Django REST framework

Lookup for vulnerabilities affecting packages.

Vulnerability_id VCID-wbqh-dpwk-pfgd

Summary tools/tiffcrop.c in LibTIFF 4.0.7 allows remote attackers to cause a denial of service (heap-based buffer over-read and buffer overflow) or possibly have unspecified other impact via a crafted TIFF image, related to "READ of size 1" and libtiff/tif_fax3.c:413:13.

Aliases

alias	CVE-2016-10271

Fixed_packages

url	pkg:deb/debian/tiff@4.0.7-2?distro=trixie
purl	pkg:deb/debian/tiff@4.0.7-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.0.7-2%3Fdistro=trixie

url pkg:deb/debian/tiff@4.2.0-1%2Bdeb11u5?distro=trixie

purl pkg:deb/debian/tiff@4.2.0-1%2Bdeb11u5?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5qdp-vzrd-uqgc

vulnerability	VCID-5zvp-ysut-juep

vulnerability	VCID-6hf4-rc1a-pbg6

vulnerability	VCID-6v96-k8cs-13f7

vulnerability	VCID-92dt-g6m8-fufk

vulnerability	VCID-anfx-xj8v-kfg8

vulnerability	VCID-c7nt-5d64-kkev

vulnerability	VCID-d52s-g5c7-qka3

vulnerability	VCID-fbks-9s7e-wfcj

vulnerability	VCID-gyvd-4m8g-jkdu

vulnerability	VCID-hhgz-j76b-k7d4

vulnerability	VCID-kxdc-8rht-vfdy

vulnerability	VCID-n3p5-9ykg-sufd

vulnerability	VCID-nwgs-pqj7-xkbs

vulnerability	VCID-su9v-ewt3-6ua8

vulnerability	VCID-xg35-8jbc-wqa4

vulnerability	VCID-xms6-c2j7-hfh8

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.2.0-1%252Bdeb11u5%3Fdistro=trixie

url pkg:deb/debian/tiff@4.5.0-6%2Bdeb12u4?distro=trixie

purl pkg:deb/debian/tiff@4.5.0-6%2Bdeb12u4?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5qdp-vzrd-uqgc

vulnerability	VCID-5zvp-ysut-juep

vulnerability	VCID-6hf4-rc1a-pbg6

vulnerability	VCID-6v96-k8cs-13f7

vulnerability	VCID-92dt-g6m8-fufk

vulnerability	VCID-c7nt-5d64-kkev

vulnerability	VCID-cpk7-uyvf-3kb6

vulnerability	VCID-d52s-g5c7-qka3

vulnerability	VCID-fbks-9s7e-wfcj

vulnerability	VCID-gyvd-4m8g-jkdu

vulnerability	VCID-kxdc-8rht-vfdy

vulnerability	VCID-n3p5-9ykg-sufd

vulnerability	VCID-nwgs-pqj7-xkbs

vulnerability	VCID-su9v-ewt3-6ua8

vulnerability	VCID-xg35-8jbc-wqa4

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.5.0-6%252Bdeb12u4%3Fdistro=trixie

url pkg:deb/debian/tiff@4.7.0-3%2Bdeb13u2?distro=trixie

purl pkg:deb/debian/tiff@4.7.0-3%2Bdeb13u2?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5qdp-vzrd-uqgc

vulnerability	VCID-6hf4-rc1a-pbg6

vulnerability	VCID-92dt-g6m8-fufk

vulnerability	VCID-fbks-9s7e-wfcj

vulnerability	VCID-n3p5-9ykg-sufd

vulnerability	VCID-su9v-ewt3-6ua8

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.0-3%252Bdeb13u2%3Fdistro=trixie

url	pkg:deb/debian/tiff@4.7.1-2?distro=trixie
purl	pkg:deb/debian/tiff@4.7.1-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.1-2%3Fdistro=trixie

Affected_packages

References

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-10271.json

reference_id

reference_type

scores

value	3.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-10271.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2016-10271

reference_id

reference_type

scores

value	0.00419
scoring_system	epss
scoring_elements	0.62226
published_at	2026-06-04T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2016-10271

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1438453
reference_id	1438453
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1438453

Weaknesses

cwe_id	122
name	Heap-based Buffer Overflow
description	A heap overflow condition is a buffer overflow, where the buffer that can be overwritten is allocated in the heap portion of memory, generally meaning that the buffer was allocated using a routine such as malloc().

Exploits

Severity_range_score 3.3 - 3.3

Exploitability null

Weighted_severity null

Risk_score null

Resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-wbqh-dpwk-pfgd

Vulnerability Instance