Django REST framework

Lookup for vulnerable packages by Package URL.

Purl pkg:apk/alpine/dotnet8-runtime@8.0.21-r0?arch=armhf&distroversion=v3.24&reponame=community

Type apk

Namespace alpine

Name dotnet8-runtime

Version 8.0.21-r0

Qualifiers

arch	armhf
distroversion	v3.24
reponame	community

Subpath

Is_vulnerable false

Next_non_vulnerable_version 8.0.24-r0

Latest_non_vulnerable_version 8.0.27-r0

Affected_by_vulnerabilities

Fixing_vulnerabilities

url VCID-556r-ermp-uqe3

vulnerability_id VCID-556r-ermp-uqe3

summary Inadequate encryption strength in .NET, .NET Framework, Visual Studio allows an authorized attacker to disclose information over a network.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-55248.json

reference_id

reference_type

scores

value	8.2
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-55248.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2025-55248

reference_id

reference_type

scores

value	0.00033
scoring_system	epss
scoring_elements	0.10239
published_at	2026-06-11T12:55:00Z

value	0.00033
scoring_system	epss
scoring_elements	0.10288
published_at	2026-06-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2025-55248

reference_url

https://github.com/dotnet/announcements/issues/372

reference_id

reference_type

scores

value	5.7
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/dotnet/announcements/issues/372

reference_url

https://github.com/dotnet/runtime

reference_id

reference_type

scores

value	5.7
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/dotnet/runtime

reference_url

https://github.com/dotnet/runtime/issues/120713

reference_id

reference_type

scores

value	5.7
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/dotnet/runtime/issues/120713

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2403083
reference_id	2403083
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2403083

reference_url

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-55248

reference_id

CVE-2025-55248

reference_type

scores

value	4.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C

value	5.7
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-14T19:18:38Z/

url

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-55248

reference_url	https://nvd.nist.gov/vuln/detail/CVE-2025-55248
reference_id	CVE-2025-55248
reference_type
scores
url	https://nvd.nist.gov/vuln/detail/CVE-2025-55248

reference_url

https://github.com/advisories/GHSA-gwq6-fmvp-qp68

reference_id

GHSA-gwq6-fmvp-qp68

reference_type

scores

value	MODERATE
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-gwq6-fmvp-qp68

reference_url

https://github.com/dotnet/runtime/security/advisories/GHSA-gwq6-fmvp-qp68

reference_id

GHSA-gwq6-fmvp-qp68

reference_type

scores

value	5.7
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N

value	MODERATE
scoring_system	cvssv3.1_qr
scoring_elements

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/dotnet/runtime/security/advisories/GHSA-gwq6-fmvp-qp68

reference_url	https://access.redhat.com/errata/RHSA-2025:18148
reference_id	RHSA-2025:18148
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:18148

reference_url	https://access.redhat.com/errata/RHSA-2025:18149
reference_id	RHSA-2025:18149
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:18149

reference_url	https://access.redhat.com/errata/RHSA-2025:18150
reference_id	RHSA-2025:18150
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:18150

reference_url	https://access.redhat.com/errata/RHSA-2025:18151
reference_id	RHSA-2025:18151
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:18151

reference_url	https://access.redhat.com/errata/RHSA-2025:18152
reference_id	RHSA-2025:18152
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:18152

reference_url	https://access.redhat.com/errata/RHSA-2025:18153
reference_id	RHSA-2025:18153
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:18153

reference_url	https://access.redhat.com/errata/RHSA-2025:18256
reference_id	RHSA-2025:18256
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:18256

reference_url	https://access.redhat.com/errata/RHSA-2025:23225
reference_id	RHSA-2025:23225
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:23225

reference_url	https://access.redhat.com/errata/RHSA-2026:9080
reference_id	RHSA-2026:9080
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:9080

reference_url	https://access.redhat.com/errata/RHSA-2026:9205
reference_id	RHSA-2026:9205
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:9205

reference_url	https://usn.ubuntu.com/7822-1/
reference_id	USN-7822-1
reference_type
scores
url	https://usn.ubuntu.com/7822-1/

