Django REST framework

Vulnerability Instance

Lookup for vulnerabilities affecting packages.

Vulnerability_idVCID-5ymr-xk84-8uh3
SummaryIn GNU Libextractor 1.4, there is an integer signedness error for the chunk size in the EXTRACTOR_nsfe_extract_method function in plugins/nsfe_extractor.c, leading to an infinite loop for a crafted size.
Aliases
0
alias CVE-2017-15602
Fixed_packages
0
url pkg:deb/debian/libextractor@1:1.6-1?distro=trixie
purl pkg:deb/debian/libextractor@1:1.6-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libextractor@1:1.6-1%3Fdistro=trixie
1
url pkg:deb/debian/libextractor@1:1.8-2%2Bdeb10u1
purl pkg:deb/debian/libextractor@1:1.8-2%2Bdeb10u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-tubv-28uu-2uh8
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libextractor@1:1.8-2%252Bdeb10u1
2
url pkg:deb/debian/libextractor@1:1.11-2?distro=trixie
purl pkg:deb/debian/libextractor@1:1.11-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libextractor@1:1.11-2%3Fdistro=trixie
3
url pkg:deb/debian/libextractor@1:1.11-7?distro=trixie
purl pkg:deb/debian/libextractor@1:1.11-7?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libextractor@1:1.11-7%3Fdistro=trixie
4
url pkg:deb/debian/libextractor@1:1.13-8?distro=trixie
purl pkg:deb/debian/libextractor@1:1.13-8?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libextractor@1:1.13-8%3Fdistro=trixie
5
url pkg:deb/debian/libextractor@1:1.13-10?distro=trixie
purl pkg:deb/debian/libextractor@1:1.13-10?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libextractor@1:1.13-10%3Fdistro=trixie
Affected_packages
0
url pkg:deb/debian/libextractor@0.4.2-2sarge6
purl pkg:deb/debian/libextractor@0.4.2-2sarge6
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1xdm-2dj5-jkc7
1
vulnerability VCID-1z9b-trb7-2ubp
2
vulnerability VCID-2auw-wc6u-ekcs
3
vulnerability VCID-3bg1-rwze-kuhw
4
vulnerability VCID-4p26-wkq3-v3b2
5
vulnerability VCID-5q1h-7uk2-nkhx
6
vulnerability VCID-5ymr-xk84-8uh3
7
vulnerability VCID-8uds-zs9k-47en
8
vulnerability VCID-ahs6-mesc-yqhm
9
vulnerability VCID-bdsg-x852-wfgn
10
vulnerability VCID-bkr4-sab1-5ka2
11
vulnerability VCID-durs-kj4r-jbf2
12
vulnerability VCID-fct6-695j-t7bs
13
vulnerability VCID-kgk7-hqby-wkez
14
vulnerability VCID-kpcg-4av4-gka8
15
vulnerability VCID-kxcz-d7a4-77e8
16
vulnerability VCID-mg1z-d7y8-dfaj
17
vulnerability VCID-qayv-8u9a-83h4
18
vulnerability VCID-sv3r-4tym-qua5
19
vulnerability VCID-tc8j-82se-qfbk
20
vulnerability VCID-tubv-28uu-2uh8
21
vulnerability VCID-utex-65f9-53cq
22
vulnerability VCID-wpgs-8fw5-wbhe
23
vulnerability VCID-x3k6-yrp9-9ud9
24
vulnerability VCID-xqh5-sxfb-gueh
25
vulnerability VCID-xyab-d3gr-zkdw
26
vulnerability VCID-xzye-g5rw-fyh5
27
vulnerability VCID-ysee-ywmb-zkep
28
vulnerability VCID-zd6d-q8xx-zud6
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libextractor@0.4.2-2sarge6
1
url pkg:deb/debian/libextractor@0.5.16-2
purl pkg:deb/debian/libextractor@0.5.16-2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1xdm-2dj5-jkc7
1
vulnerability VCID-2auw-wc6u-ekcs
2
vulnerability VCID-3bg1-rwze-kuhw
3
vulnerability VCID-5ymr-xk84-8uh3
4
vulnerability VCID-ahs6-mesc-yqhm
5
vulnerability VCID-bdsg-x852-wfgn
6
vulnerability VCID-kpcg-4av4-gka8
7
vulnerability VCID-kxcz-d7a4-77e8
8
vulnerability VCID-tc8j-82se-qfbk
9
vulnerability VCID-tubv-28uu-2uh8
10
vulnerability VCID-x3k6-yrp9-9ud9
11
vulnerability VCID-xyab-d3gr-zkdw
12
vulnerability VCID-xzye-g5rw-fyh5
13
vulnerability VCID-zd6d-q8xx-zud6
