Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:nuget/Microsoft.NetCore.App.Runtime.linux-arm64@10.0.0
Typenuget
Namespace
NameMicrosoft.NetCore.App.Runtime.linux-arm64
Version10.0.0
Qualifiers
Subpath
Is_vulnerabletrue
Next_non_vulnerable_versionnull
Latest_non_vulnerable_versionnull
Affected_by_vulnerabilities
0
url VCID-6var-2f21-13cd
vulnerability_id VCID-6var-2f21-13cd
summary 
.NET Denial of Service Vulnerability
Microsoft is releasing this security advisory to provide information about a vulnerability in .NET 9.0 and .NET 10.0. This advisory also provides guidance on what developers can do to update their applications to remove this vulnerability.

A denial of service vulnerability exists in .NET and Microsoft.Bcl.Memory due to an out-of-bounds read when decoding malformed Base64Url input.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-26127.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-26127.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-26127
reference_id
reference_type
scores
0
value 0.001
scoring_system epss
scoring_elements 0.27148
published_at 2026-06-08T12:55:00Z
1
value 0.001
scoring_system epss
scoring_elements 0.27289
published_at 2026-06-05T12:55:00Z
2
value 0.001
scoring_system epss
scoring_elements 0.27237
published_at 2026-06-06T12:55:00Z
3
value 0.001
scoring_system epss
scoring_elements 0.27196
published_at 2026-06-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-26127
2
reference_url https://github.com/dotnet/runtime
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/dotnet/runtime
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2446098
reference_id 2446098
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2446098
4
reference_url https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-26127
reference_id CVE-2026-26127
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
1
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
2
value HIGH
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-10T18:01:20Z/
url https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-26127
5
reference_url https://nvd.nist.gov/vuln/detail/CVE-2026-26127
reference_id CVE-2026-26127
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2026-26127
6
reference_url https://github.com/advisories/GHSA-73j8-2gch-69rq
reference_id GHSA-73j8-2gch-69rq
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-73j8-2gch-69rq
7
reference_url https://github.com/dotnet/runtime/security/advisories/GHSA-73j8-2gch-69rq
reference_id GHSA-73j8-2gch-69rq
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/dotnet/runtime/security/advisories/GHSA-73j8-2gch-69rq
8
reference_url https://access.redhat.com/errata/RHSA-2026:10083
reference_id RHSA-2026:10083
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:10083
9
reference_url https://access.redhat.com/errata/RHSA-2026:10085
reference_id RHSA-2026:10085
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:10085
10
reference_url https://access.redhat.com/errata/RHSA-2026:4443
reference_id RHSA-2026:4443
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:4443
11
reference_url https://access.redhat.com/errata/RHSA-2026:4445
reference_id RHSA-2026:4445
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:4445
12
reference_url https://access.redhat.com/errata/RHSA-2026:4450
reference_id RHSA-2026:4450
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:4450
13
reference_url https://access.redhat.com/errata/RHSA-2026:4453
reference_id RHSA-2026:4453
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:4453
14
reference_url https://access.redhat.com/errata/RHSA-2026:4456
reference_id RHSA-2026:4456
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:4456
15
reference_url https://access.redhat.com/errata/RHSA-2026:4458
reference_id RHSA-2026:4458
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:4458
16
reference_url https://usn.ubuntu.com/8085-1/
reference_id USN-8085-1
reference_type
scores
url https://usn.ubuntu.com/8085-1/
fixed_packages
0
url pkg:nuget/Microsoft.NetCore.App.Runtime.linux-arm64@10.0.4
purl pkg:nuget/Microsoft.NetCore.App.Runtime.linux-arm64@10.0.4
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.NetCore.App.Runtime.linux-arm64@10.0.4
aliases CVE-2026-26127, GHSA-73j8-2gch-69rq
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-6var-2f21-13cd
1
url VCID-9uun-xxhj-fuee
vulnerability_id VCID-9uun-xxhj-fuee
summary 
.NET Elevation of Privilege Vulnerability
Microsoft is releasing this security advisory to provide information about a vulnerability in .NET 10.0. This advisory also provides guidance on what developers can do to update their applications to remove this vulnerability.

