Django REST framework

Vulnerability Instance

Lookup for vulnerabilities affecting packages.

Vulnerability_idVCID-ba35-1hmw-m3hg
SummaryGnuPG: Unenforced configuration allows for apparently valid certifications actually signed by signing subkeys
Aliases
0
alias CVE-2018-9234
Fixed_packages
0
url pkg:alpm/archlinux/gnupg@2.2.5-2
purl pkg:alpm/archlinux/gnupg@2.2.5-2
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/gnupg@2.2.5-2
1
url pkg:deb/debian/gnupg2@2.2.7-1?distro=trixie
purl pkg:deb/debian/gnupg2@2.2.7-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/gnupg2@2.2.7-1%3Fdistro=trixie
2
url pkg:deb/debian/gnupg2@2.2.12-1
purl pkg:deb/debian/gnupg2@2.2.12-1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-9jj4-5uem-kkbs
1
vulnerability VCID-ng6k-ru7r-9kdp
2
vulnerability VCID-rqt5-xvxx-47h6
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/gnupg2@2.2.12-1
3
url pkg:deb/debian/gnupg2@2.2.27-2%2Bdeb11u2?distro=trixie
purl pkg:deb/debian/gnupg2@2.2.27-2%2Bdeb11u2?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-zx65-nc6s-8yf9
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/gnupg2@2.2.27-2%252Bdeb11u2%3Fdistro=trixie
4
url pkg:deb/debian/gnupg2@2.2.40-1.1%2Bdeb12u2?distro=trixie
purl pkg:deb/debian/gnupg2@2.2.40-1.1%2Bdeb12u2?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-zx65-nc6s-8yf9
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/gnupg2@2.2.40-1.1%252Bdeb12u2%3Fdistro=trixie
5
url pkg:deb/debian/gnupg2@2.4.7-21%2Bdeb13u1?distro=trixie
purl pkg:deb/debian/gnupg2@2.4.7-21%2Bdeb13u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-79fy-gfr6-zkgq
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/gnupg2@2.4.7-21%252Bdeb13u1%3Fdistro=trixie
6
url pkg:deb/debian/gnupg2@2.4.9-4?distro=trixie
purl pkg:deb/debian/gnupg2@2.4.9-4?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-79fy-gfr6-zkgq
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/gnupg2@2.4.9-4%3Fdistro=trixie
Affected_packages
0
url pkg:alpm/archlinux/gnupg@2.2.5-1
purl pkg:alpm/archlinux/gnupg@2.2.5-1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-ba35-1hmw-m3hg
resource_url http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/gnupg@2.2.5-1
1
url pkg:deb/debian/gnupg2@1.9.15-6sarge2
purl pkg:deb/debian/gnupg2@1.9.15-6sarge2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3jt3-2y11-yuc5
1
vulnerability VCID-3vdu-cchd-ekcp
2
vulnerability VCID-4jxu-65cg-gbag
3
vulnerability VCID-9cm4-mu3q-2yey
4
vulnerability VCID-9jj4-5uem-kkbs
5
vulnerability VCID-ba35-1hmw-m3hg
6
vulnerability VCID-c2pw-ysyx-q7an
7
vulnerability VCID-e1yx-b7wn-83af
8
vulnerability VCID-mhw6-1d6f-pbcp
9
vulnerability VCID-n34c-87th-d7gz
10
vulnerability VCID-nfzs-w4pe-bubj
11
vulnerability VCID-ng6k-ru7r-9kdp
12
vulnerability VCID-qapz-hmnm-x7dd
13
vulnerability VCID-rqt5-xvxx-47h6
14
vulnerability VCID-st4p-dn2v-dbg3
15
vulnerability VCID-vmyv-5rvk-akh3
16
vulnerability VCID-xgfe-d1s6-eufu
17
vulnerability VCID-y6zm-whbe-gfg4
18
vulnerability VCID-zytz-gsnc-yqh9
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/gnupg2@1.9.15-6sarge2
2
url pkg:deb/debian/gnupg2@2.0.0-5.2
purl pkg:deb/debian/gnupg2@2.0.0-5.2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3jt3-2y11-yuc5
1
vulnerability VCID-3vdu-cchd-ekcp
2
vulnerability VCID-9cm4-mu3q-2yey
3
vulnerability VCID-9jj4-5uem-kkbs
4
vulnerability VCID-ba35-1hmw-m3hg
5
vulnerability VCID-e1yx-b7wn-83af
6
vulnerability VCID-mhw6-1d6f-pbcp
7
vulnerability VCID-n34c-87th-d7gz
8
vulnerability VCID-nfzs-w4pe-bubj
9
vulnerability VCID-ng6k-ru7r-9kdp
10
vulnerability VCID-qapz-hmnm-x7dd
11
vulnerability VCID-rqt5-xvxx-47h6
12
vulnerability VCID-st4p-dn2v-dbg3
13
vulnerability VCID-vmyv-5rvk-akh3
14
vulnerability VCID-zytz-gsnc-yqh9
