Django REST framework

Vulnerability Instance

Lookup for vulnerabilities affecting packages.

Vulnerability_idVCID-nv7m-hsr3-17gk
SummaryA regular Zabbix user can search other users in their user group via Zabbix API by select fields the user does not have access to view. This allows data-mining some field values the user does not have access to.
Aliases
0
alias CVE-2025-27236
Fixed_packages
0
url pkg:deb/debian/zabbix@1:7.0.9%2Bdfsg-1~bpo12%2B1
purl pkg:deb/debian/zabbix@1:7.0.9%2Bdfsg-1~bpo12%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:7.0.9%252Bdfsg-1~bpo12%252B1
1
url pkg:deb/debian/zabbix@1:7.0.22%2Bdfsg-1~deb13u1?distro=trixie
purl pkg:deb/debian/zabbix@1:7.0.22%2Bdfsg-1~deb13u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:7.0.22%252Bdfsg-1~deb13u1%3Fdistro=trixie
2
url pkg:deb/debian/zabbix@1:7.0.22%2Bdfsg-1?distro=trixie
purl pkg:deb/debian/zabbix@1:7.0.22%2Bdfsg-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:7.0.22%252Bdfsg-1%3Fdistro=trixie
3
url pkg:deb/debian/zabbix@1:7.0.22%2Bdfsg-1.1?distro=trixie
purl pkg:deb/debian/zabbix@1:7.0.22%2Bdfsg-1.1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:7.0.22%252Bdfsg-1.1%3Fdistro=trixie
Affected_packages
0
url pkg:deb/debian/zabbix@1:5.0.8%2Bdfsg-1
purl pkg:deb/debian/zabbix@1:5.0.8%2Bdfsg-1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-18kh-njx3-p7aw
1
vulnerability VCID-21tq-54r3-cqec
2
vulnerability VCID-35gu-ctk8-2yd2
3
vulnerability VCID-3azv-fsyx-n3fz
4
vulnerability VCID-4c5a-bddp-pka5
5
vulnerability VCID-53f2-uzt4-pqgs
6
vulnerability VCID-5t3t-6uqs-akbk
7
vulnerability VCID-5wgt-e67m-ffah
8
vulnerability VCID-75fb-vhhc-fbe8
9
vulnerability VCID-8eb9-mxpg-5kf2
10
vulnerability VCID-8zqh-3xt2-nbdq
11
vulnerability VCID-ambh-afzs-2kg9
12
vulnerability VCID-bff2-nhum-ckhj
13
vulnerability VCID-bm7b-qurk-2qdk
14
vulnerability VCID-buz8-zycr-tbh2
15
vulnerability VCID-dr1v-72p6-2yhn
16
vulnerability VCID-fefk-6mjh-67fm
17
vulnerability VCID-frdw-trch-uufq
18
vulnerability VCID-gapt-kwkw-kkek
19
vulnerability VCID-gda8-xx5v-u7g2
20
vulnerability VCID-gj5s-dde8-1ubx
21
vulnerability VCID-h5fw-ktc6-rqd3
22
vulnerability VCID-hhsz-ba47-zka4
23
vulnerability VCID-jate-jey2-n3g1
24
vulnerability VCID-jcd1-hyep-c3h3
25
vulnerability VCID-jked-29nn-tqe3
26
vulnerability VCID-k8pk-h464-kuek
27
vulnerability VCID-nv7m-hsr3-17gk
28
vulnerability VCID-pgj4-u64z-17bt
29
vulnerability VCID-sc8u-4w9c-23ev
30
vulnerability VCID-t864-v2g6-jbhk
31
vulnerability VCID-tt47-6swy-n3cw
32
vulnerability VCID-u4hp-dwsj-53b9
33
vulnerability VCID-ubyg-pbmy-ekds
34
vulnerability VCID-vuzz-by1n-aff9
35
vulnerability VCID-wv5n-ccn5-fqc2
36
vulnerability VCID-xaqm-x1w4-s3hn
37
vulnerability VCID-xbu8-2jvk-83gy
38
vulnerability VCID-xjrj-meu6-qkc8
39
vulnerability VCID-ytep-z8dn-vfh7
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:5.0.8%252Bdfsg-1
1
url pkg:deb/debian/zabbix@1:5.0.8%2Bdfsg-1?distro=trixie
