-1%2Bdeb9u1

purl pkg:deb/debian/util-linux@2.29.2-1%2Bdeb9u1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-3pq5-w4nm-dkec

vulnerability	VCID-773t-t959-z3c1

vulnerability	VCID-7ha4-8xxt-xkfy

vulnerability	VCID-9czu-jh2d-dbhx

vulnerability	VCID-ed2c-q43s-cydc

vulnerability	VCID-rnst-1ugv-pufk

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/util-linux@2.29.2-1%252Bdeb9u1

url pkg:deb/debian/util-linux@2.36.1-8%2Bdeb11u2?distro=trixie

purl pkg:deb/debian/util-linux@2.36.1-8%2Bdeb11u2?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-8hsf-75uj-13cd

vulnerability	VCID-uchq-5u5j-wbez

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/util-linux@2.36.1-8%252Bdeb11u2%3Fdistro=trixie

url pkg:deb/debian/util-linux@2.38.1-5%2Bdeb12u3?distro=trixie

purl pkg:deb/debian/util-linux@2.38.1-5%2Bdeb12u3?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-8hsf-75uj-13cd

vulnerability	VCID-uchq-5u5j-wbez

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/util-linux@2.38.1-5%252Bdeb12u3%3Fdistro=trixie

url pkg:deb/debian/util-linux@2.41-5?distro=trixie

purl pkg:deb/debian/util-linux@2.41-5?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-8hsf-75uj-13cd

vulnerability	VCID-uchq-5u5j-wbez

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/util-linux@2.41-5%3Fdistro=trixie

url pkg:deb/debian/util-linux@2.41.3-4?distro=trixie

purl pkg:deb/debian/util-linux@2.41.3-4?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-8hsf-75uj-13cd

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/util-linux@2.41.3-4%3Fdistro=trixie

url	pkg:deb/debian/util-linux@2.42-1?distro=trixie
purl	pkg:deb/debian/util-linux@2.42-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/util-linux@2.42-1%3Fdistro=trixie

url	pkg:deb/debian/util-linux@2.42-2?distro=trixie
purl	pkg:deb/debian/util-linux@2.42-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/util-linux@2.42-2%3Fdistro=trixie

url	pkg:deb/debian/util-linux@2.42-3?distro=trixie
purl	pkg:deb/debian/util-linux@2.42-3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/util-linux@2.42-3%3Fdistro=trixie

url	pkg:deb/debian/util-linux@2.42-4?distro=trixie
purl	pkg:deb/debian/util-linux@2.42-4?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/util-linux@2.42-4%3Fdistro=trixie

Affected_packages

url pkg:deb/debian/util-linux@2.7.1-3

purl pkg:deb/debian/util-linux@2.7.1-3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-3dyt-qa2a-rke1