An elevation of privilege vulnerability exists in .NET due to improper authorization. Incorrect packaging permissions could allow an attacker to gain elevated privileges.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-26131.json
reference_id
reference_type
scores
0
value 7.8
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-26131.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-26131
reference_id
reference_type
scores
0
value 0.00025
scoring_system epss
scoring_elements 0.07258
published_at 2026-06-08T12:55:00Z
1
value 0.00025
scoring_system epss
scoring_elements 0.0732
published_at 2026-06-05T12:55:00Z
2
value 0.00025
scoring_system epss
scoring_elements 0.07325
published_at 2026-06-06T12:55:00Z
3
value 0.00025
scoring_system epss
scoring_elements 0.07302
published_at 2026-06-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-26131
2
reference_url https://github.com/dotnet/runtime
reference_id
reference_type
scores
0
value 7.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/dotnet/runtime
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2446069
reference_id 2446069
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2446069
4
reference_url https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-26131
reference_id CVE-2026-26131
reference_type
scores
0
value 7.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value 7.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
2
value HIGH
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-11T03:55:27Z/
url https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-26131
5
reference_url https://nvd.nist.gov/vuln/detail/CVE-2026-26131
reference_id CVE-2026-26131
reference_type
scores
0
value 7.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2026-26131
6
reference_url https://github.com/advisories/GHSA-crjq-wm6x-6qx7
reference_id GHSA-crjq-wm6x-6qx7
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-crjq-wm6x-6qx7
7
reference_url https://github.com/dotnet/runtime/security/advisories/GHSA-crjq-wm6x-6qx7
reference_id GHSA-crjq-wm6x-6qx7
reference_type
scores
0
value 7.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/dotnet/runtime/security/advisories/GHSA-crjq-wm6x-6qx7
8
reference_url https://access.redhat.com/errata/RHSA-2026:9077
reference_id RHSA-2026:9077
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:9077
fixed_packages
0
url pkg:nuget/Microsoft.NetCore.App.Runtime.linux-arm64@10.0.4
purl pkg:nuget/Microsoft.NetCore.App.Runtime.linux-arm64@10.0.4
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.NetCore.App.Runtime.linux-arm64@10.0.4
aliases CVE-2026-26131, GHSA-crjq-wm6x-6qx7
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-9uun-xxhj-fuee
2
url VCID-bdur-f6gy-jbbf
vulnerability_id VCID-bdur-f6gy-jbbf
summary dotnet: Dotnet: SMTP Command Injection and Header Injection via MailAddress parsing flaw
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-32178.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-32178.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-32178
reference_id
reference_type
scores
0
value 0.00057
scoring_system epss
scoring_elements 0.18178
published_at 2026-06-08T12:55:00Z
1
value 0.00057
scoring_system epss
scoring_elements 0.18285
published_at 2026-06-05T12:55:00Z
2
value 0.00057
scoring_system epss
scoring_elements 0.18289
published_at 2026-06-06T12:55:00Z
3
value 0.00057
scoring_system epss
scoring_elements 0.18252
published_at 2026-06-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-32178
2
reference_url https://github.com/dotnet/announcements/issues/12345
reference_id
reference_type
scores
0
value 0.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
1
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/dotnet/announcements/issues/12345
3
reference_url https://github.com/dotnet/runtime
reference_id
reference_type
scores
0
value 0.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
1
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/dotnet/runtime
4
reference_url https://github.com/dotnet/runtime/security/advisories/GHSA-vmwf-m9c5-3jvc
reference_id
reference_type
scores
0
value 0.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
1
value LOW
scoring_system cvssv3.1_qr
scoring_elements
2
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/dotnet/runtime/security/advisories/GHSA-vmwf-m9c5-3jvc
5
reference_url https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-32178
reference_id
reference_type
scores
0
value 0.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
1
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
2
value LOW
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-15T10:40:37Z/
url https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-32178
6
reference_url https://nvd.nist.gov/vuln/detail/CVE-2026-32178
reference_id
reference_type
scores
0
value 0.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
1
value LOW
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2026-32178
7
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2457781
reference_id 2457781
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2457781
8