purl pkg:deb/debian/zabbix@1:5.0.8%2Bdfsg-1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-18kh-njx3-p7aw
1
vulnerability VCID-53f2-uzt4-pqgs
2
vulnerability VCID-8zqh-3xt2-nbdq
3
vulnerability VCID-bff2-nhum-ckhj
4
vulnerability VCID-dr1v-72p6-2yhn
5
vulnerability VCID-frdw-trch-uufq
6
vulnerability VCID-gapt-kwkw-kkek
7
vulnerability VCID-gj5s-dde8-1ubx
8
vulnerability VCID-nv7m-hsr3-17gk
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:5.0.8%252Bdfsg-1%3Fdistro=trixie
2
url pkg:deb/debian/zabbix@1:6.0.14%2Bdfsg-1
purl pkg:deb/debian/zabbix@1:6.0.14%2Bdfsg-1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-18kh-njx3-p7aw
1
vulnerability VCID-21tq-54r3-cqec
2
vulnerability VCID-2jas-5kc1-puat
3
vulnerability VCID-35gu-ctk8-2yd2
4
vulnerability VCID-3azv-fsyx-n3fz
5
vulnerability VCID-3stx-z7ze-wbe8
6
vulnerability VCID-53f2-uzt4-pqgs
7
vulnerability VCID-547k-dyst-k3gx
8
vulnerability VCID-5t3t-6uqs-akbk
9
vulnerability VCID-75fb-vhhc-fbe8
10
vulnerability VCID-7ajm-my3d-7fgy
11
vulnerability VCID-8eb9-mxpg-5kf2
12
vulnerability VCID-8zqh-3xt2-nbdq
13
vulnerability VCID-ambh-afzs-2kg9
14
vulnerability VCID-beqm-vczf-dqgj
15
vulnerability VCID-bff2-nhum-ckhj
16
vulnerability VCID-buz8-zycr-tbh2
17
vulnerability VCID-dr1v-72p6-2yhn
18
vulnerability VCID-fefk-6mjh-67fm
19
vulnerability VCID-frdw-trch-uufq
20
vulnerability VCID-gapt-kwkw-kkek
21
vulnerability VCID-gj5s-dde8-1ubx
22
vulnerability VCID-h5fw-ktc6-rqd3
23
vulnerability VCID-hhsz-ba47-zka4
24
vulnerability VCID-jate-jey2-n3g1
25
vulnerability VCID-jkcz-zpks-ubgz
26
vulnerability VCID-jked-29nn-tqe3
27
vulnerability VCID-jx4z-thz3-rbdw
28
vulnerability VCID-jy3a-zvh4-b3ag
29
vulnerability VCID-kfz9-wq8k-nkb3
30
vulnerability VCID-m5us-tmqh-wkbm
31
vulnerability VCID-mpy5-d7qa-u7fz
32
vulnerability VCID-n38c-6usb-tkgq
33
vulnerability VCID-nv7m-hsr3-17gk
34
vulnerability VCID-pgj4-u64z-17bt
35
vulnerability VCID-pr1g-m4k2-1ue1
36
vulnerability VCID-sc8u-4w9c-23ev
37
vulnerability VCID-t864-v2g6-jbhk
38
vulnerability VCID-tbsd-gk6n-9ygc
39
vulnerability VCID-u4hp-dwsj-53b9
40
vulnerability VCID-ubyg-pbmy-ekds
41
vulnerability VCID-vuzz-by1n-aff9
42
vulnerability VCID-w384-t6ne-s3g7
43
vulnerability VCID-w4dd-77t2-wuc7
44
vulnerability VCID-wurt-zx5x-8kds
45
vulnerability VCID-wv5n-ccn5-fqc2
46
vulnerability VCID-xaqm-x1w4-s3hn
47
vulnerability VCID-xwr8-85au-ukd7
48
vulnerability VCID-ytep-z8dn-vfh7
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:6.0.14%252Bdfsg-1
3
url pkg:deb/debian/zabbix@1:6.0.14%2Bdfsg-1?distro=trixie
purl pkg:deb/debian/zabbix@1:6.0.14%2Bdfsg-1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-18kh-njx3-p7aw
1
vulnerability VCID-21tq-54r3-cqec
2
vulnerability VCID-2jas-5kc1-puat
3
vulnerability VCID-35gu-ctk8-2yd2
4
vulnerability VCID-3azv-fsyx-n3fz
5
vulnerability VCID-3stx-z7ze-wbe8
6
vulnerability VCID-53f2-uzt4-pqgs
7
vulnerability VCID-547k-dyst-k3gx
8