vulnerability	VCID-3pq5-w4nm-dkec

vulnerability	VCID-3q76-uf4t-5fgt

vulnerability	VCID-61nu-645a-dyhx

vulnerability	VCID-773t-t959-z3c1

vulnerability	VCID-7ha4-8xxt-xkfy

vulnerability	VCID-9czu-jh2d-dbhx

vulnerability	VCID-9ec4-db9h-47bu

vulnerability	VCID-a5ny-vcsw-uqh1

vulnerability	VCID-arhf-bsdt-pbb6

vulnerability	VCID-ed2c-q43s-cydc

vulnerability	VCID-etmy-48fm-vudb

vulnerability	VCID-f2gk-ah7t-huge

vulnerability	VCID-hhx5-q9sz-eybx

vulnerability	VCID-kj8n-e8vx-xbe8

vulnerability	VCID-p35v-d4cm-c7b6

vulnerability	VCID-rew1-z9tf-wyaj

vulnerability	VCID-rnst-1ugv-pufk

vulnerability	VCID-s9ab-gzsp-wkdz

vulnerability	VCID-y5g5-me96-h3fs

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/util-linux@2.7.1-3

url pkg:deb/debian/util-linux@2.9g-6

purl pkg:deb/debian/util-linux@2.9g-6

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-3dyt-qa2a-rke1

vulnerability	VCID-3pq5-w4nm-dkec

vulnerability	VCID-3q76-uf4t-5fgt

vulnerability	VCID-61nu-645a-dyhx

vulnerability	VCID-773t-t959-z3c1

vulnerability	VCID-7ha4-8xxt-xkfy

vulnerability	VCID-9czu-jh2d-dbhx

vulnerability	VCID-9ec4-db9h-47bu

vulnerability	VCID-a5ny-vcsw-uqh1

vulnerability	VCID-arhf-bsdt-pbb6

vulnerability	VCID-ed2c-q43s-cydc

vulnerability	VCID-etmy-48fm-vudb

vulnerability	VCID-f2gk-ah7t-huge

vulnerability	VCID-hhx5-q9sz-eybx

vulnerability	VCID-kj8n-e8vx-xbe8

vulnerability	VCID-p35v-d4cm-c7b6

vulnerability	VCID-rew1-z9tf-wyaj

vulnerability	VCID-rnst-1ugv-pufk

vulnerability	VCID-s9ab-gzsp-wkdz

vulnerability	VCID-y5g5-me96-h3fs

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/util-linux@2.9g-6

url pkg:deb/debian/util-linux@2.10f-5.1

purl pkg:deb/debian/util-linux@2.10f-5.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-3dyt-qa2a-rke1

vulnerability	VCID-3pq5-w4nm-dkec

vulnerability	VCID-3q76-uf4t-5fgt

vulnerability	VCID-61nu-645a-dyhx

vulnerability	VCID-773t-t959-z3c1

vulnerability	VCID-7ha4-8xxt-xkfy

vulnerability	VCID-9czu-jh2d-dbhx

vulnerability	VCID-9ec4-db9h-47bu

vulnerability	VCID-a5ny-vcsw-uqh1

vulnerability	VCID-arhf-bsdt-pbb6

vulnerability	VCID-ed2c-q43s-cydc

vulnerability	VCID-etmy-48fm-vudb

vulnerability	VCID-f2gk-ah7t-huge

vulnerability	VCID-hhx5-q9sz-eybx

vulnerability	VCID-kj8n-e8vx-xbe8

vulnerability	VCID-p35v-d4cm-c7b6

vulnerability	VCID-rew1-z9tf-wyaj

vulnerability	VCID-rnst-1ugv-pufk

vulnerability	VCID-s9ab-gzsp-wkdz

vulnerability	VCID-y5g5-me96-h3fs

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/util-linux@2.10f-5.1

url pkg:deb/debian/util-linux@2.11n-7

purl pkg:deb/debian/util-linux@2.11n-7

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-3dyt-qa2a-rke1

vulnerability	VCID-3pq5-w4nm-dkec

vulnerability	VCID-61nu-645a-dyhx

vulnerability	VCID-773t-t959-z3c1

vulnerability	VCID-7ha4-8xxt-xkfy

vulnerability	VCID-9czu-jh2d-dbhx

vulnerability	VCID-9ec4-db9h-47bu

vulnerability	VCID-a5ny-vcsw-uqh1

vulnerability	VCID-arhf-bsdt-pbb6

vulnerability	VCID-ed2c-q43s-cydc

vulnerability	VCID-etmy-48fm-vudb

vulnerability	VCID-f2gk-ah7t-huge

vulnerability	VCID-hhx5-q9sz-eybx

vulnerability	VCID-kj8n-e8vx-xbe8

vulnerability	VCID-p35v-d4cm-c7b6

vulnerability	VCID-rew1-z9tf-wyaj

vulnerability	VCID-rnst-1ugv-pufk

vulnerability	VCID-s9ab-gzsp-wkdz

vulnerability	VCID-y5g5-me96-h3fs

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/util-linux@2.11n-7

url pkg:deb/debian/util-linux@2.12p-4sarge2

purl pkg:deb/debian/util-linux@2.12p-4sarge2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-3dyt-qa2a-rke1

