Django REST framework

Lookup for vulnerabilities affecting packages.

Vulnerability_id VCID-up13-8aex-7qfy

Summary bash: Code execution in bash autocompletion

Aliases

alias	CVE-2017-5932

Fixed_packages

url	pkg:deb/debian/bash@4.4-3?distro=trixie
purl	pkg:deb/debian/bash@4.4-3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/bash@4.4-3%3Fdistro=trixie

url pkg:deb/debian/bash@4.4-5

purl pkg:deb/debian/bash@4.4-5

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-556k-17z3-auc2

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/bash@4.4-5

url pkg:deb/debian/bash@5.1-2%2Bdeb11u1?distro=trixie

purl pkg:deb/debian/bash@5.1-2%2Bdeb11u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-rc3z-84wf-pygu

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/bash@5.1-2%252Bdeb11u1%3Fdistro=trixie

url	pkg:deb/debian/bash@5.2.15-2?distro=trixie
purl	pkg:deb/debian/bash@5.2.15-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/bash@5.2.15-2%3Fdistro=trixie

url	pkg:deb/debian/bash@5.2.37-2?distro=trixie
purl	pkg:deb/debian/bash@5.2.37-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/bash@5.2.37-2%3Fdistro=trixie

url	pkg:deb/debian/bash@5.3-2?distro=trixie
purl	pkg:deb/debian/bash@5.3-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/bash@5.3-2%3Fdistro=trixie

Affected_packages

url pkg:deb/debian/bash@2.01.1-4

purl pkg:deb/debian/bash@2.01.1-4

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-4c4h-9zpn-kkd2

vulnerability	VCID-556k-17z3-auc2

vulnerability	VCID-az8z-jtp2-tyhj

vulnerability	VCID-ba3s-az62-fkdc

vulnerability	VCID-hvf8-a8kf-qqbq

vulnerability	VCID-hxgp-7aap-xqh6

vulnerability	VCID-jqym-yvag-qfcz

vulnerability	VCID-k9hm-bh92-qfan

vulnerability	VCID-m98m-wbj2-zbdk

vulnerability	VCID-nm4t-6dw6-vbby

vulnerability	VCID-sqj7-9htv-nbfn

vulnerability	VCID-twyf-cbfd-hka1

vulnerability	VCID-up13-8aex-7qfy

vulnerability	VCID-yje9-sb3a-kubp

vulnerability	VCID-yz3v-qgsz-53ew

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/bash@2.01.1-4

url pkg:deb/debian/bash@2.01.1-4.1

purl pkg:deb/debian/bash@2.01.1-4.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-4c4h-9zpn-kkd2

