Django REST framework

Vulnerability Instance

Lookup for vulnerabilities affecting packages.

Vulnerability_idVCID-95mh-919w-43as
Summarysecurity update
Aliases
0
alias CVE-2023-52076
Fixed_packages
0
url pkg:deb/debian/atril@1.24.0-1%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/atril@1.24.0-1%2Bdeb11u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/atril@1.24.0-1%252Bdeb11u1%3Fdistro=trixie
1
url pkg:deb/debian/atril@1.24.0-1%2Bdeb11u1
purl pkg:deb/debian/atril@1.24.0-1%2Bdeb11u1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/atril@1.24.0-1%252Bdeb11u1
2
url pkg:deb/debian/atril@1.26.0-2%2Bdeb12u3?distro=trixie
purl pkg:deb/debian/atril@1.26.0-2%2Bdeb12u3?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/atril@1.26.0-2%252Bdeb12u3%3Fdistro=trixie
3
url pkg:deb/debian/atril@1.26.2-1?distro=trixie
purl pkg:deb/debian/atril@1.26.2-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/atril@1.26.2-1%3Fdistro=trixie
4
url pkg:deb/debian/atril@1.26.2-4?distro=trixie
purl pkg:deb/debian/atril@1.26.2-4?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/atril@1.26.2-4%3Fdistro=trixie
5
url pkg:deb/debian/atril@1.28.2-1?distro=trixie
purl pkg:deb/debian/atril@1.28.2-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/atril@1.28.2-1%3Fdistro=trixie
Affected_packages
0
url pkg:deb/debian/atril@1.8.0%2Bdfsg1-2~bpo70%2B1
purl pkg:deb/debian/atril@1.8.0%2Bdfsg1-2~bpo70%2B1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-19yj-kyhq-c7cc
1
vulnerability VCID-8ern-kbeb-j3e2
2
vulnerability VCID-95mh-919w-43as
3
vulnerability VCID-p3a2-3n7h-gugk
4
vulnerability VCID-uvmx-ktr5-jkg2
5
vulnerability VCID-v24q-8eqq-17ak
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/atril@1.8.0%252Bdfsg1-2~bpo70%252B1
1
url pkg:deb/debian/atril@1.8.1%2Bdfsg1-4
purl pkg:deb/debian/atril@1.8.1%2Bdfsg1-4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-19yj-kyhq-c7cc
1
vulnerability VCID-8ern-kbeb-j3e2
2
vulnerability VCID-95mh-919w-43as
3
vulnerability VCID-p3a2-3n7h-gugk
4
vulnerability VCID-uvmx-ktr5-jkg2
5
vulnerability VCID-v24q-8eqq-17ak
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/atril@1.8.1%252Bdfsg1-4
2
url pkg:deb/debian/atril@1.8.1%2Bdfsg1-4%2Bdeb8u1
purl pkg:deb/debian/atril@1.8.1%2Bdfsg1-4%2Bdeb8u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-19yj-kyhq-c7cc
1
vulnerability VCID-8ern-kbeb-j3e2
2
vulnerability VCID-95mh-919w-43as
3
vulnerability VCID-p3a2-3n7h-gugk
4
vulnerability VCID-uvmx-ktr5-jkg2
5
vulnerability VCID-v24q-8eqq-17ak
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/atril@1.8.1%252Bdfsg1-4%252Bdeb8u1
3
url pkg:deb/debian/atril@1.16.1-2%2Bdeb9u2
purl pkg:deb/debian/atril@1.16.1-2%2Bdeb9u2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-19yj-kyhq-c7cc
1
vulnerability VCID-8ern-kbeb-j3e2
2
vulnerability VCID-95mh-919w-43as
3
vulnerability VCID-p3a2-3n7h-gugk
4
vulnerability VCID-uvmx-ktr5-jkg2
5
vulnerability VCID-v24q-8eqq-17ak
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/atril@1.16.1-2%252Bdeb9u2
4
url pkg:deb/debian/atril@1.20.3-1%2Bdeb10u1
purl pkg:deb/debian/atril@1.20.3-1%2Bdeb10u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-8ern-kbeb-j3e2
1
vulnerability VCID-95mh-919w-43as
2
vulnerability VCID-p3a2-3n7h-gugk
3
vulnerability VCID-v24q-8eqq-17ak
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/atril@1.20.3-1%252Bdeb10u1
References
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2023-52076
reference_id
reference_type
scores
0
value 0.11348
scoring_system epss
scoring_elements 0.93521
published_at 2026-04-02T12:55:00Z
1
value 0.11348
scoring_system epss
scoring_elements 0.93528
published_at 2026-04-07T12:55:00Z
2
value 0.11348
scoring_system epss
scoring_elements 0.93536
published_at 2026-04-08T12:55:00Z
3
value 0.11348
scoring_system epss