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libextractor@0.5.16-2
2
url pkg:deb/debian/libextractor@0.5.20c-1
purl pkg:deb/debian/libextractor@0.5.20c-1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1xdm-2dj5-jkc7
1
vulnerability VCID-2auw-wc6u-ekcs
2
vulnerability VCID-3bg1-rwze-kuhw
3
vulnerability VCID-5ymr-xk84-8uh3
4
vulnerability VCID-ahs6-mesc-yqhm
5
vulnerability VCID-bdsg-x852-wfgn
6
vulnerability VCID-kpcg-4av4-gka8
7
vulnerability VCID-kxcz-d7a4-77e8
8
vulnerability VCID-tc8j-82se-qfbk
9
vulnerability VCID-tubv-28uu-2uh8
10
vulnerability VCID-x3k6-yrp9-9ud9
11
vulnerability VCID-xyab-d3gr-zkdw
12
vulnerability VCID-xzye-g5rw-fyh5
13
vulnerability VCID-zd6d-q8xx-zud6
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libextractor@0.5.20c-1
3
url pkg:deb/debian/libextractor@1:0.5.23%2Bdfsg-7
purl pkg:deb/debian/libextractor@1:0.5.23%2Bdfsg-7
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1xdm-2dj5-jkc7
1
vulnerability VCID-2auw-wc6u-ekcs
2
vulnerability VCID-3bg1-rwze-kuhw
3
vulnerability VCID-5ymr-xk84-8uh3
4
vulnerability VCID-ahs6-mesc-yqhm
5
vulnerability VCID-bdsg-x852-wfgn
6
vulnerability VCID-kpcg-4av4-gka8
7
vulnerability VCID-kxcz-d7a4-77e8
8
vulnerability VCID-tc8j-82se-qfbk
9
vulnerability VCID-tubv-28uu-2uh8
10
vulnerability VCID-x3k6-yrp9-9ud9
11
vulnerability VCID-xyab-d3gr-zkdw
12
vulnerability VCID-zd6d-q8xx-zud6
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libextractor@1:0.5.23%252Bdfsg-7
4
url pkg:deb/debian/libextractor@1:0.6.3-5
purl pkg:deb/debian/libextractor@1:0.6.3-5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1xdm-2dj5-jkc7
1
vulnerability VCID-2auw-wc6u-ekcs
2
vulnerability VCID-3bg1-rwze-kuhw
3
vulnerability VCID-5ymr-xk84-8uh3
4
vulnerability VCID-ahs6-mesc-yqhm
5
vulnerability VCID-bdsg-x852-wfgn
6
vulnerability VCID-kpcg-4av4-gka8
7
vulnerability VCID-kxcz-d7a4-77e8
8
vulnerability VCID-tc8j-82se-qfbk
9
vulnerability VCID-tubv-28uu-2uh8
10
vulnerability VCID-x3k6-yrp9-9ud9
11
vulnerability VCID-xyab-d3gr-zkdw
12
vulnerability VCID-zd6d-q8xx-zud6
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libextractor@1:0.6.3-5
5
url pkg:deb/debian/libextractor@1:1.3-2
purl pkg:deb/debian/libextractor@1:1.3-2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1xdm-2dj5-jkc7
1
vulnerability VCID-2auw-wc6u-ekcs
2
vulnerability VCID-3bg1-rwze-kuhw
3
vulnerability VCID-5ymr-xk84-8uh3
4
vulnerability VCID-ahs6-mesc-yqhm
5
vulnerability VCID-bdsg-x852-wfgn
6
vulnerability VCID-kpcg-4av4-gka8
7
vulnerability VCID-kxcz-d7a4-77e8
8
vulnerability VCID-tc8j-82se-qfbk
9
vulnerability VCID-tubv-28uu-2uh8
10
vulnerability VCID-x3k6-yrp9-9ud9
11
vulnerability VCID-xyab-d3gr-zkdw
12
vulnerability VCID-zd6d-q8xx-zud6
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libextractor@1:1.3-2
6
url pkg:deb/debian/libextractor@1:1.3-2%2Bdeb8u1
purl pkg:deb/debian/libextractor@1:1.3-2%2Bdeb8u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1xdm-2dj5-jkc7
1
vulnerability VCID-2auw-wc6u-ekcs
2
vulnerability VCID-3bg1-rwze-kuhw
3
vulnerability VCID-5ymr-xk84-8uh3
4
vulnerability VCID-ahs6-mesc-yqhm
5
vulnerability VCID-bdsg-x852-wfgn
6
vulnerability VCID-kpcg-4av4-gka8
7
vulnerability VCID-kxcz-d7a4-77e8
8
vulnerability VCID-tc8j-82se-qfbk
9
vulnerability VCID-tubv-28uu-2uh8
10
vulnerability VCID-x3k6-yrp9-9ud9
11
vulnerability VCID-xyab-d3gr-zkdw
12
vulnerability VCID-zd6d-q8xx-zud6
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libextractor@1:1.3-2%252Bdeb8u1
7
