Django REST framework

Lookup for vulnerabilities affecting packages.

Vulnerability_id VCID-4q79-666d-rygx

Summary python: XML External Entity in XML processing plistlib module

Aliases

alias	CVE-2022-48565

Fixed_packages

url	pkg:deb/debian/pypy3@7.3.5%2Bdfsg-2?distro=trixie
purl	pkg:deb/debian/pypy3@7.3.5%2Bdfsg-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/pypy3@7.3.5%252Bdfsg-2%3Fdistro=trixie

url pkg:deb/debian/pypy3@7.3.5%2Bdfsg-2%2Bdeb11u2

purl pkg:deb/debian/pypy3@7.3.5%2Bdfsg-2%2Bdeb11u2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-29cz-9gkc-1bfx

vulnerability	VCID-2shb-2cvn-dyd2

vulnerability	VCID-2v5u-2z4w-ffgx

vulnerability	VCID-4gsg-5e6s-63g4

vulnerability	VCID-4z89-3tfk-pyge

vulnerability	VCID-7ka5-7jrn-dber

vulnerability	VCID-7s7y-9bw5-m3ep

vulnerability	VCID-8hug-fhhb-sbgt

vulnerability	VCID-9nvp-aus1-9yed

vulnerability	VCID-9sms-mhht-n3aq

vulnerability	VCID-a8mv-mr3q-vygz

vulnerability	VCID-bqp2-x383-xqfh

vulnerability	VCID-dexx-3ssz-nqfg

vulnerability	VCID-e6rs-jwvu-jycd

vulnerability	VCID-e6sb-bh7v-9ugg

vulnerability	VCID-emaw-jmek-9bcy

vulnerability	VCID-h7z2-vc14-nfhq

vulnerability	VCID-js5p-py72-2kga

vulnerability	VCID-qqh6-evfk-1fgy

vulnerability	VCID-qwhz-912b-8kh5

vulnerability	VCID-smck-sdx2-c7du

vulnerability	VCID-tbuw-2msj-tqd9

vulnerability	VCID-v186-7sv1-ubej

vulnerability	VCID-vpwj-d49q-1uh8

vulnerability	VCID-znkr-fxtj-4uc7

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/pypy3@7.3.5%252Bdfsg-2%252Bdeb11u2

url pkg:deb/debian/pypy3@7.3.5%2Bdfsg-2%2Bdeb11u2?distro=trixie

purl pkg:deb/debian/pypy3@7.3.5%2Bdfsg-2%2Bdeb11u2?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2v5u-2z4w-ffgx

vulnerability	VCID-8hug-fhhb-sbgt

vulnerability	VCID-a8mv-mr3q-vygz

vulnerability	VCID-bqp2-x383-xqfh

vulnerability	VCID-qwhz-912b-8kh5

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/pypy3@7.3.5%252Bdfsg-2%252Bdeb11u2%3Fdistro=trixie

url pkg:deb/debian/pypy3@7.3.11%2Bdfsg-2%2Bdeb12u3?distro=trixie

purl pkg:deb/debian/pypy3@7.3.11%2Bdfsg-2%2Bdeb12u3?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1hw3-vhwb-nkcd

vulnerability	VCID-2v5u-2z4w-ffgx

vulnerability	VCID-4afh-28ss-mudf

vulnerability	VCID-757r-fs6p-qqdd

vulnerability	VCID-7s7y-9bw5-m3ep

vulnerability	VCID-8dtv-379a-wqfs

vulnerability	VCID-8zdt-4q7m-t7ht

vulnerability	VCID-9nvp-aus1-9yed

vulnerability	VCID-9sms-mhht-n3aq

vulnerability	VCID-dnv8-yrd6-c7cv

vulnerability	VCID-e6sb-bh7v-9ugg

vulnerability	VCID-emaw-jmek-9bcy

vulnerability	VCID-q6g1-cjz3-77e4

vulnerability	VCID-qwhz-912b-8kh5

vulnerability	VCID-smck-sdx2-c7du

vulnerability	VCID-v186-7sv1-ubej

vulnerability	VCID-znkr-fxtj-4uc7

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/pypy3@7.3.11%252Bdfsg-2%252Bdeb12u3%3Fdistro=trixie

url pkg:deb/debian/pypy3@7.3.19%2Bdfsg-2?distro=trixie

purl pkg:deb/debian/pypy3@7.3.19%2Bdfsg-2?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1hw3-vhwb-nkcd

