Django REST framework

Vulnerability Instance

Lookup for vulnerabilities affecting packages.

Vulnerability_idVCID-dd4f-ze16-nudp
Summary
Improper Restriction of Operations within the Bounds of a Memory Buffer
The Chakra JavaScript engine in Microsoft Edge allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Scripting Engine Memory Corruption Vulnerability," a different vulnerability than CVE-2016-0191 and CVE-2016-0193.
Aliases
0
alias CVE-2016-0186
1
alias GHSA-fjj8-gv4j-953p
Fixed_packages
0
url pkg:nuget/Microsoft.ChakraCore@1.2.0
purl pkg:nuget/Microsoft.ChakraCore@1.2.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-18bt-p9bu-7kcg
1
vulnerability VCID-18cy-ef2d-sfgs
2
vulnerability VCID-193r-rk9b-73a7
3
vulnerability VCID-19s3-6hk5-zydp
4
vulnerability VCID-1d4d-6ycn-kfbg
5
vulnerability VCID-1fvy-afaq-7ffz
6
vulnerability VCID-1hm4-8j3z-gbe8
7
vulnerability VCID-1mqn-qxsq-gfb5
8
vulnerability VCID-1txb-sjay-ukfb
9
vulnerability VCID-1xh6-cjvx-4bej
10
vulnerability VCID-1xjh-99vu-vyf6
11
vulnerability VCID-27q5-85wq-ayhx
12
vulnerability VCID-2jw8-vq79-3yc4
13
vulnerability VCID-2ry8-tv1k-pyb3
14
vulnerability VCID-2x6n-tg25-wkc4
15
vulnerability VCID-3r3s-nrc8-sbe6
16
vulnerability VCID-431z-8875-d7fr
17
vulnerability VCID-46f5-3qcs-ckcw
18
vulnerability VCID-4jw5-n3pz-zuhf
19
vulnerability VCID-4kr2-wf77-nug4
20
vulnerability VCID-4n9b-ptn2-3ugd
21
vulnerability VCID-4rr8-ter6-7yaw
22
vulnerability VCID-523x-9n5w-rqc2
23
vulnerability VCID-532u-w1p6-rycx
24
vulnerability VCID-54xz-xw4u-xqh9
25
vulnerability VCID-558y-9j3b-fyd3
26
vulnerability VCID-5s8e-w8mp-xydh
27
vulnerability VCID-63zg-je8v-2yh6
28
vulnerability VCID-66rk-gaz2-x7et
29
vulnerability VCID-6yew-52pk-nfe9
30
vulnerability VCID-6zfw-kag6-sfhq
31
vulnerability VCID-7sqx-g2jn-9yds
32
vulnerability VCID-7trr-1jwb-zufw
33
vulnerability VCID-7z5t-cth2-ybe1
34
vulnerability VCID-8jd7-9g2p-xqec
35
vulnerability VCID-8jqz-9eaj-mfaj
36
vulnerability VCID-8swk-fket-wkes
37
vulnerability VCID-99dg-rm43-9qef
38
vulnerability VCID-9u2d-1vj5-sfbf
39
vulnerability VCID-9v8t-kbf9-yye5
40
vulnerability VCID-ahe3-4w9p-xfba
41
vulnerability VCID-b6wu-ubuv-jqeg
42
vulnerability VCID-bmba-t3ga-fuh6
43
vulnerability VCID-brne-zr1j-zqdz
44
vulnerability VCID-btua-a1pr-mbbe
45
vulnerability VCID-busw-m81p-67ch
46
vulnerability VCID-cmad-nxc3-3ugn
47
vulnerability VCID-dc3y-6mb9-6fe1
48
vulnerability VCID-dcer-1uh1-a7h9
49
vulnerability VCID-e1b9-bq4b-9fh7
50
vulnerability VCID-eygy-bzey-7yaq
51
vulnerability VCID-f8m6-a9a9-juhw
52
vulnerability VCID-fedc-anrx-ufg2
53
vulnerability VCID-fj84-9g1p-vfa5
54
vulnerability VCID-fxfn-jq82-n3fy
55
