Django REST framework

Vulnerability Instance

Lookup for vulnerabilities affecting packages.

Vulnerability_idVCID-mxkn-n54m-57hk
Summarya2ps 4.13 allows remote attackers to execute arbitrary commands via shell metacharacters in the filename.
Aliases
0
alias CVE-2004-1170
Fixed_packages
0
url pkg:deb/debian/a2ps@1:4.13b-4.2?distro=trixie
purl pkg:deb/debian/a2ps@1:4.13b-4.2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/a2ps@1:4.13b-4.2%3Fdistro=trixie
1
url pkg:deb/debian/a2ps@1:4.13b-4.3
purl pkg:deb/debian/a2ps@1:4.13b-4.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-436p-4bjx-7khu
1
vulnerability VCID-jyey-2ny4-akeh
2
vulnerability VCID-s4ex-ua5v-x3cc
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/a2ps@1:4.13b-4.3
2
url pkg:deb/debian/a2ps@1:4.14-7?distro=trixie
purl pkg:deb/debian/a2ps@1:4.14-7?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/a2ps@1:4.14-7%3Fdistro=trixie
3
url pkg:deb/debian/a2ps@1:4.14-8?distro=trixie
purl pkg:deb/debian/a2ps@1:4.14-8?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/a2ps@1:4.14-8%3Fdistro=trixie
4
url pkg:deb/debian/a2ps@1:4.15.6-1?distro=trixie
purl pkg:deb/debian/a2ps@1:4.15.6-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/a2ps@1:4.15.6-1%3Fdistro=trixie
5
url pkg:deb/debian/a2ps@1:4.15.7-5?distro=trixie
purl pkg:deb/debian/a2ps@1:4.15.7-5?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/a2ps@1:4.15.7-5%3Fdistro=trixie
Affected_packages
0
url pkg:deb/debian/a2ps@4.10.2-4
purl pkg:deb/debian/a2ps@4.10.2-4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-436p-4bjx-7khu
1
vulnerability VCID-cyqf-ycjc-wygc
2
vulnerability VCID-jyey-2ny4-akeh
3
vulnerability VCID-mxkn-n54m-57hk
4
vulnerability VCID-s4ex-ua5v-x3cc
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/a2ps@4.10.2-4
1
url pkg:deb/debian/a2ps@4.10.4-4
purl pkg:deb/debian/a2ps@4.10.4-4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-436p-4bjx-7khu
1
vulnerability VCID-cyqf-ycjc-wygc
2
vulnerability VCID-jyey-2ny4-akeh
3
vulnerability VCID-mxkn-n54m-57hk
4
vulnerability VCID-s4ex-ua5v-x3cc
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/a2ps@4.10.4-4
2
url pkg:deb/debian/a2ps@4.13-2
purl pkg:deb/debian/a2ps@4.13-2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-436p-4bjx-7khu
1
vulnerability VCID-cyqf-ycjc-wygc
2
vulnerability VCID-jyey-2ny4-akeh
3
vulnerability VCID-mxkn-n54m-57hk
4
vulnerability VCID-s4ex-ua5v-x3cc
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/a2ps@4.13-2
3
url pkg:deb/debian/a2ps@4.13b-16woody1
purl pkg:deb/debian/a2ps@4.13b-16woody1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-436p-4bjx-7khu
1
vulnerability VCID-cyqf-ycjc-wygc
2
vulnerability VCID-jyey-2ny4-akeh
3
vulnerability VCID-mxkn-n54m-57hk
4
vulnerability VCID-s4ex-ua5v-x3cc
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/a2ps@4.13b-16woody1
References
0
reference_url http://archives.neohapsis.com/archives/fulldisclosure/2004-08/1026.html
reference_id
reference_type
scores
url http://archives.neohapsis.com/archives/fulldisclosure/2004-08/1026.html
1
reference_url http://bugs.debian.org/283134
reference_id
reference_type
scores
url http://bugs.debian.org/283134
2
reference_url http://marc.info/?l=bugtraq&m=110598355226660&w=2
reference_id
reference_type
scores
url http://marc.info/?l=bugtraq&m=110598355226660&w=2
3
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2004-1170.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2004-1170.json
4
reference_url https://api.first.org/data/v1/epss?cve=CVE-2004-1170
reference_id
reference_type
scores
0
value 0.15592
scoring_system epss
scoring_elements 0.94692
published_at 2026-04-13T12:55:00Z
1
value 0.15592
scoring_system epss
scoring_elements 0.94654
published_at 2026-04-01T12:55:00Z
2
value 0.15592
scoring_system epss
scoring_elements 0.94662
published_at 2026-04-02T12:55:00Z
3
value 0.15592
scoring_system epss
scoring_elements 0.94667
published_at 2026-04-04T12:55:00Z
4
value 0.15592
scoring_system epss
scoring_elements 0.94669
published_at 2026-04-07T12:55:00Z
5
value 0.15592
scoring_system epss
scoring_elements 0.94679
published_at 2026-04-08T12:55:00Z
6
value 0.15592
scoring_system epss
scoring_elements 0.94684
published_at 2026-04-09T12:55:00Z
7
value 0.15592
scoring_system epss
scoring_elements 0.94688
published_at 2026-04-11T12:55:00Z
8
value 0.15592
scoring_system epss
scoring_elements 0.94691
published_at 2026-04-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2004-1170
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-1170
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-1170
6
reference_url http://secunia.com/advisories/12375
reference_id
reference_type
scores
url http://secunia.com/advisories/12375
7
reference_url https://exchange.xforce.ibmcloud.com/vulnerabilities/17127
reference_id
reference_type
scores
url https://exchange.xforce.ibmcloud.com/vulnerabilities/17127
8