vulnerability	VCID-4afh-28ss-mudf

vulnerability	VCID-757r-fs6p-qqdd

vulnerability	VCID-8dtv-379a-wqfs

vulnerability	VCID-8zdt-4q7m-t7ht

vulnerability	VCID-emaw-jmek-9bcy

vulnerability	VCID-q6g1-cjz3-77e4

vulnerability	VCID-znkr-fxtj-4uc7

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/pypy3@7.3.19%252Bdfsg-2%3Fdistro=trixie

url pkg:deb/debian/pypy3@7.3.21%2Bdfsg-4?distro=trixie

purl pkg:deb/debian/pypy3@7.3.21%2Bdfsg-4?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-8dtv-379a-wqfs

vulnerability	VCID-emaw-jmek-9bcy

vulnerability	VCID-znkr-fxtj-4uc7

vulnerability	VCID-zxzn-25zt-ukct

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/pypy3@7.3.21%252Bdfsg-4%3Fdistro=trixie

url	pkg:deb/debian/python2.7@2.7.18-8%2Bdeb11u1
purl	pkg:deb/debian/python2.7@2.7.18-8%2Bdeb11u1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/python2.7@2.7.18-8%252Bdeb11u1

url	pkg:deb/debian/python2.7@2.7.18-8%2Bdeb11u1?distro=bullseye
purl	pkg:deb/debian/python2.7@2.7.18-8%2Bdeb11u1?distro=bullseye
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/python2.7@2.7.18-8%252Bdeb11u1%3Fdistro=bullseye

url	pkg:deb/debian/python3.9@3.9.1~rc1-1?distro=bullseye
purl	pkg:deb/debian/python3.9@3.9.1~rc1-1?distro=bullseye
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/python3.9@3.9.1~rc1-1%3Fdistro=bullseye

url	pkg:deb/debian/python3.9@3.9.2-1?distro=bullseye
purl	pkg:deb/debian/python3.9@3.9.2-1?distro=bullseye
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/python3.9@3.9.2-1%3Fdistro=bullseye

Affected_packages

url pkg:deb/debian/pypy3@7.0.0%2Bdfsg-3

purl pkg:deb/debian/pypy3@7.0.0%2Bdfsg-3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-29cz-9gkc-1bfx

vulnerability	VCID-2czu-wy37-qugf

vulnerability	VCID-2j3t-a3r6-vfg7

vulnerability	VCID-2shb-2cvn-dyd2

vulnerability	VCID-4gsg-5e6s-63g4

vulnerability	VCID-4q79-666d-rygx

vulnerability	VCID-4z89-3tfk-pyge

vulnerability	VCID-7ka5-7jrn-dber

vulnerability	VCID-7nj2-94zp-d3bp

vulnerability	VCID-7s7y-9bw5-m3ep

vulnerability	VCID-8a7h-5rn5-gubx

vulnerability	VCID-9nvp-aus1-9yed

vulnerability	VCID-9sms-mhht-n3aq

vulnerability	VCID-ct6h-d1eh-7bgj

vulnerability	VCID-dexx-3ssz-nqfg

vulnerability	VCID-e6rs-jwvu-jycd

vulnerability	VCID-e6sb-bh7v-9ugg

vulnerability	VCID-emaw-jmek-9bcy

vulnerability	VCID-ewbq-2gm8-tyf5

vulnerability	VCID-gvgx-eq9r-d3d2

vulnerability	VCID-h7z2-vc14-nfhq

vulnerability	VCID-j8hj-k7wy-yfch

vulnerability	VCID-js5p-py72-2kga

vulnerability	VCID-qqh6-evfk-1fgy

vulnerability	VCID-smck-sdx2-c7du

vulnerability	VCID-tbuw-2msj-tqd9

vulnerability	VCID-tyk4-kazt-kydj

vulnerability	VCID-v186-7sv1-ubej

vulnerability	VCID-vpwj-d49q-1uh8

vulnerability	VCID-w6k8-js68-87g4

vulnerability	VCID-znkr-fxtj-4uc7

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/pypy3@7.0.0%252Bdfsg-3

url pkg:deb/debian/python2.7@2.7.3-6%2Bdeb7u2

purl pkg:deb/debian/python2.7@2.7.3-6%2Bdeb7u2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1mw1-384y-huc7