vulnerability VCID-5t3t-6uqs-akbk
9
vulnerability VCID-75fb-vhhc-fbe8
10
vulnerability VCID-7ajm-my3d-7fgy
11
vulnerability VCID-8eb9-mxpg-5kf2
12
vulnerability VCID-8zqh-3xt2-nbdq
13
vulnerability VCID-ambh-afzs-2kg9
14
vulnerability VCID-beqm-vczf-dqgj
15
vulnerability VCID-bff2-nhum-ckhj
16
vulnerability VCID-buz8-zycr-tbh2
17
vulnerability VCID-dr1v-72p6-2yhn
18
vulnerability VCID-fefk-6mjh-67fm
19
vulnerability VCID-frdw-trch-uufq
20
vulnerability VCID-gapt-kwkw-kkek
21
vulnerability VCID-gj5s-dde8-1ubx
22
vulnerability VCID-h5fw-ktc6-rqd3
23
vulnerability VCID-hhsz-ba47-zka4
24
vulnerability VCID-jate-jey2-n3g1
25
vulnerability VCID-jkcz-zpks-ubgz
26
vulnerability VCID-jked-29nn-tqe3
27
vulnerability VCID-jx4z-thz3-rbdw
28
vulnerability VCID-jy3a-zvh4-b3ag
29
vulnerability VCID-kfz9-wq8k-nkb3
30
vulnerability VCID-m5us-tmqh-wkbm
31
vulnerability VCID-mpy5-d7qa-u7fz
32
vulnerability VCID-n38c-6usb-tkgq
33
vulnerability VCID-nv7m-hsr3-17gk
34
vulnerability VCID-pgj4-u64z-17bt
35
vulnerability VCID-pr1g-m4k2-1ue1
36
vulnerability VCID-sc8u-4w9c-23ev
37
vulnerability VCID-t864-v2g6-jbhk
38
vulnerability VCID-tbsd-gk6n-9ygc
39
vulnerability VCID-u4hp-dwsj-53b9
40
vulnerability VCID-ubyg-pbmy-ekds
41
vulnerability VCID-vuzz-by1n-aff9
42
vulnerability VCID-w384-t6ne-s3g7
43
vulnerability VCID-w4dd-77t2-wuc7
44
vulnerability VCID-wurt-zx5x-8kds
45
vulnerability VCID-wv5n-ccn5-fqc2
46
vulnerability VCID-xaqm-x1w4-s3hn
47
vulnerability VCID-xwr8-85au-ukd7
48
vulnerability VCID-ytep-z8dn-vfh7
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:6.0.14%252Bdfsg-1%3Fdistro=trixie
References
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-27236
reference_id
reference_type
scores
0
value 0.00043
scoring_system epss
scoring_elements 0.13378
published_at 2026-06-05T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-27236
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-27236
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-27236
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 3.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1117448
reference_id 1117448
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1117448
4
reference_url https://support.zabbix.com/browse/ZBX-27060
reference_id ZBX-27060
reference_type
scores
0
value 2.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:A/AC:L/AT:P/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-03T13:52:30Z/
url https://support.zabbix.com/browse/ZBX-27060
Weaknesses
0
cwe_id 863
name Incorrect Authorization
description The product performs an authorization check when an actor attempts to access a resource or perform an action, but it does not correctly perform the check. This allows attackers to bypass intended access restrictions.
Exploits
Severity_range_score2.1 - 3.5
Exploitability0.5
Weighted_severity0.0
Risk_scorenull
Resource_urlhttp://public2.vulnerablecode.io/vulnerabilities/VCID-nv7m-hsr3-17gk