Django REST framework

Vulnerability Instance

Lookup for vulnerabilities affecting packages.

Vulnerability_idVCID-8qrd-x836-k3fq
Summaryapt-cacher-ng through 3.3 allows local users to obtain sensitive information by hijacking the hardcoded TCP port. The /usr/lib/apt-cacher-ng/acngtool program attempts to connect to apt-cacher-ng via TCP on localhost port 3142, even if the explicit SocketPath=/var/run/apt-cacher-ng/socket command-line option is passed. The cron job /etc/cron.daily/apt-cacher-ng (which is active by default) attempts this periodically. Because 3142 is an unprivileged port, any local user can try to bind to this port and will receive requests from acngtool. There can be sensitive data in these requests, e.g., if AdminAuth is enabled in /etc/apt-cacher-ng/security.conf. This sensitive data can leak to unprivileged local users that manage to bind to this port before the apt-cacher-ng daemon can.
Aliases
0
alias CVE-2020-5202
Fixed_packages
0
url pkg:deb/debian/apt-cacher-ng@3.3.1-1?distro=trixie
purl pkg:deb/debian/apt-cacher-ng@3.3.1-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/apt-cacher-ng@3.3.1-1%3Fdistro=trixie
1
url pkg:deb/debian/apt-cacher-ng@3.6.4-1?distro=trixie
purl pkg:deb/debian/apt-cacher-ng@3.6.4-1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-hg6p-rmee-a7b5
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/apt-cacher-ng@3.6.4-1%3Fdistro=trixie
2
url pkg:deb/debian/apt-cacher-ng@3.7.4-1?distro=trixie
purl pkg:deb/debian/apt-cacher-ng@3.7.4-1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-hg6p-rmee-a7b5
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/apt-cacher-ng@3.7.4-1%3Fdistro=trixie
3
url pkg:deb/debian/apt-cacher-ng@3.7.5-1?distro=trixie
purl pkg:deb/debian/apt-cacher-ng@3.7.5-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/apt-cacher-ng@3.7.5-1%3Fdistro=trixie
4
url pkg:deb/debian/apt-cacher-ng@3.7.5-1.1?distro=trixie
purl pkg:deb/debian/apt-cacher-ng@3.7.5-1.1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/apt-cacher-ng@3.7.5-1.1%3Fdistro=trixie
Affected_packages
References
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-5202
reference_id
reference_type
scores
0
value 0.00071
scoring_system epss
scoring_elements 0.21792
published_at 2026-05-29T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-5202
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-5202
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-5202
Weaknesses
Exploits
Severity_range_scorenull
Exploitabilitynull
Weighted_severitynull
Risk_scorenull
Resource_urlhttp://public2.vulnerablecode.io/vulnerabilities/VCID-8qrd-x836-k3fq