Django REST framework

Vulnerability Instance

Lookup for vulnerabilities affecting packages.

Vulnerability_idVCID-2rmg-7wqe-nqcq
SummaryBalabit syslog-ng 2.0, 3.0, 3.1, 3.2 OSE and PE, when running on FreeBSD or HP-UX, does not properly perform cast operations, which causes syslog-ng to use a default value of -1 to create log files with insecure permissions (07777), which allows local users to read and write to these log files.
Aliases
0
alias CVE-2011-0343
Fixed_packages
0
url pkg:deb/debian/syslog-ng@3.1.3-2?distro=trixie
purl pkg:deb/debian/syslog-ng@3.1.3-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/syslog-ng@3.1.3-2%3Fdistro=trixie
1
url pkg:deb/debian/syslog-ng@3.1.3-3
purl pkg:deb/debian/syslog-ng@3.1.3-3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1gf1-xw2a-dqgq
1
vulnerability VCID-1xzy-xag3-5ybt
2
vulnerability VCID-d3hk-n3x4-dfb6
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/syslog-ng@3.1.3-3
2
url pkg:deb/debian/syslog-ng@3.28.1-2%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/syslog-ng@3.28.1-2%2Bdeb11u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/syslog-ng@3.28.1-2%252Bdeb11u1%3Fdistro=trixie
3
url pkg:deb/debian/syslog-ng@3.38.1-5%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/syslog-ng@3.38.1-5%2Bdeb12u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/syslog-ng@3.38.1-5%252Bdeb12u1%3Fdistro=trixie
4
url pkg:deb/debian/syslog-ng@4.8.1-5%2Bdeb13u1?distro=trixie
purl pkg:deb/debian/syslog-ng@4.8.1-5%2Bdeb13u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/syslog-ng@4.8.1-5%252Bdeb13u1%3Fdistro=trixie
5
url pkg:deb/debian/syslog-ng@4.8.1-7?distro=trixie
purl pkg:deb/debian/syslog-ng@4.8.1-7?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/syslog-ng@4.8.1-7%3Fdistro=trixie
Affected_packages
0
url pkg:deb/debian/syslog-ng@1.4.0rc3-3
purl pkg:deb/debian/syslog-ng@1.4.0rc3-3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1gf1-xw2a-dqgq
1
vulnerability VCID-1xzy-xag3-5ybt
2
vulnerability VCID-2rmg-7wqe-nqcq
3
vulnerability VCID-8csr-snmd-dqby
4
vulnerability VCID-bfpg-vpax-ryhy
5
vulnerability VCID-c9ef-1f5v-y7b7
6
vulnerability VCID-d3hk-n3x4-dfb6
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/syslog-ng@1.4.0rc3-3
1
url pkg:deb/debian/syslog-ng@1.5.15-1
purl pkg:deb/debian/syslog-ng@1.5.15-1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1gf1-xw2a-dqgq
1
vulnerability VCID-1xzy-xag3-5ybt
2
vulnerability VCID-2rmg-7wqe-nqcq
3
vulnerability VCID-8csr-snmd-dqby
4
vulnerability VCID-bfpg-vpax-ryhy
5
vulnerability VCID-c9ef-1f5v-y7b7
6
vulnerability VCID-d3hk-n3x4-dfb6
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/syslog-ng@1.5.15-1
2
url pkg:deb/debian/syslog-ng@1.6.5-2.2
purl pkg:deb/debian/syslog-ng@1.6.5-2.2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1gf1-xw2a-dqgq
1
vulnerability VCID-1xzy-xag3-5ybt
2
vulnerability VCID-2rmg-7wqe-nqcq
3
vulnerability VCID-bfpg-vpax-ryhy
4
vulnerability VCID-c9ef-1f5v-y7b7
5
vulnerability VCID-d3hk-n3x4-dfb6
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/syslog-ng@1.6.5-2.2
3
url pkg:deb/debian/syslog-ng@2.0.0-1
purl pkg:deb/debian/syslog-ng@2.0.0-1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1gf1-xw2a-dqgq
1
vulnerability VCID-1xzy-xag3-5ybt
2
vulnerability VCID-2rmg-7wqe-nqcq
3
vulnerability VCID-bfpg-vpax-ryhy
4
vulnerability VCID-c9ef-1f5v-y7b7
5
vulnerability VCID-d3hk-n3x4-dfb6
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/syslog-ng@2.0.0-1
4
url pkg:deb/debian/syslog-ng@2.0.0-1etch1
purl pkg:deb/debian/syslog-ng@2.0.0-1etch1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1gf1-xw2a-dqgq
1
vulnerability VCID-1xzy-xag3-5ybt
2
vulnerability VCID-2rmg-7wqe-nqcq
3
vulnerability VCID-bfpg-vpax-ryhy
4
vulnerability VCID-c9ef-1f5v-y7b7
5
vulnerability VCID-d3hk-n3x4-dfb6
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/syslog-ng@2.0.0-1etch1
5
url pkg:deb/debian/syslog-ng@2.0.9-4.1
purl pkg:deb/debian/syslog-ng@2.0.9-4.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1gf1-xw2a-dqgq
1
vulnerability VCID-1xzy-xag3-5ybt
2
vulnerability VCID-2rmg-7wqe-nqcq
3
vulnerability VCID-d3hk-n3x4-dfb6
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/syslog-ng@2.0.9-4.1
References
0
reference_url http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=608491
reference_id
reference_type
scores
url http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=608491
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2011-0343
reference_id
reference_type
scores
0
value 0.00043
scoring_system epss
scoring_elements 0.13006
published_at 2026-04-18T12:55:00Z
1
value 0.00043
scoring_system epss
scoring_elements 0.13117
published_at 2026-04-01T12:55:00Z
2
value 0.00043
scoring_system epss
scoring_elements 0.13225
published_at 2026-04-02T12:55:00Z
3
value 0.00043
scoring_system epss
scoring_elements 0.13291
published_at 2026-04-04T12:55:00Z
4
value 0.00043
scoring_system epss