url pkg:deb/debian/libextractor@1:1.3-4%2Bdeb9u3
purl pkg:deb/debian/libextractor@1:1.3-4%2Bdeb9u3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1xdm-2dj5-jkc7
1
vulnerability VCID-2auw-wc6u-ekcs
2
vulnerability VCID-3bg1-rwze-kuhw
3
vulnerability VCID-5ymr-xk84-8uh3
4
vulnerability VCID-ahs6-mesc-yqhm
5
vulnerability VCID-bdsg-x852-wfgn
6
vulnerability VCID-kpcg-4av4-gka8
7
vulnerability VCID-kxcz-d7a4-77e8
8
vulnerability VCID-tc8j-82se-qfbk
9
vulnerability VCID-tubv-28uu-2uh8
10
vulnerability VCID-x3k6-yrp9-9ud9
11
vulnerability VCID-xyab-d3gr-zkdw
12
vulnerability VCID-zd6d-q8xx-zud6
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libextractor@1:1.3-4%252Bdeb9u3
References
0
reference_url http://lists.gnu.org/archive/html/bug-libextractor/2017-10/msg00005.html
reference_id
reference_type
scores
url http://lists.gnu.org/archive/html/bug-libextractor/2017-10/msg00005.html
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2017-15602
reference_id
reference_type
scores
0
value 0.00408
scoring_system epss
scoring_elements 0.61235
published_at 2026-04-16T12:55:00Z
1
value 0.00408
scoring_system epss
scoring_elements 0.61195
published_at 2026-04-13T12:55:00Z
2
value 0.00408
scoring_system epss
scoring_elements 0.61073
published_at 2026-04-01T12:55:00Z
3
value 0.00408
scoring_system epss
scoring_elements 0.61151
published_at 2026-04-02T12:55:00Z
4
value 0.00408
scoring_system epss
scoring_elements 0.61179
published_at 2026-04-04T12:55:00Z
5
value 0.00408
scoring_system epss
scoring_elements 0.61144
published_at 2026-04-07T12:55:00Z
6
value 0.00408
scoring_system epss
scoring_elements 0.61192
published_at 2026-04-08T12:55:00Z
7
value 0.00408
scoring_system epss
scoring_elements 0.61207
published_at 2026-04-09T12:55:00Z
8
value 0.00408
scoring_system epss
scoring_elements 0.61227
published_at 2026-04-11T12:55:00Z
9
value 0.00408
scoring_system epss
scoring_elements 0.61214
published_at 2026-04-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2017-15602
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15602
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15602
3
reference_url https://ftp.gnu.org/gnu/libextractor/libextractor-1.6.tar.gz
reference_id
reference_type
scores
url https://ftp.gnu.org/gnu/libextractor/libextractor-1.6.tar.gz
4
reference_url https://lists.debian.org/debian-lts-announce/2017/12/msg00000.html
reference_id
reference_type
scores
url https://lists.debian.org/debian-lts-announce/2017/12/msg00000.html
5
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:gnu:libextractor:1.4:*:*:*:*:*:*:*
reference_id cpe:2.3:a:gnu:libextractor:1.4:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:gnu:libextractor:1.4:*:*:*:*:*:*:*
6
reference_url https://nvd.nist.gov/vuln/detail/CVE-2017-15602
reference_id CVE-2017-15602
reference_type
scores
0
value 5.0
scoring_system cvssv2
scoring_elements AV:N/AC:L/Au:N/C:N/I:N/A:P
1
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://nvd.nist.gov/vuln/detail/CVE-2017-15602
7
reference_url https://usn.ubuntu.com/4641-1/
reference_id USN-4641-1
reference_type
scores
url https://usn.ubuntu.com/4641-1/
Weaknesses
0
cwe_id 835
name Loop with Unreachable Exit Condition ('Infinite Loop')
description The product contains an iteration or loop with an exit condition that cannot be reached, i.e., an infinite loop.
Exploits
Severity_range_score5.0 - 7.5
Exploitability0.5
Weighted_severity6.8
Risk_score3.4
Resource_urlhttp://public2.vulnerablecode.io/vulnerabilities/VCID-5ymr-xk84-8uh3