vulnerability	VCID-1taa-a9e4-tbc5

vulnerability	VCID-2czu-wy37-qugf

vulnerability	VCID-2shb-2cvn-dyd2

vulnerability	VCID-3mu8-g6x3-effb

vulnerability	VCID-4py6-hkzp-v3d4

vulnerability	VCID-4q79-666d-rygx

vulnerability	VCID-4z89-3tfk-pyge

vulnerability	VCID-57c6-hx7f-efc6

vulnerability	VCID-7jat-6ags-qbdr

vulnerability	VCID-8aq9-8cf5-qbet

vulnerability	VCID-8jfv-cqa8-7yb6

vulnerability	VCID-9jj2-hsne-mbac

vulnerability	VCID-9mcr-rmtb-mufj

vulnerability	VCID-c97c-3177-wkhx

vulnerability	VCID-dkxn-j9dr-sqbp

vulnerability	VCID-dv5v-71b5-budp

vulnerability	VCID-ez5b-fvw8-hkh3

vulnerability	VCID-f5vu-k9rc-27fz

vulnerability	VCID-g81p-pg7g-xfcf

vulnerability	VCID-gfzb-b7tt-fkgz

vulnerability	VCID-gkfp-ga1r-jkag

vulnerability	VCID-hcq4-yq9k-jygb

vulnerability	VCID-hgwh-tzsf-suc1

vulnerability	VCID-j9s6-2y47-zbbt

vulnerability	VCID-k18q-3e9y-ykgf

vulnerability	VCID-mzd5-dwty-bqhf

vulnerability	VCID-ppqx-qup8-sqbz

vulnerability	VCID-tyk4-kazt-kydj

vulnerability	VCID-ugfy-dufq-hfb2

vulnerability	VCID-v84j-ugn9-w3c8

vulnerability	VCID-vpwj-d49q-1uh8

vulnerability	VCID-w6k8-js68-87g4

vulnerability	VCID-w85n-mm5g-5yd1

vulnerability	VCID-wq7w-nrar-ykde

vulnerability	VCID-wxhp-wayg-qbd1

vulnerability	VCID-x7h3-nmjt-aud5

vulnerability	VCID-xv9p-nyha-xygv

vulnerability	VCID-yqm8-fk44-4yhk

vulnerability	VCID-z6kh-961g-duck

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/python2.7@2.7.3-6%252Bdeb7u2

url pkg:deb/debian/python2.7@2.7.9-2

purl pkg:deb/debian/python2.7@2.7.9-2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1taa-a9e4-tbc5

vulnerability	VCID-2czu-wy37-qugf

vulnerability	VCID-2shb-2cvn-dyd2

vulnerability	VCID-3mu8-g6x3-effb

vulnerability	VCID-4py6-hkzp-v3d4

vulnerability	VCID-4q79-666d-rygx

vulnerability	VCID-4z89-3tfk-pyge

vulnerability	VCID-57c6-hx7f-efc6

vulnerability	VCID-7jat-6ags-qbdr

vulnerability	VCID-9mcr-rmtb-mufj

vulnerability	VCID-c97c-3177-wkhx

vulnerability	VCID-dkxn-j9dr-sqbp

vulnerability	VCID-dv5v-71b5-budp

vulnerability	VCID-gfzb-b7tt-fkgz

vulnerability	VCID-gkfp-ga1r-jkag

vulnerability	VCID-hcq4-yq9k-jygb

vulnerability	VCID-hgwh-tzsf-suc1

vulnerability	VCID-j9s6-2y47-zbbt

vulnerability	VCID-k18q-3e9y-ykgf

vulnerability	VCID-ppqx-qup8-sqbz

vulnerability	VCID-tyk4-kazt-kydj

vulnerability	VCID-ugfy-dufq-hfb2

vulnerability	VCID-v84j-ugn9-w3c8

vulnerability	VCID-vpwj-d49q-1uh8

vulnerability	VCID-w6k8-js68-87g4

vulnerability	VCID-wq7w-nrar-ykde

vulnerability	VCID-wxhp-wayg-qbd1

vulnerability	VCID-x7h3-nmjt-aud5

vulnerability	VCID-xv9p-nyha-xygv

vulnerability	VCID-yqm8-fk44-4yhk

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/python2.7@2.7.9-2

url pkg:deb/debian/python2.7@2.7.9-2%2Bdeb8u1

purl pkg:deb/debian/python2.7@2.7.9-2%2Bdeb8u1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1taa-a9e4-tbc5

