Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:nuget/Microsoft.NetCore.App.Runtime.linux-arm64@10.0.3
Typenuget
Namespace
NameMicrosoft.NetCore.App.Runtime.linux-arm64
Version10.0.3
Qualifiers
Subpath
Is_vulnerabletrue
Next_non_vulnerable_versionnull
Latest_non_vulnerable_versionnull
Affected_by_vulnerabilities
0
url VCID-6var-2f21-13cd
vulnerability_id VCID-6var-2f21-13cd
summary 
.NET Denial of Service Vulnerability
Microsoft is releasing this security advisory to provide information about a vulnerability in .NET 9.0 and .NET 10.0. This advisory also provides guidance on what developers can do to update their applications to remove this vulnerability.

A denial of service vulnerability exists in .NET and Microsoft.Bcl.Memory due to an out-of-bounds read when decoding malformed Base64Url input.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-26127.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-26127.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-26127
reference_id
reference_type
scores
0
value 0.001
scoring_system epss
scoring_elements 0.27148
published_at 2026-06-08T12:55:00Z
1
value 0.001
scoring_system epss
scoring_elements 0.27289
published_at 2026-06-05T12:55:00Z
2
value 0.001
scoring_system epss
scoring_elements 0.27237
published_at 2026-06-06T12:55:00Z
3
value 0.001
scoring_system epss
scoring_elements 0.27196
published_at 2026-06-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-26127
2
reference_url https://github.com/dotnet/runtime
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/dotnet/runtime
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2446098
reference_id 2446098
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2446098
4
reference_url https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-26127
reference_id CVE-2026-26127
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
1
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
2
value HIGH
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-10T18:01:20Z/
url https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-26127
5
reference_url https://nvd.nist.gov/vuln/detail/CVE-2026-26127
reference_id CVE-2026-26127
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2026-26127
6
reference_url https://github.com/advisories/GHSA-73j8-2gch-69rq
reference_id GHSA-73j8-2gch-69rq
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-73j8-2gch-69rq
7
reference_url https://github.com/dotnet/runtime/security/advisories/GHSA-73j8-2gch-69rq
reference_id GHSA-73j8-2gch-69rq
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/dotnet/runtime/security/advisories/GHSA-73j8-2gch-69rq
8
reference_url https://access.redhat.com/errata/RHSA-2026:10083
reference_id RHSA-2026:10083
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:10083
9
reference_url https://access.redhat.com/errata/RHSA-2026:10085
reference_id RHSA-2026:10085
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:10085
10
reference_url https://access.redhat.com/errata/RHSA-2026:4443
reference_id RHSA-2026:4443
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:4443
11
reference_url https://access.redhat.com/errata/RHSA-2026:4445
reference_id RHSA-2026:4445
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:4445
12
reference_url https://access.redhat.com/errata/RHSA-2026:4450
reference_id RHSA-2026:4450
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:4450
13
reference_url https://access.redhat.com/errata/RHSA-2026:4453
reference_id RHSA-2026:4453
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:4453
14
reference_url https://access.redhat.com/errata/RHSA-2026:4456
reference_id RHSA-2026:4456
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:4456
15
reference_url https://access.redhat.com/errata/RHSA-2026:4458
reference_id RHSA-2026:4458
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:4458
16
reference_url https://usn.ubuntu.com/8085-1/
reference_id USN-8085-1
reference_type
scores
url https://usn.ubuntu.com/8085-1/
fixed_packages
0
url pkg:nuget/Microsoft.NetCore.App.Runtime.linux-arm64@10.0.4
purl pkg:nuget/Microsoft.NetCore.App.Runtime.linux-arm64@10.0.4
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.NetCore.App.Runtime.linux-arm64@10.0.4
aliases CVE-2026-26127, GHSA-73j8-2gch-69rq
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-6var-2f21-13cd
1
url VCID-9uun-xxhj-fuee
vulnerability_id VCID-9uun-xxhj-fuee
summary 
.NET Elevation of Privilege Vulnerability
Microsoft is releasing this security advisory to provide information about a vulnerability in .NET 10.0. This advisory also provides guidance on what developers can do to update their applications to remove this vulnerability.