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/gnupg2@2.0.0-5.2
3
url pkg:deb/debian/gnupg2@2.0.9-3.1%2Blenny1
purl pkg:deb/debian/gnupg2@2.0.9-3.1%2Blenny1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3jt3-2y11-yuc5
1
vulnerability VCID-9cm4-mu3q-2yey
2
vulnerability VCID-9jj4-5uem-kkbs
3
vulnerability VCID-ba35-1hmw-m3hg
4
vulnerability VCID-mhw6-1d6f-pbcp
5
vulnerability VCID-n34c-87th-d7gz
6
vulnerability VCID-nfzs-w4pe-bubj
7
vulnerability VCID-ng6k-ru7r-9kdp
8
vulnerability VCID-qapz-hmnm-x7dd
9
vulnerability VCID-rqt5-xvxx-47h6
10
vulnerability VCID-st4p-dn2v-dbg3
11
vulnerability VCID-vmyv-5rvk-akh3
12
vulnerability VCID-zytz-gsnc-yqh9
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/gnupg2@2.0.9-3.1%252Blenny1
4
url pkg:deb/debian/gnupg2@2.0.14-2%2Bsqueeze2
purl pkg:deb/debian/gnupg2@2.0.14-2%2Bsqueeze2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3jt3-2y11-yuc5
1
vulnerability VCID-9cm4-mu3q-2yey
2
vulnerability VCID-9jj4-5uem-kkbs
3
vulnerability VCID-ba35-1hmw-m3hg
4
vulnerability VCID-mhw6-1d6f-pbcp
5
vulnerability VCID-nfzs-w4pe-bubj
6
vulnerability VCID-ng6k-ru7r-9kdp
7
vulnerability VCID-qapz-hmnm-x7dd
8
vulnerability VCID-rqt5-xvxx-47h6
9
vulnerability VCID-st4p-dn2v-dbg3
10
vulnerability VCID-vmyv-5rvk-akh3
11
vulnerability VCID-zytz-gsnc-yqh9
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/gnupg2@2.0.14-2%252Bsqueeze2
5
url pkg:deb/debian/gnupg2@2.0.14-2%2Bsqueeze3
purl pkg:deb/debian/gnupg2@2.0.14-2%2Bsqueeze3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3jt3-2y11-yuc5
1
vulnerability VCID-9cm4-mu3q-2yey
2
vulnerability VCID-9jj4-5uem-kkbs
3
vulnerability VCID-ba35-1hmw-m3hg
4
vulnerability VCID-mhw6-1d6f-pbcp
5
vulnerability VCID-nfzs-w4pe-bubj
6
vulnerability VCID-ng6k-ru7r-9kdp
7
vulnerability VCID-qapz-hmnm-x7dd
8
vulnerability VCID-rqt5-xvxx-47h6
9
vulnerability VCID-st4p-dn2v-dbg3
10
vulnerability VCID-vmyv-5rvk-akh3
11
vulnerability VCID-zytz-gsnc-yqh9
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/gnupg2@2.0.14-2%252Bsqueeze3
6
url pkg:deb/debian/gnupg2@2.0.19-2%2Bdeb7u2
purl pkg:deb/debian/gnupg2@2.0.19-2%2Bdeb7u2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3jt3-2y11-yuc5
1
vulnerability VCID-9cm4-mu3q-2yey
2
vulnerability VCID-9jj4-5uem-kkbs
3
vulnerability VCID-ba35-1hmw-m3hg
4
vulnerability VCID-mhw6-1d6f-pbcp
5
vulnerability VCID-nfzs-w4pe-bubj
6
vulnerability VCID-ng6k-ru7r-9kdp
7
vulnerability VCID-qapz-hmnm-x7dd
8
vulnerability VCID-rqt5-xvxx-47h6
9
vulnerability VCID-vmyv-5rvk-akh3
10
vulnerability VCID-zytz-gsnc-yqh9
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/gnupg2@2.0.19-2%252Bdeb7u2
7
url pkg:deb/debian/gnupg2@2.0.25-1~bpo70%2B1
purl pkg:deb/debian/gnupg2@2.0.25-1~bpo70%2B1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3jt3-2y11-yuc5
1
vulnerability VCID-9cm4-mu3q-2yey
2
vulnerability VCID-9jj4-5uem-kkbs
3
vulnerability VCID-ba35-1hmw-m3hg
4
vulnerability VCID-nfzs-w4pe-bubj
5
vulnerability VCID-ng6k-ru7r-9kdp
6
vulnerability VCID-qapz-hmnm-x7dd
7
vulnerability VCID-rqt5-xvxx-47h6
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/gnupg2@2.0.25-1~bpo70%252B1
8
url pkg:deb/debian/gnupg2@2.0.26-6
purl pkg:deb/debian/gnupg2@2.0.26-6
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-9cm4-mu3q-2yey
1
vulnerability VCID-9jj4-5uem-kkbs
2
vulnerability VCID-ba35-1hmw-m3hg
3
vulnerability VCID-ng6k-ru7r-9kdp
4
vulnerability VCID-qapz-hmnm-x7dd
5
vulnerability VCID-rqt5-xvxx-47h6
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/gnupg2@2.0.26-6
9
url pkg:deb/debian/gnupg2@2.0.26-6%2Bdeb8u2
purl pkg:deb/debian/gnupg2@2.0.26-6%2Bdeb8u2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-9cm4-mu3q-2yey
1
vulnerability VCID-9jj4-5uem-kkbs
2
vulnerability VCID-ba35-1hmw-m3hg
