Django REST framework

Lookup for vulnerabilities affecting packages.

Vulnerability_id VCID-ss2f-8hxs-myb1

Summary ceph: Object Gateway server DoS by sending invalid cross-origin HTTP request

Aliases

alias	CVE-2016-9579

Fixed_packages

url	pkg:deb/debian/ceph@10.2.5-2?distro=trixie
purl	pkg:deb/debian/ceph@10.2.5-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/ceph@10.2.5-2%3Fdistro=trixie

url pkg:deb/debian/ceph@10.2.5-6~bpo8%2B1

purl pkg:deb/debian/ceph@10.2.5-6~bpo8%2B1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-18bk-met9-qfc9

vulnerability	VCID-1fhp-86sm-bqe5

vulnerability	VCID-1yz5-m9s7-nqdm

vulnerability	VCID-36gd-352p-n7b7

vulnerability	VCID-3pwt-4j1y-dbg6

vulnerability	VCID-47cr-h639-tqd4

vulnerability	VCID-4mk7-e67u-zkgy

vulnerability	VCID-54nw-yq6d-2ueu

vulnerability	VCID-5bgn-2pbq-6yd1

vulnerability	VCID-6kbn-psnc-q3cy

vulnerability	VCID-7k2s-fmzx-a3d8

vulnerability	VCID-9e77-3unf-r3hu

vulnerability	VCID-a4u3-63ez-gfbc

vulnerability	VCID-axaa-8h31-j3gd

vulnerability	VCID-bdcb-c7nj-j7gw

vulnerability	VCID-d8ft-cst1-5yh5

vulnerability	VCID-fy1p-qh8k-m7b8

vulnerability	VCID-gjne-rqt9-jqc5

vulnerability	VCID-hqp5-p9fs-t3dk

vulnerability	VCID-kxvn-yjm8-3ygt

vulnerability	VCID-m5wq-1w2k-9khk

vulnerability	VCID-nczx-qfyh-xubz

vulnerability	VCID-pp2v-1dp5-4bbd

vulnerability	VCID-qkp7-s947-ufcu

vulnerability	VCID-r1ah-c6z7-vyen

vulnerability	VCID-rukb-cwpx-q3hy

vulnerability	VCID-ssk3-kfn8-vuhy

vulnerability	VCID-xsvh-emr7-r7as

vulnerability	VCID-yr1z-udw9-mfha

vulnerability	VCID-zbwp-sfx4-xke7

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/ceph@10.2.5-6~bpo8%252B1

url	pkg:deb/debian/ceph@14.2.21-1?distro=trixie
purl	pkg:deb/debian/ceph@14.2.21-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/ceph@14.2.21-1%3Fdistro=trixie

url pkg:deb/debian/ceph@16.2.15%2Bds-0%2Bdeb12u1?distro=trixie

purl pkg:deb/debian/ceph@16.2.15%2Bds-0%2Bdeb12u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-18bk-met9-qfc9

vulnerability	VCID-1yz5-m9s7-nqdm

vulnerability	VCID-r1ah-c6z7-vyen

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/ceph@16.2.15%252Bds-0%252Bdeb12u1%3Fdistro=trixie

url pkg:deb/debian/ceph@18.2.7%2Bds-1?distro=trixie

purl pkg:deb/debian/ceph@18.2.7%2Bds-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-18bk-met9-qfc9

vulnerability	VCID-1yz5-m9s7-nqdm

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/ceph@18.2.7%252Bds-1%3Fdistro=trixie

url	pkg:deb/debian/ceph@18.2.8%2Bds-1?distro=trixie
purl	pkg:deb/debian/ceph@18.2.8%2Bds-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/ceph@18.2.8%252Bds-1%3Fdistro=trixie