vulnerability	VCID-556k-17z3-auc2

vulnerability	VCID-az8z-jtp2-tyhj

vulnerability	VCID-ba3s-az62-fkdc

vulnerability	VCID-hvf8-a8kf-qqbq

vulnerability	VCID-hxgp-7aap-xqh6

vulnerability	VCID-jqym-yvag-qfcz

vulnerability	VCID-k9hm-bh92-qfan

vulnerability	VCID-m98m-wbj2-zbdk

vulnerability	VCID-nm4t-6dw6-vbby

vulnerability	VCID-sqj7-9htv-nbfn

vulnerability	VCID-twyf-cbfd-hka1

vulnerability	VCID-up13-8aex-7qfy

vulnerability	VCID-yje9-sb3a-kubp

vulnerability	VCID-yz3v-qgsz-53ew

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/bash@2.01.1-4.1

url pkg:deb/debian/bash@2.03-6

purl pkg:deb/debian/bash@2.03-6

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-4c4h-9zpn-kkd2

vulnerability	VCID-556k-17z3-auc2

vulnerability	VCID-az8z-jtp2-tyhj

vulnerability	VCID-ba3s-az62-fkdc

vulnerability	VCID-hvf8-a8kf-qqbq

vulnerability	VCID-hxgp-7aap-xqh6

vulnerability	VCID-jqym-yvag-qfcz

vulnerability	VCID-k9hm-bh92-qfan

vulnerability	VCID-m98m-wbj2-zbdk

vulnerability	VCID-nm4t-6dw6-vbby

vulnerability	VCID-sqj7-9htv-nbfn

vulnerability	VCID-twyf-cbfd-hka1

vulnerability	VCID-up13-8aex-7qfy

vulnerability	VCID-yje9-sb3a-kubp

vulnerability	VCID-yz3v-qgsz-53ew

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/bash@2.03-6

url pkg:deb/debian/bash@2.05a-11

purl pkg:deb/debian/bash@2.05a-11

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-4c4h-9zpn-kkd2

vulnerability	VCID-556k-17z3-auc2

vulnerability	VCID-az8z-jtp2-tyhj

vulnerability	VCID-ba3s-az62-fkdc

vulnerability	VCID-hvf8-a8kf-qqbq

vulnerability	VCID-hxgp-7aap-xqh6

vulnerability	VCID-jqym-yvag-qfcz

vulnerability	VCID-k9hm-bh92-qfan

vulnerability	VCID-m98m-wbj2-zbdk

vulnerability	VCID-nm4t-6dw6-vbby

vulnerability	VCID-sqj7-9htv-nbfn

vulnerability	VCID-twyf-cbfd-hka1

vulnerability	VCID-up13-8aex-7qfy

vulnerability	VCID-yje9-sb3a-kubp

vulnerability	VCID-yz3v-qgsz-53ew

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/bash@2.05a-11

url pkg:deb/debian/bash@2.05b-2-26

purl pkg:deb/debian/bash@2.05b-2-26

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-4c4h-9zpn-kkd2

vulnerability	VCID-556k-17z3-auc2

vulnerability	VCID-az8z-jtp2-tyhj

vulnerability	VCID-ba3s-az62-fkdc

vulnerability	VCID-hvf8-a8kf-qqbq

vulnerability	VCID-hxgp-7aap-xqh6

vulnerability	VCID-jqym-yvag-qfcz

vulnerability	VCID-k9hm-bh92-qfan

vulnerability	VCID-m98m-wbj2-zbdk

vulnerability	VCID-nm4t-6dw6-vbby

vulnerability	VCID-sqj7-9htv-nbfn

vulnerability	VCID-twyf-cbfd-hka1

vulnerability	VCID-up13-8aex-7qfy

vulnerability	VCID-yje9-sb3a-kubp

vulnerability	VCID-yz3v-qgsz-53ew

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/bash@2.05b-2-26

url pkg:deb/debian/bash@3.1dfsg-8

purl pkg:deb/debian/bash@3.1dfsg-8

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-4c4h-9zpn-kkd2

vulnerability	VCID-556k-17z3-auc2

vulnerability	VCID-az8z-jtp2-tyhj

vulnerability	VCID-ba3s-az62-fkdc

vulnerability	VCID-hvf8-a8kf-qqbq

vulnerability	VCID-hxgp-7aap-xqh6

vulnerability	VCID-jqym-yvag-qfcz

vulnerability	VCID-k9hm-bh92-qfan

vulnerability	VCID-m98m-wbj2-zbdk

vulnerability	VCID-nm4t-6dw6-vbby

vulnerability	VCID-sqj7-9htv-nbfn

vulnerability	VCID-twyf-cbfd-hka1

vulnerability	VCID-up13-8aex-7qfy

vulnerability	VCID-yje9-sb3a-kubp

vulnerability	VCID-yz3v-qgsz-53ew