3
vulnerability VCID-ng6k-ru7r-9kdp
4
vulnerability VCID-qapz-hmnm-x7dd
5
vulnerability VCID-rqt5-xvxx-47h6
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/gnupg2@2.0.26-6%252Bdeb8u2
10
url pkg:deb/debian/gnupg2@2.1.18-6
purl pkg:deb/debian/gnupg2@2.1.18-6
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-9cm4-mu3q-2yey
1
vulnerability VCID-9jj4-5uem-kkbs
2
vulnerability VCID-ba35-1hmw-m3hg
3
vulnerability VCID-ng6k-ru7r-9kdp
4
vulnerability VCID-qapz-hmnm-x7dd
5
vulnerability VCID-rqt5-xvxx-47h6
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/gnupg2@2.1.18-6
11
url pkg:deb/debian/gnupg2@2.1.18-8~deb9u4
purl pkg:deb/debian/gnupg2@2.1.18-8~deb9u4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-9cm4-mu3q-2yey
1
vulnerability VCID-9jj4-5uem-kkbs
2
vulnerability VCID-ba35-1hmw-m3hg
3
vulnerability VCID-ng6k-ru7r-9kdp
4
vulnerability VCID-qapz-hmnm-x7dd
5
vulnerability VCID-rqt5-xvxx-47h6
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/gnupg2@2.1.18-8~deb9u4
References
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-9234.json
reference_id
reference_type
scores
0
value 2.2
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:H/PR:L/UI:R/S:U/C:N/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-9234.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2018-9234
reference_id
reference_type
scores
0
value 0.0017
scoring_system epss
scoring_elements 0.38217
published_at 2026-04-01T12:55:00Z
1
value 0.0017
scoring_system epss
scoring_elements 0.38221
published_at 2026-04-21T12:55:00Z
2
value 0.0017
scoring_system epss
scoring_elements 0.38305
published_at 2026-04-16T12:55:00Z
3
value 0.0017
scoring_system epss
scoring_elements 0.38285
published_at 2026-04-18T12:55:00Z
4
value 0.0017
scoring_system epss
scoring_elements 0.38353
published_at 2026-04-02T12:55:00Z
5
value 0.0017
scoring_system epss
scoring_elements 0.38377
published_at 2026-04-04T12:55:00Z
6
value 0.0017
scoring_system epss
scoring_elements 0.38243
published_at 2026-04-07T12:55:00Z
7
value 0.0017
scoring_system epss
scoring_elements 0.38293
published_at 2026-04-08T12:55:00Z
8
value 0.0017
scoring_system epss
scoring_elements 0.38302
published_at 2026-04-09T12:55:00Z
9
value 0.0017
scoring_system epss
scoring_elements 0.3832
published_at 2026-04-11T12:55:00Z
10
value 0.0017
scoring_system epss
scoring_elements 0.38283
published_at 2026-04-12T12:55:00Z
11
value 0.0017
scoring_system epss
scoring_elements 0.38258
published_at 2026-04-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2018-9234
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-9234
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-9234
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 2.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:N/I:L/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1563930
reference_id 1563930
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1563930
5
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=894983
reference_id 894983
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=894983
6
reference_url https://security.archlinux.org/AVG-943
reference_id AVG-943
reference_type
scores
0
value Low
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-943
7
reference_url https://usn.ubuntu.com/3675-1/
reference_id USN-3675-1
reference_type
scores
url https://usn.ubuntu.com/3675-1/
Weaknesses
0
cwe_id 325
name Missing Cryptographic Step
description The product does not implement a required step in a cryptographic algorithm, resulting in weaker encryption than advertised by the algorithm.
Exploits
Severity_range_score0.1 - 3
Exploitability0.5
Weighted_severity2.7
Risk_score1.4
Resource_urlhttp://public2.vulnerablecode.io/vulnerabilities/VCID-ba35-1hmw-m3hg