Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:npm/%40whyour/qinglong@2.20.0-1
Typenpm
Namespace@whyour
Nameqinglong
Version2.20.0-1
Qualifiers
Subpath
Is_vulnerabletrue
Next_non_vulnerable_versionnull
Latest_non_vulnerable_versionnull
Affected_by_vulnerabilities
0
url VCID-rszg-7hcj-q3aa
vulnerability_id VCID-rszg-7hcj-q3aa
summary 
@whyour/qinglong: manipulation of the argument command leads to protection mechanism failure
A security vulnerability has been detected in whyour qinglong up to 2.20.1. Affected is an unknown function of the file back/loaders/express.ts of the component API Interface. The manipulation of the argument command leads to protection mechanism failure. The attack may be initiated remotely. The exploit has been disclosed publicly and may be used. Upgrading to version 2.20.2 is able to address this issue. The identifier of the patch is 6bec52dca158481258315ba0fc2f11206df7b719. It is advisable to upgrade the affected component. The code maintainer was informed beforehand about the issues. He reacted very fast and highly professional.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-3965
reference_id
reference_type
scores
0
value 0.00119
scoring_system epss
scoring_elements 0.3037
published_at 2026-06-07T12:55:00Z
1
value 0.00119
scoring_system epss
scoring_elements 0.30355
published_at 2026-06-09T12:55:00Z
2
value 0.00119
scoring_system epss
scoring_elements 0.30338
published_at 2026-06-08T12:55:00Z
3
value 0.00119
scoring_system epss
scoring_elements 0.30432
published_at 2026-06-05T12:55:00Z
4
value 0.00119
scoring_system epss
scoring_elements 0.30399
published_at 2026-06-06T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-3965
1
reference_url https://github.com/A7cc/cve/issues/6
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv2
scoring_elements AV:N/AC:L/Au:S/C:P/I:P/A:P/E:POC/RL:OF/RC:C
1
value 6.3
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:O/RC:C
2
value 6.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:O/RC:C
3
value 6.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
4
value 2.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P
5
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P
6
value LOW
scoring_system generic_textual
scoring_elements
7
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-12T13:27:45Z/
url https://github.com/A7cc/cve/issues/6
2
reference_url https://github.com/A7cc/cve/issues/6#issue-3999235307
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv2
scoring_elements AV:N/AC:L/Au:S/C:P/I:P/A:P/E:POC/RL:OF/RC:C
1
value 6.3
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:O/RC:C
2
value 6.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
3
value 6.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:O/RC:C
4
value 2.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P
5
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P
6
value LOW
scoring_system generic_textual
scoring_elements
7
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-12T13:27:45Z/
url https://github.com/A7cc/cve/issues/6#issue-3999235307
3
reference_url https://github.com/whyour/qinglong
reference_id
reference_type
scores
0
value 6.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
1
value 2.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P
2
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/whyour/qinglong
4
reference_url https://github.com/whyour/qinglong/commit/6bec52dca158481258315ba0fc2f11206df7b719
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv2
scoring_elements AV:N/AC:L/Au:S/C:P/I:P/A:P/E:POC/RL:OF/RC:C
1
value 6.3
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:O/RC:C
2
value 6.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
3
value 6.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:O/RC:C
4
value 2.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P
5
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P
6
value LOW
scoring_system generic_textual
scoring_elements
7
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-12T13:27:45Z/
url https://github.com/whyour/qinglong/commit/6bec52dca158481258315ba0fc2f11206df7b719
5
reference_url https://github.com/whyour/qinglong/pull/2941
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv2
scoring_elements AV:N/AC:L/Au:S/C:P/I:P/A:P/E:POC/RL:OF/RC:C
1
value 6.3
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:O/RC:C
2
value 6.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:O/RC:C
3
value 6.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
4
value 2.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P
5
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P
6
value LOW
scoring_system generic_textual
scoring_elements
7
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-12T13:27:45Z/
url https://github.com/whyour/qinglong/pull/2941
6
reference_url https://github.com/whyour/qinglong/releases/tag/v2.20.2
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv2
scoring_elements AV:N/AC:L/Au:S/C:P/I:P/A:P/E:POC/RL:OF/RC:C
1
value 6.3
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:O/RC:C
2
value 6.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
3
value 6.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:O/RC:C
4
value 2.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P
5
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P
6
value LOW
scoring_system generic_textual
scoring_elements
7
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-12T13:27:45Z/
url https://github.com/whyour/qinglong/releases/tag/v2.20.2
7
reference_url https://nvd.nist.gov/vuln/detail/CVE-2026-3965
reference_id
reference_type
scores
0
value 6.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
1
value 2.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P
2
value LOW
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2026-3965
8
reference_url https://vuldb.com/?ctiid.350394
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv2
scoring_elements AV:N/AC:L/Au:S/C:P/I:P/A:P/E:POC/RL:OF/RC:C
1
value 6.3
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:O/RC:C
2
value 6.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:O/RC:C
3
value 6.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
4
value 2.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P
5
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P
6
value LOW
scoring_system generic_textual
scoring_elements
7
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-12T13:27:45Z/
url https://vuldb.com/?ctiid.350394
9
reference_url https://vuldb.com/?id.350394
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv2
scoring_elements AV:N/AC:L/Au:S/C:P/I:P/A:P/E:POC/RL:OF/RC:C
1
value 6.3
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:O/RC:C
2
value 6.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:O/RC:C
3
value 6.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
4
value 2.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P
5
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P
6
value LOW
scoring_system generic_textual
scoring_elements
7
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-12T13:27:45Z/
url https://vuldb.com/?id.350394
10
reference_url https://vuldb.com/?submit.768861
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv2
scoring_elements AV:N/AC:L/Au:S/C:P/I:P/A:P/E:POC/RL:OF/RC:C
1
value 6.3
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:O/RC:C
2
value 6.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:O/RC:C
3
value 6.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
4
value 2.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P
5
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P
6
value LOW
scoring_system generic_textual
scoring_elements
7
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-12T13:27:45Z/
url https://vuldb.com/?submit.768861
11
reference_url https://github.com/advisories/GHSA-xj37-qjg2-xwv2
reference_id GHSA-xj37-qjg2-xwv2
reference_type
scores
0
value LOW
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-xj37-qjg2-xwv2
12
reference_url https://github.com/whyour/qinglong/
reference_id qinglong
reference_type
scores
0
value 6.5
scoring_system cvssv2
scoring_elements AV:N/AC:L/Au:S/C:P/I:P/A:P/E:POC/RL:OF/RC:C
1
value 6.3
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:O/RC:C
2
value 6.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:O/RC:C
3
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P
4
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-12T13:27:45Z/
url https://github.com/whyour/qinglong/
fixed_packages
0
url pkg:npm/%40whyour/qinglong@2.20.2
purl pkg:npm/%40whyour/qinglong@2.20.2
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/%2540whyour/qinglong@2.20.2
aliases CVE-2026-3965, GHSA-xj37-qjg2-xwv2
risk_score 3.0
exploitability 0.5
weighted_severity 5.9
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-rszg-7hcj-q3aa
Fixing_vulnerabilities
Risk_score3.0
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:npm/%2540whyour/qinglong@2.20.0-1