vulnerability	VCID-2czu-wy37-qugf

vulnerability	VCID-2shb-2cvn-dyd2

vulnerability	VCID-3mu8-g6x3-effb

vulnerability	VCID-4py6-hkzp-v3d4

vulnerability	VCID-4q79-666d-rygx

vulnerability	VCID-4z89-3tfk-pyge

vulnerability	VCID-57c6-hx7f-efc6

vulnerability	VCID-7jat-6ags-qbdr

vulnerability	VCID-9mcr-rmtb-mufj

vulnerability	VCID-c97c-3177-wkhx

vulnerability	VCID-dkxn-j9dr-sqbp

vulnerability	VCID-dv5v-71b5-budp

vulnerability	VCID-gfzb-b7tt-fkgz

vulnerability	VCID-gkfp-ga1r-jkag

vulnerability	VCID-hcq4-yq9k-jygb

vulnerability	VCID-hgwh-tzsf-suc1

vulnerability	VCID-j9s6-2y47-zbbt

vulnerability	VCID-k18q-3e9y-ykgf

vulnerability	VCID-ppqx-qup8-sqbz

vulnerability	VCID-tyk4-kazt-kydj

vulnerability	VCID-ugfy-dufq-hfb2

vulnerability	VCID-v84j-ugn9-w3c8

vulnerability	VCID-vpwj-d49q-1uh8

vulnerability	VCID-w6k8-js68-87g4

vulnerability	VCID-wq7w-nrar-ykde

vulnerability	VCID-wxhp-wayg-qbd1

vulnerability	VCID-x7h3-nmjt-aud5

vulnerability	VCID-xv9p-nyha-xygv

vulnerability	VCID-yqm8-fk44-4yhk

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/python2.7@2.7.9-2%252Bdeb8u1

url pkg:deb/debian/python2.7@2.7.13-2%2Bdeb9u3

purl pkg:deb/debian/python2.7@2.7.13-2%2Bdeb9u3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1taa-a9e4-tbc5

vulnerability	VCID-2czu-wy37-qugf

vulnerability	VCID-2shb-2cvn-dyd2

vulnerability	VCID-4py6-hkzp-v3d4

vulnerability	VCID-4q79-666d-rygx

vulnerability	VCID-4z89-3tfk-pyge

vulnerability	VCID-57c6-hx7f-efc6

vulnerability	VCID-7jat-6ags-qbdr

vulnerability	VCID-9mcr-rmtb-mufj

vulnerability	VCID-dkxn-j9dr-sqbp

vulnerability	VCID-dv5v-71b5-budp

vulnerability	VCID-gfzb-b7tt-fkgz

vulnerability	VCID-gkfp-ga1r-jkag

vulnerability	VCID-hcq4-yq9k-jygb

vulnerability	VCID-j9s6-2y47-zbbt

vulnerability	VCID-k18q-3e9y-ykgf

vulnerability	VCID-ppqx-qup8-sqbz

vulnerability	VCID-tyk4-kazt-kydj

vulnerability	VCID-v84j-ugn9-w3c8

vulnerability	VCID-vpwj-d49q-1uh8

vulnerability	VCID-w6k8-js68-87g4

vulnerability	VCID-wq7w-nrar-ykde

vulnerability	VCID-wxhp-wayg-qbd1

vulnerability	VCID-x7h3-nmjt-aud5

vulnerability	VCID-xv9p-nyha-xygv

vulnerability	VCID-yqm8-fk44-4yhk

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/python2.7@2.7.13-2%252Bdeb9u3

url pkg:deb/debian/python2.7@2.7.16-2%2Bdeb10u1

purl pkg:deb/debian/python2.7@2.7.16-2%2Bdeb10u1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1taa-a9e4-tbc5

vulnerability	VCID-2czu-wy37-qugf

vulnerability	VCID-2shb-2cvn-dyd2

vulnerability	VCID-4q79-666d-rygx

vulnerability	VCID-4z89-3tfk-pyge

vulnerability	VCID-57c6-hx7f-efc6

vulnerability	VCID-9mcr-rmtb-mufj

vulnerability	VCID-dkxn-j9dr-sqbp

vulnerability	VCID-dv5v-71b5-budp

vulnerability	VCID-gkfp-ga1r-jkag

vulnerability	VCID-ppqx-qup8-sqbz

vulnerability	VCID-tyk4-kazt-kydj

vulnerability	VCID-v84j-ugn9-w3c8

vulnerability	VCID-vpwj-d49q-1uh8

vulnerability	VCID-w6k8-js68-87g4

vulnerability	VCID-x7h3-nmjt-aud5

vulnerability	VCID-xv9p-nyha-xygv

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/python2.7@2.7.16-2%252Bdeb10u1