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/bash@3.1dfsg-8

url pkg:deb/debian/bash@3.2-4

purl pkg:deb/debian/bash@3.2-4

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-4c4h-9zpn-kkd2

vulnerability	VCID-556k-17z3-auc2

vulnerability	VCID-az8z-jtp2-tyhj

vulnerability	VCID-ba3s-az62-fkdc

vulnerability	VCID-hvf8-a8kf-qqbq

vulnerability	VCID-hxgp-7aap-xqh6

vulnerability	VCID-jqym-yvag-qfcz

vulnerability	VCID-k9hm-bh92-qfan

vulnerability	VCID-m98m-wbj2-zbdk

vulnerability	VCID-nm4t-6dw6-vbby

vulnerability	VCID-sqj7-9htv-nbfn

vulnerability	VCID-twyf-cbfd-hka1

vulnerability	VCID-up13-8aex-7qfy

vulnerability	VCID-yje9-sb3a-kubp

vulnerability	VCID-yz3v-qgsz-53ew

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/bash@3.2-4

url pkg:deb/debian/bash@4.1-3

purl pkg:deb/debian/bash@4.1-3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-4c4h-9zpn-kkd2

vulnerability	VCID-556k-17z3-auc2

vulnerability	VCID-az8z-jtp2-tyhj

vulnerability	VCID-ba3s-az62-fkdc

vulnerability	VCID-hvf8-a8kf-qqbq

vulnerability	VCID-hxgp-7aap-xqh6

vulnerability	VCID-jqym-yvag-qfcz

vulnerability	VCID-k9hm-bh92-qfan

vulnerability	VCID-m98m-wbj2-zbdk

vulnerability	VCID-nm4t-6dw6-vbby

vulnerability	VCID-sqj7-9htv-nbfn

vulnerability	VCID-up13-8aex-7qfy

vulnerability	VCID-yje9-sb3a-kubp

vulnerability	VCID-yz3v-qgsz-53ew

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/bash@4.1-3

url pkg:deb/debian/bash@4.1-3%2Bdeb6u2

purl pkg:deb/debian/bash@4.1-3%2Bdeb6u2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-4c4h-9zpn-kkd2

vulnerability	VCID-556k-17z3-auc2

vulnerability	VCID-az8z-jtp2-tyhj

vulnerability	VCID-ba3s-az62-fkdc

vulnerability	VCID-hvf8-a8kf-qqbq

vulnerability	VCID-hxgp-7aap-xqh6

vulnerability	VCID-jqym-yvag-qfcz

vulnerability	VCID-k9hm-bh92-qfan

vulnerability	VCID-m98m-wbj2-zbdk

vulnerability	VCID-nm4t-6dw6-vbby

vulnerability	VCID-sqj7-9htv-nbfn

vulnerability	VCID-up13-8aex-7qfy

vulnerability	VCID-yje9-sb3a-kubp

vulnerability	VCID-yz3v-qgsz-53ew

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/bash@4.1-3%252Bdeb6u2

url pkg:deb/debian/bash@4.2%2Bdfsg-0.1%2Bdeb7u3

purl pkg:deb/debian/bash@4.2%2Bdfsg-0.1%2Bdeb7u3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-4c4h-9zpn-kkd2

vulnerability	VCID-556k-17z3-auc2

vulnerability	VCID-az8z-jtp2-tyhj

vulnerability	VCID-ba3s-az62-fkdc

vulnerability	VCID-hvf8-a8kf-qqbq

vulnerability	VCID-hxgp-7aap-xqh6

vulnerability	VCID-jqym-yvag-qfcz

vulnerability	VCID-k9hm-bh92-qfan

vulnerability	VCID-nm4t-6dw6-vbby

vulnerability	VCID-sqj7-9htv-nbfn

vulnerability	VCID-up13-8aex-7qfy

vulnerability	VCID-yje9-sb3a-kubp

vulnerability	VCID-yz3v-qgsz-53ew

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/bash@4.2%252Bdfsg-0.1%252Bdeb7u3

url pkg:deb/debian/bash@4.3-11

purl pkg:deb/debian/bash@4.3-11

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-4c4h-9zpn-kkd2

vulnerability	VCID-556k-17z3-auc2

vulnerability	VCID-hvf8-a8kf-qqbq

vulnerability	VCID-jqym-yvag-qfcz

vulnerability	VCID-nm4t-6dw6-vbby

vulnerability	VCID-up13-8aex-7qfy

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/bash@4.3-11

url pkg:deb/debian/bash@4.3-11%2Bdeb8u1

purl pkg:deb/debian/bash@4.3-11%2Bdeb8u1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-4c4h-9zpn-kkd2