reference_url http://sunsolve.sun.com/search/document.do?assetkey=1-26-57649-1&searchclause=
reference_id
reference_type
scores
url http://sunsolve.sun.com/search/document.do?assetkey=1-26-57649-1&searchclause=
9
reference_url http://www.mandriva.com/security/advisories?name=MDKSA-2004:140
reference_id
reference_type
scores
url http://www.mandriva.com/security/advisories?name=MDKSA-2004:140
10
reference_url http://www.novell.com/linux/security/advisories/2004_34_xfree86_libs_xshared.html
reference_id
reference_type
scores
url http://www.novell.com/linux/security/advisories/2004_34_xfree86_libs_xshared.html
11
reference_url http://www.securiteam.com/unixfocus/5MP0N2KDPA.html
reference_id
reference_type
scores
url http://www.securiteam.com/unixfocus/5MP0N2KDPA.html
12
reference_url http://www.securityfocus.com/archive/1/419765/100/0/threaded
reference_id
reference_type
scores
url http://www.securityfocus.com/archive/1/419765/100/0/threaded
13
reference_url http://www.securityfocus.com/bid/11025
reference_id
reference_type
scores
url http://www.securityfocus.com/bid/11025
14
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=283134
reference_id 283134
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=283134
15
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:gnu:a2ps:4.13:*:*:*:*:*:*:*
reference_id cpe:2.3:a:gnu:a2ps:4.13:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:gnu:a2ps:4.13:*:*:*:*:*:*:*
16
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:gnu:a2ps:4.13b:*:*:*:*:*:*:*
reference_id cpe:2.3:a:gnu:a2ps:4.13b:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:gnu:a2ps:4.13b:*:*:*:*:*:*:*
17
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:sun:java_desktop_system:2.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:sun:java_desktop_system:2.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:sun:java_desktop_system:2.0:*:*:*:*:*:*:*
18
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:sun:java_desktop_system:2003:*:*:*:*:*:*:*
reference_id cpe:2.3:a:sun:java_desktop_system:2003:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:sun:java_desktop_system:2003:*:*:*:*:*:*:*
19
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:suse_linux:8.1:*:*:*:*:*:*:*
reference_id cpe:2.3:o:suse:suse_linux:8.1:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:suse_linux:8.1:*:*:*:*:*:*:*
20
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:suse_linux:8.2:*:*:*:*:*:*:*
reference_id cpe:2.3:o:suse:suse_linux:8.2:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:suse_linux:8.2:*:*:*:*:*:*:*
21
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:suse_linux:8:*:enterprise_server:*:*:*:*:*
reference_id cpe:2.3:o:suse:suse_linux:8:*:enterprise_server:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:suse_linux:8:*:enterprise_server:*:*:*:*:*
22
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:suse_linux:9.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:suse:suse_linux:9.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:suse_linux:9.0:*:*:*:*:*:*:*
23
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:suse_linux:9.0:*:enterprise_server:*:*:*:*:*
reference_id cpe:2.3:o:suse:suse_linux:9.0:*:enterprise_server:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:suse_linux:9.0:*:enterprise_server:*:*:*:*:*
24
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:suse_linux:9.0:*:x86_64:*:*:*:*:*
reference_id cpe:2.3:o:suse:suse_linux:9.0:*:x86_64:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:suse_linux:9.0:*:x86_64:*:*:*:*:*
25
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:suse_linux:9.1:*:*:*:*:*:*:*
reference_id cpe:2.3:o:suse:suse_linux:9.1:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:suse_linux:9.1:*:*:*:*:*:*:*
26
reference_url https://nvd.nist.gov/vuln/detail/CVE-2004-1170
reference_id CVE-2004-1170
reference_type
scores
0
value 10.0
scoring_system cvssv2
scoring_elements AV:N/AC:L/Au:N/C:C/I:C/A:C
url https://nvd.nist.gov/vuln/detail/CVE-2004-1170
27
reference_url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/local/24406.txt
reference_id CVE-2004-1170;OSVDB-9176
reference_type exploit
scores
url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/local/24406.txt
28
reference_url https://www.securityfocus.com/bid/11025/info
reference_id CVE-2004-1170;OSVDB-9176
reference_type exploit
scores
url https://www.securityfocus.com/bid/11025/info
Weaknesses
Exploits
0
date_added 2004-08-24
description GNU a2ps 4.13 - File Name Command Execution
required_action null
due_date null
notes null
known_ransomware_campaign_use true
source_date_published 2004-08-24
exploit_type local
platform linux
source_date_updated 2013-01-27
data_source Exploit-DB
source_url https://www.securityfocus.com/bid/11025/info
Severity_range_score10.0 - 10.0
Exploitability2.0
Weighted_severity9.0
Risk_score10.0
Resource_urlhttp://public2.vulnerablecode.io/vulnerabilities/VCID-mxkn-n54m-57hk