References

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-48565.json

reference_id

reference_type

scores

value	7.8
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-48565.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2022-48565

reference_id

reference_type

scores

value	0.07274
scoring_system	epss
scoring_elements	0.91625
published_at	2026-04-02T12:55:00Z

value	0.07274
scoring_system	epss
scoring_elements	0.91681
published_at	2026-04-16T12:55:00Z

value	0.07274
scoring_system	epss
scoring_elements	0.91631
published_at	2026-04-04T12:55:00Z

value	0.07274
scoring_system	epss
scoring_elements	0.91639
published_at	2026-04-07T12:55:00Z

value	0.07274
scoring_system	epss
scoring_elements	0.91651
published_at	2026-04-08T12:55:00Z

value	0.07274
scoring_system	epss
scoring_elements	0.91657
published_at	2026-04-09T12:55:00Z

value	0.07274
scoring_system	epss
scoring_elements	0.91661
published_at	2026-04-11T12:55:00Z

value	0.07274
scoring_system	epss
scoring_elements	0.91663
published_at	2026-04-12T12:55:00Z

value	0.07274
scoring_system	epss
scoring_elements	0.9166
published_at	2026-04-13T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2022-48565

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-48565
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-48565

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2240059
reference_id	2240059
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2240059

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/AFHYAGWBFBNUGWU6XWKBHTCV5NH77MB7/

reference_id

AFHYAGWBFBNUGWU6XWKBHTCV5NH77MB7

reference_type

scores

value	Track*
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2024-10-03T17:41:12Z/

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/AFHYAGWBFBNUGWU6XWKBHTCV5NH77MB7/

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BAYWJD576JUKLHCWKDLMJSUGTRDKPF3M/

reference_id

BAYWJD576JUKLHCWKDLMJSUGTRDKPF3M

reference_type

scores

value	Track*
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2024-10-03T17:41:12Z/

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BAYWJD576JUKLHCWKDLMJSUGTRDKPF3M/

reference_url

https://bugs.python.org/issue42051

reference_id

issue42051

reference_type

scores

value	Track*
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2024-10-03T17:41:12Z/

url

https://bugs.python.org/issue42051

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KZRZRJHWLZ7MOJNPQBWGJVXMVYDC5BRA/

reference_id

KZRZRJHWLZ7MOJNPQBWGJVXMVYDC5BRA

reference_type

scores

value	Track*
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2024-10-03T17:41:12Z/

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KZRZRJHWLZ7MOJNPQBWGJVXMVYDC5BRA/

reference_url

https://lists.debian.org/debian-lts-announce/2023/10/msg00017.html

reference_id

msg00017.html

reference_type

scores

value	Track*
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2024-10-03T17:41:12Z/

url

https://lists.debian.org/debian-lts-announce/2023/10/msg00017.html

reference_url

https://lists.debian.org/debian-lts-announce/2023/09/msg00022.html

reference_id

msg00022.html

reference_type

scores

value	Track*
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2024-10-03T17:41:12Z/

url

https://lists.debian.org/debian-lts-announce/2023/09/msg00022.html

reference_url

https://security.netapp.com/advisory/ntap-20231006-0007/

reference_id

ntap-20231006-0007

reference_type

scores

value	Track*
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2024-10-03T17:41:12Z/

url

https://security.netapp.com/advisory/ntap-20231006-0007/

reference_url	https://access.redhat.com/errata/RHSA-2024:2987
reference_id	RHSA-2024:2987
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:2987

reference_url	https://usn.ubuntu.com/6354-1/
reference_id	USN-6354-1
reference_type
scores
url	https://usn.ubuntu.com/6354-1/

reference_url	https://usn.ubuntu.com/6891-1/
reference_id	USN-6891-1
reference_type
scores
url	https://usn.ubuntu.com/6891-1/

reference_url	https://usn.ubuntu.com/7180-1/
reference_id	USN-7180-1
reference_type
scores
url	https://usn.ubuntu.com/7180-1/

Weaknesses

cwe_id	611
name	Improper Restriction of XML External Entity Reference
description	The product processes an XML document that can contain XML entities with URIs that resolve to documents outside of the intended sphere of control, causing the product to embed incorrect documents into its output.

Exploits

Severity_range_score 5.3 - 7.8

Exploitability 0.5

Weighted_severity 7.0

Risk_score 3.5

Resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-4q79-666d-rygx

Vulnerability Instance