vulnerability	VCID-556k-17z3-auc2

vulnerability	VCID-hvf8-a8kf-qqbq

vulnerability	VCID-jqym-yvag-qfcz

vulnerability	VCID-nm4t-6dw6-vbby

vulnerability	VCID-up13-8aex-7qfy

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/bash@4.3-11%252Bdeb8u1

References

reference_url	http://git.savannah.gnu.org/cgit/bash.git/commit/?id=4f747edc625815f449048579f6e65869914dd715
reference_id
reference_type
scores
url	http://git.savannah.gnu.org/cgit/bash.git/commit/?id=4f747edc625815f449048579f6e65869914dd715

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5932.json

reference_id

reference_type

scores

value	7.8
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5932.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2017-5932

reference_id

reference_type

scores

value	0.00213
scoring_system	epss
scoring_elements	0.4383
published_at	2026-04-01T12:55:00Z

value	0.00213
scoring_system	epss
scoring_elements	0.43828
published_at	2026-04-07T12:55:00Z

value	0.00213
scoring_system	epss
scoring_elements	0.43874
published_at	2026-04-02T12:55:00Z

value	0.00213
scoring_system	epss
scoring_elements	0.43897
published_at	2026-04-04T12:55:00Z

value	0.00213
scoring_system	epss
scoring_elements	0.43878
published_at	2026-04-08T12:55:00Z

value	0.00213
scoring_system	epss
scoring_elements	0.43881
published_at	2026-04-09T12:55:00Z

value	0.00213
scoring_system	epss
scoring_elements	0.43899
published_at	2026-04-11T12:55:00Z

value	0.00229
scoring_system	epss
scoring_elements	0.45774
published_at	2026-04-18T12:55:00Z

value	0.00229
scoring_system	epss
scoring_elements	0.4578
published_at	2026-04-16T12:55:00Z

value	0.00229
scoring_system	epss
scoring_elements	0.45722
published_at	2026-04-12T12:55:00Z

value	0.00229
scoring_system	epss
scoring_elements	0.4573
published_at	2026-04-13T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2017-5932

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5932
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5932

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	6.9
scoring_system	cvssv2
scoring_elements	AV:L/AC:M/Au:N/C:C/I:C/A:C

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://lists.gnu.org/archive/html/bug-bash/2017-01/msg00034.html
reference_id
reference_type
scores
url	https://lists.gnu.org/archive/html/bug-bash/2017-01/msg00034.html

reference_url	http://www.openwall.com/lists/oss-security/2017/02/08/3
reference_id
reference_type
scores
url	http://www.openwall.com/lists/oss-security/2017/02/08/3

reference_url	http://www.securityfocus.com/bid/96136
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/96136

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1420674
reference_id	1420674
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1420674

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:gnu:bash:4.4:::::::*
reference_id	cpe:2.3:a:gnu:bash:4.4:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:gnu:bash:4.4:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2017-5932

reference_id

CVE-2017-5932

reference_type

scores

value	4.6
scoring_system	cvssv2
scoring_elements	AV:L/AC:L/Au:N/C:P/I:P/A:P

value	7.8
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

url

https://nvd.nist.gov/vuln/detail/CVE-2017-5932

reference_url	https://usn.ubuntu.com/3294-1/
reference_id	USN-3294-1
reference_type
scores
url	https://usn.ubuntu.com/3294-1/

Weaknesses

cwe_id	20
name	Improper Input Validation
description	The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

Exploits

Severity_range_score 4.6 - 7.8

Exploitability 0.5

Weighted_severity 7.0

Risk_score 3.5

Resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-up13-8aex-7qfy

Vulnerability Instance