vulnerability	VCID-3pq5-w4nm-dkec

vulnerability	VCID-61nu-645a-dyhx

vulnerability	VCID-773t-t959-z3c1

vulnerability	VCID-7ha4-8xxt-xkfy

vulnerability	VCID-9czu-jh2d-dbhx

vulnerability	VCID-9ec4-db9h-47bu

vulnerability	VCID-a5ny-vcsw-uqh1

vulnerability	VCID-arhf-bsdt-pbb6

vulnerability	VCID-ed2c-q43s-cydc

vulnerability	VCID-etmy-48fm-vudb

vulnerability	VCID-f2gk-ah7t-huge

vulnerability	VCID-hhx5-q9sz-eybx

vulnerability	VCID-kj8n-e8vx-xbe8

vulnerability	VCID-p35v-d4cm-c7b6

vulnerability	VCID-rew1-z9tf-wyaj

vulnerability	VCID-rnst-1ugv-pufk

vulnerability	VCID-s9ab-gzsp-wkdz

vulnerability	VCID-y5g5-me96-h3fs

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/util-linux@2.12p-4sarge2

url pkg:deb/debian/util-linux@2.12r-19

purl pkg:deb/debian/util-linux@2.12r-19

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-3dyt-qa2a-rke1

vulnerability	VCID-3pq5-w4nm-dkec

vulnerability	VCID-61nu-645a-dyhx

vulnerability	VCID-773t-t959-z3c1

vulnerability	VCID-7ha4-8xxt-xkfy

vulnerability	VCID-9czu-jh2d-dbhx

vulnerability	VCID-9ec4-db9h-47bu

vulnerability	VCID-a5ny-vcsw-uqh1

vulnerability	VCID-arhf-bsdt-pbb6

vulnerability	VCID-ed2c-q43s-cydc

vulnerability	VCID-etmy-48fm-vudb

vulnerability	VCID-f2gk-ah7t-huge

vulnerability	VCID-hhx5-q9sz-eybx

vulnerability	VCID-kj8n-e8vx-xbe8

vulnerability	VCID-p35v-d4cm-c7b6

vulnerability	VCID-rew1-z9tf-wyaj

vulnerability	VCID-rnst-1ugv-pufk

vulnerability	VCID-s9ab-gzsp-wkdz

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/util-linux@2.12r-19

url pkg:deb/debian/util-linux@2.12r-19etch1

purl pkg:deb/debian/util-linux@2.12r-19etch1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-3dyt-qa2a-rke1

vulnerability	VCID-3pq5-w4nm-dkec

vulnerability	VCID-61nu-645a-dyhx

vulnerability	VCID-773t-t959-z3c1

vulnerability	VCID-7ha4-8xxt-xkfy

vulnerability	VCID-9czu-jh2d-dbhx

vulnerability	VCID-9ec4-db9h-47bu

vulnerability	VCID-a5ny-vcsw-uqh1

vulnerability	VCID-arhf-bsdt-pbb6

vulnerability	VCID-ed2c-q43s-cydc

vulnerability	VCID-etmy-48fm-vudb

vulnerability	VCID-f2gk-ah7t-huge

vulnerability	VCID-hhx5-q9sz-eybx

vulnerability	VCID-kj8n-e8vx-xbe8

vulnerability	VCID-p35v-d4cm-c7b6

vulnerability	VCID-rew1-z9tf-wyaj

vulnerability	VCID-rnst-1ugv-pufk

vulnerability	VCID-s9ab-gzsp-wkdz

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/util-linux@2.12r-19etch1

url pkg:deb/debian/util-linux@2.13.1.1-1

purl pkg:deb/debian/util-linux@2.13.1.1-1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-3dyt-qa2a-rke1