Affected_packages

url pkg:deb/debian/ceph@0.80.7-1~bpo70%2B1

purl pkg:deb/debian/ceph@0.80.7-1~bpo70%2B1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-18bk-met9-qfc9

vulnerability	VCID-1fhp-86sm-bqe5

vulnerability	VCID-1yz5-m9s7-nqdm

vulnerability	VCID-36gd-352p-n7b7

vulnerability	VCID-3pwt-4j1y-dbg6

vulnerability	VCID-47cr-h639-tqd4

vulnerability	VCID-4mk7-e67u-zkgy

vulnerability	VCID-54nw-yq6d-2ueu

vulnerability	VCID-5bgn-2pbq-6yd1

vulnerability	VCID-6kbn-psnc-q3cy

vulnerability	VCID-7k2s-fmzx-a3d8

vulnerability	VCID-9e77-3unf-r3hu

vulnerability	VCID-a4u3-63ez-gfbc

vulnerability	VCID-axaa-8h31-j3gd

vulnerability	VCID-bdcb-c7nj-j7gw

vulnerability	VCID-bysx-t7fz-5kdk

vulnerability	VCID-cm58-jgsb-7yaf

vulnerability	VCID-d8ft-cst1-5yh5

vulnerability	VCID-fy1p-qh8k-m7b8

vulnerability	VCID-gj55-s7r1-f3b4

vulnerability	VCID-gjne-rqt9-jqc5

vulnerability	VCID-hqp5-p9fs-t3dk

vulnerability	VCID-kxvn-yjm8-3ygt

vulnerability	VCID-m5wq-1w2k-9khk

vulnerability	VCID-nczx-qfyh-xubz

vulnerability	VCID-pp2v-1dp5-4bbd

vulnerability	VCID-qkp7-s947-ufcu

vulnerability	VCID-qr8p-ec3h-37at

vulnerability	VCID-r1ah-c6z7-vyen

vulnerability	VCID-rukb-cwpx-q3hy

vulnerability	VCID-ss2f-8hxs-myb1

vulnerability	VCID-ssk3-kfn8-vuhy

vulnerability	VCID-xsvh-emr7-r7as

vulnerability	VCID-yr1z-udw9-mfha

vulnerability	VCID-zbwp-sfx4-xke7

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/ceph@0.80.7-1~bpo70%252B1

url pkg:deb/debian/ceph@0.80.7-2

purl pkg:deb/debian/ceph@0.80.7-2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-18bk-met9-qfc9

vulnerability	VCID-1fhp-86sm-bqe5

vulnerability	VCID-1yz5-m9s7-nqdm

vulnerability	VCID-36gd-352p-n7b7

vulnerability	VCID-3pwt-4j1y-dbg6

vulnerability	VCID-47cr-h639-tqd4

vulnerability	VCID-4mk7-e67u-zkgy

vulnerability	VCID-54nw-yq6d-2ueu

vulnerability	VCID-5bgn-2pbq-6yd1

vulnerability	VCID-6kbn-psnc-q3cy

vulnerability	VCID-7k2s-fmzx-a3d8

vulnerability	VCID-9e77-3unf-r3hu

vulnerability	VCID-a4u3-63ez-gfbc

vulnerability	VCID-axaa-8h31-j3gd

vulnerability	VCID-bdcb-c7nj-j7gw

vulnerability	VCID-bysx-t7fz-5kdk

vulnerability	VCID-cm58-jgsb-7yaf

vulnerability	VCID-d8ft-cst1-5yh5

vulnerability	VCID-fy1p-qh8k-m7b8

vulnerability	VCID-gj55-s7r1-f3b4

vulnerability	VCID-gjne-rqt9-jqc5

vulnerability	VCID-hqp5-p9fs-t3dk

vulnerability	VCID-kxvn-yjm8-3ygt

vulnerability	VCID-m5wq-1w2k-9khk

vulnerability	VCID-nczx-qfyh-xubz

vulnerability	VCID-pp2v-1dp5-4bbd

vulnerability	VCID-qkp7-s947-ufcu

vulnerability	VCID-qr8p-ec3h-37at

vulnerability	VCID-r1ah-c6z7-vyen

vulnerability	VCID-rukb-cwpx-q3hy

vulnerability	VCID-ss2f-8hxs-myb1

vulnerability	VCID-ssk3-kfn8-vuhy

vulnerability	VCID-xsvh-emr7-r7as

vulnerability	VCID-yr1z-udw9-mfha

vulnerability	VCID-zbwp-sfx4-xke7

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/ceph@0.80.7-2

url pkg:deb/debian/ceph@0.80.7-2%2Bdeb8u2

purl pkg:deb/debian/ceph@0.80.7-2%2Bdeb8u2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-18bk-met9-qfc9