An elevation of privilege vulnerability exists in .NET due to improper authorization. Incorrect packaging permissions could allow an attacker to gain elevated privileges.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-26131.json
reference_id
reference_type
scores
0
value 7.8
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-26131.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-26131
reference_id
reference_type
scores
0
value 0.00025
scoring_system epss
scoring_elements 0.07258
published_at 2026-06-08T12:55:00Z
1
value 0.00025
scoring_system epss
scoring_elements 0.0732
published_at 2026-06-05T12:55:00Z
2
value 0.00025
scoring_system epss
scoring_elements 0.07325
published_at 2026-06-06T12:55:00Z
3
value 0.00025
scoring_system epss
scoring_elements 0.07302
published_at 2026-06-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-26131
2
reference_url https://github.com/dotnet/runtime
reference_id
reference_type
scores
0
value 7.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/dotnet/runtime
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2446069
reference_id 2446069
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2446069
4
reference_url https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-26131
reference_id CVE-2026-26131
reference_type
scores
0
value 7.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value 7.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
2
value HIGH
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-11T03:55:27Z/
url https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-26131
5
reference_url https://nvd.nist.gov/vuln/detail/CVE-2026-26131
reference_id CVE-2026-26131
reference_type
scores
0
value 7.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2026-26131
6
reference_url https://github.com/advisories/GHSA-crjq-wm6x-6qx7
reference_id GHSA-crjq-wm6x-6qx7
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-crjq-wm6x-6qx7
7
reference_url https://github.com/dotnet/runtime/security/advisories/GHSA-crjq-wm6x-6qx7
reference_id GHSA-crjq-wm6x-6qx7
reference_type
scores
0
value 7.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/dotnet/runtime/security/advisories/GHSA-crjq-wm6x-6qx7
8
reference_url https://access.redhat.com/errata/RHSA-2026:9077
reference_id RHSA-2026:9077
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:9077
fixed_packages
0
url pkg:nuget/Microsoft.NetCore.App.Runtime.linux-arm64@10.0.4
purl pkg:nuget/Microsoft.NetCore.App.Runtime.linux-arm64@10.0.4
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.NetCore.App.Runtime.linux-arm64@10.0.4
aliases CVE-2026-26131, GHSA-crjq-wm6x-6qx7
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-9uun-xxhj-fuee
2
url VCID-rrdb-9frq-myay
vulnerability_id VCID-rrdb-9frq-myay
summary 
Duplicate Advisory: Microsoft Security Advisory CVE-2026-26131 – .NET Elevation of Privilege Vulnerability
### Duplicate Advisory
This advisory has been withdrawn because it is a duplicate of GHSA-crjq-wm6x-6qx7. This link is maintained to preserve external references.

### Original Description

Incorrect default permissions in .NET allows an authorized attacker to elevate privileges locally.
references
0
reference_url https://github.com/dotnet/dotnet
reference_id
reference_type
scores
0
value 7.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/dotnet/dotnet
1
reference_url https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-26131
reference_id CVE-2026-26131
reference_type
scores
0
value 7.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-26131
2
reference_url https://nvd.nist.gov/vuln/detail/CVE-2026-26131
reference_id CVE-2026-26131
reference_type
scores
0
value 7.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2026-26131
3
reference_url https://github.com/advisories/GHSA-387c-qmrw-59qv
reference_id GHSA-387c-qmrw-59qv
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-387c-qmrw-59qv
fixed_packages
0
url pkg:nuget/Microsoft.NetCore.App.Runtime.linux-arm64@10.0.4
purl pkg:nuget/Microsoft.NetCore.App.Runtime.linux-arm64@10.0.4
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.NetCore.App.Runtime.linux-arm64@10.0.4
aliases GHSA-387c-qmrw-59qv
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-rrdb-9frq-myay
Fixing_vulnerabilities
Risk_score4.0
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.NetCore.App.Runtime.linux-arm64@10.0.3