Django REST framework

Vulnerability Instance

Lookup for vulnerabilities affecting packages.

Vulnerability_idVCID-xrfx-cnup-sfbm
SummaryQEMU: VNC: infinite loop in inflate_buffer() leads to denial of service
Aliases
0
alias CVE-2023-3255
Fixed_packages
0
url pkg:deb/debian/qemu@0?distro=trixie
purl pkg:deb/debian/qemu@0?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@0%3Fdistro=trixie
1
url pkg:deb/debian/qemu@1:5.2%2Bdfsg-11%2Bdeb11u3?distro=trixie
purl pkg:deb/debian/qemu@1:5.2%2Bdfsg-11%2Bdeb11u3?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3kyg-9mf3-kfft
1
vulnerability VCID-6qnt-yaa3-p3bb
2
vulnerability VCID-cenj-mz55-jbg6
3
vulnerability VCID-d2ve-dnmj-4bbz
4
vulnerability VCID-ej5p-r4az-6ud2
5
vulnerability VCID-ewb7-nrtu-g7ex
6
vulnerability VCID-gc6n-kgsc-f3b6
7
vulnerability VCID-m47q-17n6-t7gg
8
vulnerability VCID-mtj9-1cns-yybw
9
vulnerability VCID-n71j-fz74-kyhf
10
vulnerability VCID-p2dz-mtns-5bb4
11
vulnerability VCID-ptty-88p4-ybe9
12
vulnerability VCID-pxjg-chmx-nkdc
13
vulnerability VCID-qh2s-apkz-sbaz
14
vulnerability VCID-t58m-9jqp-43c9
15
vulnerability VCID-t5gq-4bhn-gkej
16
vulnerability VCID-uzxc-npak-yyc4
17
vulnerability VCID-w7gc-1eh2-3ufu
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:5.2%252Bdfsg-11%252Bdeb11u3%3Fdistro=trixie
2
url pkg:deb/debian/qemu@1:7.2%2Bdfsg-7%2Bdeb12u2?distro=trixie
purl pkg:deb/debian/qemu@1:7.2%2Bdfsg-7%2Bdeb12u2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:7.2%252Bdfsg-7%252Bdeb12u2%3Fdistro=trixie
3
url pkg:deb/debian/qemu@1:7.2%2Bdfsg-7%2Bdeb12u18?distro=trixie
purl pkg:deb/debian/qemu@1:7.2%2Bdfsg-7%2Bdeb12u18?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-hkf8-96k7-kuc9
1
vulnerability VCID-m47q-17n6-t7gg
2
vulnerability VCID-n71j-fz74-kyhf
3
vulnerability VCID-t58m-9jqp-43c9
4
vulnerability VCID-uzxc-npak-yyc4
5
vulnerability VCID-vcun-y6d5-6uby
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:7.2%252Bdfsg-7%252Bdeb12u18%3Fdistro=trixie
4
url pkg:deb/debian/qemu@1:8.0.4%2Bdfsg-1?distro=trixie
purl pkg:deb/debian/qemu@1:8.0.4%2Bdfsg-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:8.0.4%252Bdfsg-1%3Fdistro=trixie
5
url pkg:deb/debian/qemu@1:10.0.8%2Bds-0%2Bdeb13u1?distro=trixie
purl pkg:deb/debian/qemu@1:10.0.8%2Bds-0%2Bdeb13u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-9szt-c829-zfdh
1
vulnerability VCID-detn-3zsq-3qh7
2
vulnerability VCID-m47q-17n6-t7gg
3
vulnerability VCID-n71j-fz74-kyhf
4
vulnerability VCID-vcun-y6d5-6uby
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:10.0.8%252Bds-0%252Bdeb13u1%3Fdistro=trixie
6
url pkg:deb/debian/qemu@1:10.2.1%2Bds-1?distro=trixie
purl pkg:deb/debian/qemu@1:10.2.1%2Bds-1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-9szt-c829-zfdh
1
vulnerability VCID-detn-3zsq-3qh7
2
vulnerability VCID-m47q-17n6-t7gg
3
vulnerability VCID-vcun-y6d5-6uby
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:10.2.1%252Bds-1%3Fdistro=trixie
7
url pkg:deb/debian/qemu@1:10.2.2%2Bds-1?distro=trixie
purl pkg:deb/debian/qemu@1:10.2.2%2Bds-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:10.2.2%252Bds-1%3Fdistro=trixie
8
url pkg:deb/debian/qemu@1:11.0.0%2Bds-1?distro=trixie
purl pkg:deb/debian/qemu@1:11.0.0%2Bds-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:11.0.0%252Bds-1%3Fdistro=trixie
Affected_packages
0
url pkg:rpm/redhat/qemu-kvm@17:8.2.0-11?arch=el9_4
purl pkg:rpm/redhat/qemu-kvm@17:8.2.0-11?arch=el9_4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-d9vv-kpna-fyem
1
vulnerability VCID-f4sq-73vu-sfdq
2
vulnerability VCID-kngg-3rup-u3gf
3
vulnerability VCID-qs61-1esc-c3cz
4
vulnerability VCID-xrfx-cnup-sfbm
resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/qemu-kvm@17:8.2.0-11%3Farch=el9_4
References
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-3255.json