vulnerability	VCID-1fhp-86sm-bqe5

vulnerability	VCID-1yz5-m9s7-nqdm

vulnerability	VCID-36gd-352p-n7b7

vulnerability	VCID-3pwt-4j1y-dbg6

vulnerability	VCID-47cr-h639-tqd4

vulnerability	VCID-4mk7-e67u-zkgy

vulnerability	VCID-54nw-yq6d-2ueu

vulnerability	VCID-5bgn-2pbq-6yd1

vulnerability	VCID-6kbn-psnc-q3cy

vulnerability	VCID-7k2s-fmzx-a3d8

vulnerability	VCID-9e77-3unf-r3hu

vulnerability	VCID-a4u3-63ez-gfbc

vulnerability	VCID-axaa-8h31-j3gd

vulnerability	VCID-bdcb-c7nj-j7gw

vulnerability	VCID-bysx-t7fz-5kdk

vulnerability	VCID-cm58-jgsb-7yaf

vulnerability	VCID-d8ft-cst1-5yh5

vulnerability	VCID-fy1p-qh8k-m7b8

vulnerability	VCID-gj55-s7r1-f3b4

vulnerability	VCID-gjne-rqt9-jqc5

vulnerability	VCID-hqp5-p9fs-t3dk

vulnerability	VCID-kxvn-yjm8-3ygt

vulnerability	VCID-m5wq-1w2k-9khk

vulnerability	VCID-nczx-qfyh-xubz

vulnerability	VCID-pp2v-1dp5-4bbd

vulnerability	VCID-qkp7-s947-ufcu

vulnerability	VCID-qr8p-ec3h-37at

vulnerability	VCID-r1ah-c6z7-vyen

vulnerability	VCID-rukb-cwpx-q3hy

vulnerability	VCID-ss2f-8hxs-myb1

vulnerability	VCID-ssk3-kfn8-vuhy

vulnerability	VCID-xsvh-emr7-r7as

vulnerability	VCID-yr1z-udw9-mfha

vulnerability	VCID-zbwp-sfx4-xke7

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/ceph@0.80.7-2%252Bdeb8u2

url pkg:deb/debian/ceph@0.80.10-2~bpo8%2B1

purl pkg:deb/debian/ceph@0.80.10-2~bpo8%2B1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-18bk-met9-qfc9