reference_url https://github.com/advisories/GHSA-vmwf-m9c5-3jvc
reference_id GHSA-vmwf-m9c5-3jvc
reference_type
scores
0
value LOW
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-vmwf-m9c5-3jvc
9
reference_url https://access.redhat.com/errata/RHSA-2026:13280
reference_id RHSA-2026:13280
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:13280
10
reference_url https://access.redhat.com/errata/RHSA-2026:13281
reference_id RHSA-2026:13281
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:13281
11
reference_url https://access.redhat.com/errata/RHSA-2026:13282
reference_id RHSA-2026:13282
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:13282
12
reference_url https://access.redhat.com/errata/RHSA-2026:13283
reference_id RHSA-2026:13283
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:13283
13
reference_url https://access.redhat.com/errata/RHSA-2026:13693
reference_id RHSA-2026:13693
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:13693
14
reference_url https://access.redhat.com/errata/RHSA-2026:8467
reference_id RHSA-2026:8467
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8467
15
reference_url https://access.redhat.com/errata/RHSA-2026:8468
reference_id RHSA-2026:8468
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8468
16
reference_url https://access.redhat.com/errata/RHSA-2026:8469
reference_id RHSA-2026:8469
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8469
17
reference_url https://access.redhat.com/errata/RHSA-2026:8470
reference_id RHSA-2026:8470
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8470
18
reference_url https://access.redhat.com/errata/RHSA-2026:8471
reference_id RHSA-2026:8471
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8471
19
reference_url https://access.redhat.com/errata/RHSA-2026:8472
reference_id RHSA-2026:8472
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8472
20
reference_url https://access.redhat.com/errata/RHSA-2026:8473
reference_id RHSA-2026:8473
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8473
21
reference_url https://access.redhat.com/errata/RHSA-2026:8474
reference_id RHSA-2026:8474
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8474
22
reference_url https://access.redhat.com/errata/RHSA-2026:8475
reference_id RHSA-2026:8475
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8475
23
reference_url https://access.redhat.com/errata/RHSA-2026:9077
reference_id RHSA-2026:9077
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:9077
24
reference_url https://access.redhat.com/errata/RHSA-2026:9080
reference_id RHSA-2026:9080
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:9080
25
reference_url https://access.redhat.com/errata/RHSA-2026:9205
reference_id RHSA-2026:9205
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:9205
26
reference_url https://usn.ubuntu.com/8176-1/
reference_id USN-8176-1
reference_type
scores
url https://usn.ubuntu.com/8176-1/
27
reference_url https://usn.ubuntu.com/8216-1/
reference_id USN-8216-1
reference_type
scores
url https://usn.ubuntu.com/8216-1/
fixed_packages
0
url pkg:nuget/Microsoft.NetCore.App.Runtime.linux-arm64@10.0.6
purl pkg:nuget/Microsoft.NetCore.App.Runtime.linux-arm64@10.0.6
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.NetCore.App.Runtime.linux-arm64@10.0.6
aliases CVE-2026-32178, GHSA-vmwf-m9c5-3jvc
risk_score 3.4
exploitability 0.5
weighted_severity 6.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-bdur-f6gy-jbbf
3
url VCID-rrdb-9frq-myay
vulnerability_id VCID-rrdb-9frq-myay
summary 
Duplicate Advisory: Microsoft Security Advisory CVE-2026-26131 – .NET Elevation of Privilege Vulnerability
### Duplicate Advisory
This advisory has been withdrawn because it is a duplicate of GHSA-crjq-wm6x-6qx7. This link is maintained to preserve external references.

### Original Description

Incorrect default permissions in .NET allows an authorized attacker to elevate privileges locally.
references
0
reference_url https://github.com/dotnet/dotnet
reference_id
reference_type
scores
0
value 7.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/dotnet/dotnet
1
reference_url https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-26131
reference_id CVE-2026-26131
reference_type
scores
0
value 7.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-26131
2
reference_url https://nvd.nist.gov/vuln/detail/CVE-2026-26131
reference_id CVE-2026-26131
reference_type
scores
0
value 7.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2026-26131
3
reference_url https://github.com/advisories/GHSA-387c-qmrw-59qv
reference_id GHSA-387c-qmrw-59qv
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-387c-qmrw-59qv
fixed_packages
0
url pkg:nuget/Microsoft.NetCore.App.Runtime.linux-arm64@10.0.4
purl pkg:nuget/Microsoft.NetCore.App.Runtime.linux-arm64@10.0.4
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.NetCore.App.Runtime.linux-arm64@10.0.4
aliases GHSA-387c-qmrw-59qv
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-rrdb-9frq-myay
Fixing_vulnerabilities
Risk_score4.0
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.NetCore.App.Runtime.linux-arm64@10.0.0