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-3255.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2023-3255
reference_id
reference_type
scores
0
value 0.00117
scoring_system epss
scoring_elements 0.3051
published_at 2026-04-21T12:55:00Z
1
value 0.00117
scoring_system epss
scoring_elements 0.30675
published_at 2026-04-02T12:55:00Z
2
value 0.00117
scoring_system epss
scoring_elements 0.30537
published_at 2026-04-13T12:55:00Z
3
value 0.00117
scoring_system epss
scoring_elements 0.30563
published_at 2026-04-16T12:55:00Z
4
value 0.00117
scoring_system epss
scoring_elements 0.30544
published_at 2026-04-18T12:55:00Z
5
value 0.00117
scoring_system epss
scoring_elements 0.30722
published_at 2026-04-04T12:55:00Z
6
value 0.00117
scoring_system epss
scoring_elements 0.30533
published_at 2026-04-07T12:55:00Z
7
value 0.00117
scoring_system epss
scoring_elements 0.30592
published_at 2026-04-08T12:55:00Z
8
value 0.00117
scoring_system epss
scoring_elements 0.30625
published_at 2026-04-09T12:55:00Z
9
value 0.00117
scoring_system epss
scoring_elements 0.30629
published_at 2026-04-11T12:55:00Z
10
value 0.00117
scoring_system epss
scoring_elements 0.30584
published_at 2026-04-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2023-3255
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 4.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2218486
reference_id 2218486
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-17T17:14:24Z/
url https://bugzilla.redhat.com/show_bug.cgi?id=2218486
4
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:advanced_virtualization:8::el8
reference_id cpe:/a:redhat:advanced_virtualization:8::el8
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:advanced_virtualization:8::el8
5
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::appstream
reference_id cpe:/a:redhat:enterprise_linux:8::appstream
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::appstream
6
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::crb
reference_id cpe:/a:redhat:enterprise_linux:8::crb
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::crb
7
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream
reference_id cpe:/a:redhat:enterprise_linux:9::appstream
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream
8
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6
reference_id cpe:/o:redhat:enterprise_linux:6
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6
9
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7
reference_id cpe:/o:redhat:enterprise_linux:7
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7
10
reference_url https://access.redhat.com/security/cve/CVE-2023-3255
reference_id CVE-2023-3255
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-17T17:14:24Z/
url https://access.redhat.com/security/cve/CVE-2023-3255
11
reference_url https://access.redhat.com/errata/RHSA-2024:2135
reference_id RHSA-2024:2135
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-17T17:14:24Z/
url https://access.redhat.com/errata/RHSA-2024:2135
12
reference_url https://access.redhat.com/errata/RHSA-2024:2962
reference_id RHSA-2024:2962
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-17T17:14:24Z/
url https://access.redhat.com/errata/RHSA-2024:2962
13
reference_url https://usn.ubuntu.com/6567-1/
reference_id USN-6567-1
reference_type
scores
url https://usn.ubuntu.com/6567-1/
Weaknesses
0
cwe_id 835
name Loop with Unreachable Exit Condition ('Infinite Loop')
description The product contains an iteration or loop with an exit condition that cannot be reached, i.e., an infinite loop.
Exploits
Severity_range_score4.9 - 6.5
Exploitability0.5
Weighted_severity5.9
Risk_score3.0
Resource_urlhttp://public2.vulnerablecode.io/vulnerabilities/VCID-xrfx-cnup-sfbm