fixed_packages

url	pkg:apk/alpine/dotnet8-runtime@8.0.21-r0?arch=armhf&distroversion=v3.24&reponame=community
purl	pkg:apk/alpine/dotnet8-runtime@8.0.21-r0?arch=armhf&distroversion=v3.24&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/dotnet8-runtime@8.0.21-r0%3Farch=armhf&distroversion=v3.24&reponame=community

aliases CVE-2025-55248, GHSA-gwq6-fmvp-qp68

risk_score 3.7

exploitability 0.5

weighted_severity 7.4

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-556r-ermp-uqe3

url VCID-tvtm-28hn-37aj

vulnerability_id VCID-tvtm-28hn-37aj

summary Improper link resolution before file access ('link following') in .NET allows an authorized attacker to elevate privileges locally.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-55247.json

reference_id

reference_type

scores

value	7.3
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-55247.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2025-55247

reference_id

reference_type

scores

value	0.00019
scoring_system	epss
scoring_elements	0.05306
published_at	2026-06-11T12:55:00Z

value	0.00019
scoring_system	epss
scoring_elements	0.05322
published_at	2026-06-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2025-55247

reference_url

https://github.com/dotnet/msbuild

reference_id

reference_type

scores

value	7.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/dotnet/msbuild

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2403086
reference_id	2403086
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2403086

reference_url

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-55247

reference_id

CVE-2025-55247

reference_type

scores

value	7.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C

value	7.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-15T13:49:15Z/

url

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-55247

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2025-55247

reference_id

CVE-2025-55247

reference_type

scores

value	7.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2025-55247

reference_url

https://github.com/advisories/GHSA-w3q9-fxm7-j8fq

reference_id

GHSA-w3q9-fxm7-j8fq

reference_type

scores

value	HIGH
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-w3q9-fxm7-j8fq

reference_url

https://github.com/dotnet/msbuild/security/advisories/GHSA-w3q9-fxm7-j8fq

reference_id

GHSA-w3q9-fxm7-j8fq

reference_type

scores

value	7.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	cvssv3.1_qr
scoring_elements

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/dotnet/msbuild/security/advisories/GHSA-w3q9-fxm7-j8fq

reference_url	https://access.redhat.com/errata/RHSA-2025:18148
reference_id	RHSA-2025:18148
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:18148

reference_url	https://access.redhat.com/errata/RHSA-2025:18149
reference_id	RHSA-2025:18149
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:18149

reference_url	https://access.redhat.com/errata/RHSA-2025:18150
reference_id	RHSA-2025:18150
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:18150

reference_url	https://access.redhat.com/errata/RHSA-2025:18151
reference_id	RHSA-2025:18151
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:18151

reference_url	https://access.redhat.com/errata/RHSA-2025:18152
reference_id	RHSA-2025:18152
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:18152

reference_url	https://access.redhat.com/errata/RHSA-2025:18153
reference_id	RHSA-2025:18153
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:18153

reference_url	https://access.redhat.com/errata/RHSA-2025:18256
reference_id	RHSA-2025:18256
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:18256

reference_url	https://access.redhat.com/errata/RHSA-2025:23225
reference_id	RHSA-2025:23225
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:23225

reference_url	https://access.redhat.com/errata/RHSA-2026:9080
reference_id	RHSA-2026:9080
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:9080

reference_url	https://access.redhat.com/errata/RHSA-2026:9205
reference_id	RHSA-2026:9205
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:9205

reference_url	https://usn.ubuntu.com/7822-1/
reference_id	USN-7822-1
reference_type
scores
url	https://usn.ubuntu.com/7822-1/

fixed_packages

url	pkg:apk/alpine/dotnet8-runtime@8.0.21-r0?arch=armhf&distroversion=v3.24&reponame=community
purl	pkg:apk/alpine/dotnet8-runtime@8.0.21-r0?arch=armhf&distroversion=v3.24&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/dotnet8-runtime@8.0.21-r0%3Farch=armhf&distroversion=v3.24&reponame=community

aliases CVE-2025-55247, GHSA-w3q9-fxm7-j8fq

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-tvtm-28hn-37aj

Risk_score null

Resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/dotnet8-runtime@8.0.21-r0%3Farch=armhf&distroversion=v3.24&reponame=community

Package Instance