vulnerability	VCID-1fhp-86sm-bqe5

vulnerability	VCID-1yz5-m9s7-nqdm

vulnerability	VCID-36gd-352p-n7b7

vulnerability	VCID-3pwt-4j1y-dbg6

vulnerability	VCID-47cr-h639-tqd4

vulnerability	VCID-4mk7-e67u-zkgy

vulnerability	VCID-54nw-yq6d-2ueu

vulnerability	VCID-5bgn-2pbq-6yd1

vulnerability	VCID-6kbn-psnc-q3cy

vulnerability	VCID-7k2s-fmzx-a3d8

vulnerability	VCID-9e77-3unf-r3hu

vulnerability	VCID-a4u3-63ez-gfbc

vulnerability	VCID-axaa-8h31-j3gd

vulnerability	VCID-bdcb-c7nj-j7gw

vulnerability	VCID-cm58-jgsb-7yaf

vulnerability	VCID-d8ft-cst1-5yh5

vulnerability	VCID-fy1p-qh8k-m7b8

vulnerability	VCID-gj55-s7r1-f3b4

vulnerability	VCID-gjne-rqt9-jqc5

vulnerability	VCID-hqp5-p9fs-t3dk

vulnerability	VCID-kxvn-yjm8-3ygt

vulnerability	VCID-m5wq-1w2k-9khk

vulnerability	VCID-nczx-qfyh-xubz

vulnerability	VCID-pp2v-1dp5-4bbd

vulnerability	VCID-qkp7-s947-ufcu

vulnerability	VCID-qr8p-ec3h-37at

vulnerability	VCID-r1ah-c6z7-vyen

vulnerability	VCID-rukb-cwpx-q3hy

vulnerability	VCID-ss2f-8hxs-myb1

vulnerability	VCID-ssk3-kfn8-vuhy

vulnerability	VCID-xsvh-emr7-r7as

vulnerability	VCID-yr1z-udw9-mfha

vulnerability	VCID-zbwp-sfx4-xke7

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/ceph@0.80.10-2~bpo8%252B1

url pkg:rpm/redhat/ceph@1:0.94.9-9?arch=el7cp

purl pkg:rpm/redhat/ceph@1:0.94.9-9?arch=el7cp

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-ss2f-8hxs-myb1

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/ceph@1:0.94.9-9%3Farch=el7cp

url pkg:rpm/redhat/ceph@1:10.2.3-17?arch=el7cp

purl pkg:rpm/redhat/ceph@1:10.2.3-17?arch=el7cp

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-ss2f-8hxs-myb1

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/ceph@1:10.2.3-17%3Farch=el7cp

References

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9579.json

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9579.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2016-9579

reference_id

reference_type

scores

value	0.18013
scoring_system	epss
scoring_elements	0.9513
published_at	2026-04-01T12:55:00Z

value	0.18013
scoring_system	epss
scoring_elements	0.95141
published_at	2026-04-02T12:55:00Z

value	0.18013
scoring_system	epss
scoring_elements	0.95142
published_at	2026-04-04T12:55:00Z

value	0.18013
scoring_system	epss
scoring_elements	0.95144
published_at	2026-04-07T12:55:00Z

value	0.18013
scoring_system	epss
scoring_elements	0.95152
published_at	2026-04-08T12:55:00Z

value	0.18013
scoring_system	epss
scoring_elements	0.95156
published_at	2026-04-09T12:55:00Z

value	0.18013
scoring_system	epss
scoring_elements	0.95161
published_at	2026-04-11T12:55:00Z

value	0.18013
scoring_system	epss
scoring_elements	0.95162
published_at	2026-04-12T12:55:00Z

value	0.18013
scoring_system	epss
scoring_elements	0.95165
published_at	2026-04-13T12:55:00Z

value	0.18013
scoring_system	epss
scoring_elements	0.95173
published_at	2026-04-16T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2016-9579

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9579
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9579

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	3.5
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:S/C:N/I:N/A:P

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1403245
reference_id	1403245
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1403245

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=849048
reference_id	849048
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=849048

reference_url	https://access.redhat.com/errata/RHSA-2016:2954
reference_id	RHSA-2016:2954
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:2954

reference_url	https://access.redhat.com/errata/RHSA-2016:2956
reference_id	RHSA-2016:2956
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:2956

reference_url	https://access.redhat.com/errata/RHSA-2016:2994
reference_id	RHSA-2016:2994
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:2994

reference_url	https://access.redhat.com/errata/RHSA-2016:2995
reference_id	RHSA-2016:2995
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:2995

reference_url	https://usn.ubuntu.com/3452-1/
reference_id	USN-3452-1
reference_type
scores
url	https://usn.ubuntu.com/3452-1/

Weaknesses

cwe_id	20
name	Improper Input Validation
description	The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

Exploits

Severity_range_score 3.5 - 6.5

Exploitability 0.5

Weighted_severity 5.9

Risk_score 3.0

Resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ss2f-8hxs-myb1

Vulnerability Instance