vulnerability	VCID-3pq5-w4nm-dkec

vulnerability	VCID-61nu-645a-dyhx

vulnerability	VCID-773t-t959-z3c1

vulnerability	VCID-7ha4-8xxt-xkfy

vulnerability	VCID-9czu-jh2d-dbhx

vulnerability	VCID-9ec4-db9h-47bu

vulnerability	VCID-a5ny-vcsw-uqh1

vulnerability	VCID-arhf-bsdt-pbb6

vulnerability	VCID-ed2c-q43s-cydc

vulnerability	VCID-etmy-48fm-vudb

vulnerability	VCID-f2gk-ah7t-huge

vulnerability	VCID-hhx5-q9sz-eybx

vulnerability	VCID-p35v-d4cm-c7b6

vulnerability	VCID-rnst-1ugv-pufk

vulnerability	VCID-s9ab-gzsp-wkdz

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/util-linux@2.13.1.1-1

url pkg:deb/debian/util-linux@2.17.2-9

purl pkg:deb/debian/util-linux@2.17.2-9

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-3dyt-qa2a-rke1

vulnerability	VCID-3pq5-w4nm-dkec

vulnerability	VCID-61nu-645a-dyhx

vulnerability	VCID-773t-t959-z3c1

vulnerability	VCID-7ha4-8xxt-xkfy

vulnerability	VCID-9czu-jh2d-dbhx

vulnerability	VCID-9ec4-db9h-47bu

vulnerability	VCID-a5ny-vcsw-uqh1

vulnerability	VCID-arhf-bsdt-pbb6

vulnerability	VCID-ed2c-q43s-cydc

vulnerability	VCID-etmy-48fm-vudb

vulnerability	VCID-f2gk-ah7t-huge

vulnerability	VCID-hhx5-q9sz-eybx

vulnerability	VCID-rnst-1ugv-pufk

vulnerability	VCID-s9ab-gzsp-wkdz

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/util-linux@2.17.2-9

url pkg:deb/debian/util-linux@2.20.1-5.3

purl pkg:deb/debian/util-linux@2.20.1-5.3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-3dyt-qa2a-rke1

vulnerability	VCID-3pq5-w4nm-dkec

vulnerability	VCID-61nu-645a-dyhx

vulnerability	VCID-773t-t959-z3c1

vulnerability	VCID-7ha4-8xxt-xkfy

vulnerability	VCID-9czu-jh2d-dbhx

vulnerability	VCID-a5ny-vcsw-uqh1

vulnerability	VCID-arhf-bsdt-pbb6

vulnerability	VCID-ed2c-q43s-cydc

vulnerability	VCID-etmy-48fm-vudb

vulnerability	VCID-f2gk-ah7t-huge

vulnerability	VCID-rnst-1ugv-pufk

vulnerability	VCID-s9ab-gzsp-wkdz

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/util-linux@2.20.1-5.3

url pkg:deb/debian/util-linux@2.25.2-6

purl pkg:deb/debian/util-linux@2.25.2-6

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-3dyt-qa2a-rke1

vulnerability	VCID-3pq5-w4nm-dkec

vulnerability	VCID-61nu-645a-dyhx

vulnerability	VCID-773t-t959-z3c1

vulnerability	VCID-7ha4-8xxt-xkfy

vulnerability	VCID-9czu-jh2d-dbhx

vulnerability	VCID-a5ny-vcsw-uqh1

vulnerability	VCID-arhf-bsdt-pbb6

vulnerability	VCID-ed2c-q43s-cydc

vulnerability	VCID-etmy-48fm-vudb

vulnerability	VCID-rnst-1ugv-pufk

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/util-linux@2.25.2-6

References

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-21583.json

reference_id

reference_type

scores

value	6.4
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-21583.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2020-21583

reference_id

reference_type

scores

value	0.00038
scoring_system	epss
scoring_elements	0.11321
published_at	2026-04-01T12:55:00Z

value	0.00038
scoring_system	epss
scoring_elements	0.11458
published_at	2026-04-02T12:55:00Z

value	0.00038
scoring_system	epss
scoring_elements	0.11249
published_at	2026-04-18T12:55:00Z

value	0.00038
scoring_system	epss
scoring_elements	0.11445
published_at	2026-04-09T12:55:00Z

value	0.00038
scoring_system	epss
scoring_elements	0.11449
published_at	2026-04-11T12:55:00Z

value	0.00038
scoring_system	epss
scoring_elements	0.11416
published_at	2026-04-12T12:55:00Z

value	0.00038
scoring_system	epss
scoring_elements	0.11517
published_at	2026-04-04T12:55:00Z

value	0.00038
scoring_system	epss
scoring_elements	0.11304
published_at	2026-04-07T12:55:00Z

value	0.00038
scoring_system	epss
scoring_elements	0.11387
published_at	2026-04-13T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2020-21583

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-21583
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-21583

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	8.4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2238716
reference_id	2238716
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2238716

reference_url

https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=786804

reference_id

bugreport.cgi?bug=786804

reference_type

scores

value	Track*
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-10-07T15:19:58Z/

url

https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=786804

reference_url

https://packetstormsecurity.com/files/132061/hwclock-Privilege-Escalation.html

reference_id

hwclock-Privilege-Escalation.html

reference_type

scores

value	Track*
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-10-07T15:19:58Z/

url

https://packetstormsecurity.com/files/132061/hwclock-Privilege-Escalation.html

Weaknesses

cwe_id	78
name	Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
description	The product constructs all or part of an OS command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended OS command when it is sent to a downstream component.

Exploits

Severity_range_score 6.4 - 8.4

Exploitability 0.5

Weighted_severity 5.8

Risk_score 2.9

Resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-61nu-645a-dyhx

Vulnerability Instance