scoring_elements 0.93539
published_at 2026-04-09T12:55:00Z
4
value 0.11348
scoring_system epss
scoring_elements 0.93545
published_at 2026-04-13T12:55:00Z
5
value 0.11348
scoring_system epss
scoring_elements 0.93565
published_at 2026-04-16T12:55:00Z
6
value 0.11348
scoring_system epss
scoring_elements 0.9357
published_at 2026-04-18T12:55:00Z
7
value 0.11348
scoring_system epss
scoring_elements 0.93576
published_at 2026-04-21T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2023-52076
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-52076
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-52076
2
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1061522
reference_id 1061522
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1061522
3
reference_url https://github.com/mate-desktop/atril/commit/e70b21c815418a1e6ebedf6d8d31b8477c03ba50
reference_id e70b21c815418a1e6ebedf6d8d31b8477c03ba50
reference_type
scores
0
value 8.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:L
1
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-01-25T20:55:51Z/
url https://github.com/mate-desktop/atril/commit/e70b21c815418a1e6ebedf6d8d31b8477c03ba50
4
reference_url https://github.com/mate-desktop/atril/security/advisories/GHSA-6mf6-mxpc-jc37
reference_id GHSA-6mf6-mxpc-jc37
reference_type
scores
0
value 8.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:L
1
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-01-25T20:55:51Z/
url https://github.com/mate-desktop/atril/security/advisories/GHSA-6mf6-mxpc-jc37
5
reference_url https://lists.debian.org/debian-lts-announce/2024/06/msg00003.html
reference_id msg00003.html
reference_type
scores
0
value 8.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:L
1
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-01-25T20:55:51Z/
url https://lists.debian.org/debian-lts-announce/2024/06/msg00003.html
6
reference_url https://usn.ubuntu.com/6808-1/
reference_id USN-6808-1
reference_type
scores
url https://usn.ubuntu.com/6808-1/
7
reference_url https://github.com/mate-desktop/atril/releases/tag/v1.26.2
reference_id v1.26.2
reference_type
scores
0
value 8.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:L
1
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-01-25T20:55:51Z/
url https://github.com/mate-desktop/atril/releases/tag/v1.26.2
Weaknesses
0
cwe_id 22
name Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
description The product uses external input to construct a pathname that is intended to identify a file or directory that is located underneath a restricted parent directory, but the product does not properly neutralize special elements within the pathname that can cause the pathname to resolve to a location that is outside of the restricted directory.
1
cwe_id 24
name Path Traversal: '../filedir'
description The product uses external input to construct a pathname that should be within a restricted directory, but it does not properly neutralize ../ sequences that can resolve to a location that is outside of that directory.
2
cwe_id 25
name Path Traversal: '/../filedir'
description The product uses external input to construct a pathname that should be within a restricted directory, but it does not properly neutralize /../ sequences that can resolve to a location that is outside of that directory.
3
cwe_id 27
name Path Traversal: 'dir/../../filename'
description The product uses external input to construct a pathname that should be within a restricted directory, but it does not properly neutralize multiple internal ../ sequences that can resolve to a location that is outside of that directory.
Exploits
Severity_range_score8.5 - 8.5
Exploitability0.5
Weighted_severity7.7
Risk_score3.9
Resource_urlhttp://public2.vulnerablecode.io/vulnerabilities/VCID-95mh-919w-43as