scoring_elements 0.13089
published_at 2026-04-07T12:55:00Z
5
value 0.00043
scoring_system epss
scoring_elements 0.13171
published_at 2026-04-08T12:55:00Z
6
value 0.00043
scoring_system epss
scoring_elements 0.13222
published_at 2026-04-09T12:55:00Z
7
value 0.00043
scoring_system epss
scoring_elements 0.13191
published_at 2026-04-11T12:55:00Z
8
value 0.00043
scoring_system epss
scoring_elements 0.13153
published_at 2026-04-12T12:55:00Z
9
value 0.00043
scoring_system epss
scoring_elements 0.13102
published_at 2026-04-21T12:55:00Z
10
value 0.00043
scoring_system epss
scoring_elements 0.13003
published_at 2026-04-16T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2011-0343
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0343
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0343
3
reference_url https://lists.balabit.com/pipermail/syslog-ng-announce/2011-January/000101.html
reference_id
reference_type
scores
url https://lists.balabit.com/pipermail/syslog-ng-announce/2011-January/000101.html
4
reference_url https://lists.balabit.com/pipermail/syslog-ng-announce/2011-January/000102.html
reference_id
reference_type
scores
url https://lists.balabit.com/pipermail/syslog-ng-announce/2011-January/000102.html
5
reference_url http://www.securityfocus.com/archive/1/515955/100/0/threaded
reference_id
reference_type
scores
url http://www.securityfocus.com/archive/1/515955/100/0/threaded
6
reference_url http://www.securityfocus.com/bid/45988
reference_id
reference_type
scores
url http://www.securityfocus.com/bid/45988
7
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=608491
reference_id 608491
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=608491
8
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oneidentity:syslog-ng:2.0:*:*:*:open_source:*:*:*
reference_id cpe:2.3:a:oneidentity:syslog-ng:2.0:*:*:*:open_source:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oneidentity:syslog-ng:2.0:*:*:*:open_source:*:*:*
9
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oneidentity:syslog-ng:2.0:*:*:*:premium:*:*:*
reference_id cpe:2.3:a:oneidentity:syslog-ng:2.0:*:*:*:premium:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oneidentity:syslog-ng:2.0:*:*:*:premium:*:*:*
10
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oneidentity:syslog-ng:3.0:*:*:*:open_source:*:*:*
reference_id cpe:2.3:a:oneidentity:syslog-ng:3.0:*:*:*:open_source:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oneidentity:syslog-ng:3.0:*:*:*:open_source:*:*:*
11
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oneidentity:syslog-ng:3.0:*:*:*:premium:*:*:*
reference_id cpe:2.3:a:oneidentity:syslog-ng:3.0:*:*:*:premium:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oneidentity:syslog-ng:3.0:*:*:*:premium:*:*:*
12
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oneidentity:syslog-ng:3.1:*:*:*:open_source:*:*:*
reference_id cpe:2.3:a:oneidentity:syslog-ng:3.1:*:*:*:open_source:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oneidentity:syslog-ng:3.1:*:*:*:open_source:*:*:*
13
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oneidentity:syslog-ng:3.1:*:*:*:premium:*:*:*
reference_id cpe:2.3:a:oneidentity:syslog-ng:3.1:*:*:*:premium:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oneidentity:syslog-ng:3.1:*:*:*:premium:*:*:*
14
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oneidentity:syslog-ng:3.2:*:*:*:open_source:*:*:*
reference_id cpe:2.3:a:oneidentity:syslog-ng:3.2:*:*:*:open_source:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oneidentity:syslog-ng:3.2:*:*:*:open_source:*:*:*
15
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oneidentity:syslog-ng:3.2:*:*:*:premium:*:*:*
reference_id cpe:2.3:a:oneidentity:syslog-ng:3.2:*:*:*:premium:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oneidentity:syslog-ng:3.2:*:*:*:premium:*:*:*
16
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:freebsd:freebsd:*:*:*:*:*:*:*:*
reference_id cpe:2.3:o:freebsd:freebsd:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:freebsd:freebsd:*:*:*:*:*:*:*:*
17
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:hp:hp-ux:*:*:*:*:*:*:*:*
reference_id cpe:2.3:o:hp:hp-ux:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:hp:hp-ux:*:*:*:*:*:*:*:*
18
reference_url https://nvd.nist.gov/vuln/detail/CVE-2011-0343
reference_id CVE-2011-0343
reference_type
scores
0
value 6.9
scoring_system cvssv2
scoring_elements AV:L/AC:M/Au:N/C:C/I:C/A:C
url https://nvd.nist.gov/vuln/detail/CVE-2011-0343
Weaknesses
0
cwe_id 264
name Permissions, Privileges, and Access Controls
description Weaknesses in this category are related to the management of permissions, privileges, and other security features that are used to perform access control.
Exploits
Severity_range_score6.9 - 6.9
Exploitability0.5
Weighted_severity6.2
Risk_score3.1
Resource_urlhttp://public2.vulnerablecode.io/vulnerabilities/VCID-2rmg-7wqe-nqcq