vulnerability VCID-fzjt-qse7-kbd5
56
vulnerability VCID-ggf4-u8qd-eff7
57
vulnerability VCID-gvr1-zbs9-sffy
58
vulnerability VCID-gyyj-1jxm-vfbu
59
vulnerability VCID-hagb-nxwq-tbg3
60
vulnerability VCID-hbcj-83rp-jbd4
61
vulnerability VCID-hcfa-1wq4-wyga
62
vulnerability VCID-hdpy-kfn8-sbba
63
vulnerability VCID-je2z-mcvk-gqhp
64
vulnerability VCID-jerx-5eyv-ebeq
65
vulnerability VCID-jmx4-vvk4-ykdk
66
vulnerability VCID-kbee-zr5j-hkat
67
vulnerability VCID-keaw-uz84-9qer
68
vulnerability VCID-kua2-9yb8-gkgq
69
vulnerability VCID-mczu-b3e6-5bgb
70
vulnerability VCID-me7g-49jk-63c2
71
vulnerability VCID-mksq-kg9m-uqdz
72
vulnerability VCID-mm2r-t2rz-7ygp
73
vulnerability VCID-mmba-qzvj-37df
74
vulnerability VCID-mnd4-84rp-mbb4
75
vulnerability VCID-mpe4-db65-4qab
76
vulnerability VCID-mqsb-hzpy-5ygv
77
vulnerability VCID-ncbk-mcwh-3fa3
78
vulnerability VCID-nd4s-mcgx-s3bs
79
vulnerability VCID-nh3m-s7fe-bqek
80
vulnerability VCID-njsb-3b47-77hk
81
vulnerability VCID-nn2u-snsx-83hq
82
vulnerability VCID-nypa-dv6a-aydu
83
vulnerability VCID-nyyv-c55j-pyea
84
vulnerability VCID-pusx-pa1h-yyfu
85
vulnerability VCID-pxev-85t8-fug6
86
vulnerability VCID-pyt1-g2tu-eqb4
87
vulnerability VCID-qgsm-c5dq-bfb8
88
vulnerability VCID-qndq-e3vk-ybeu
89
vulnerability VCID-qwbu-jvxv-bbej
90
vulnerability VCID-qxax-card-uyfy
91
vulnerability VCID-r16a-n5nn-nybp
92
vulnerability VCID-rffd-vnyj-puc3
93
vulnerability VCID-rkns-keya-cyfj
94
vulnerability VCID-rnva-ys32-7kbu
95
vulnerability VCID-rxgn-xep7-fya7
96
vulnerability VCID-ry6a-46j6-ybgk
97
vulnerability VCID-saxs-fd9n-cyem
98
vulnerability VCID-shdw-sqhu-v3aa
99
vulnerability VCID-sqfw-zhmk-mkbe
100
vulnerability VCID-st54-u8tz-33gs
101
vulnerability VCID-t8bg-6rsw-ebf8
102
vulnerability VCID-tnh1-zjdq-6qhd
103
vulnerability VCID-tnhg-2f5h-cfaa
104
vulnerability VCID-tpdy-ttbh-5kh6
105
vulnerability VCID-udcs-da57-q7hs
106
vulnerability VCID-uwda-x8ud-b7ht
107
vulnerability VCID-v4er-vyja-qffa
108
vulnerability VCID-v7k3-6juv-47gr
109
vulnerability VCID-vk99-umu1-2bag
110
vulnerability VCID-vser-kewx-akh4
111
vulnerability VCID-vx2e-zgfx-dkau
112
vulnerability VCID-vxjj-cqyk-w3hd
113
vulnerability VCID-w2kf-rnn3-huc8
114
vulnerability VCID-wevg-rszb-9ufb
115
vulnerability VCID-wjjc-1wyd-87fp
116
vulnerability VCID-x6wa-636e-zugv
117
vulnerability VCID-xcd3-cznv-xuc8
118
vulnerability VCID-xk96-csb5-syac
119
vulnerability VCID-xkm6-uy8d-x3cq
120
vulnerability VCID-y3z3-emkf-bug3
121
vulnerability VCID-yabf-1cc1-v7dk
122
vulnerability VCID-yc6q-h53h-9khy
123
vulnerability VCID-z2u9-jd5w-rkb5
124
vulnerability VCID-z6hg-axpc-1qht
125
vulnerability VCID-z6nc-29bh-77h9
126
vulnerability VCID-z8aj-6xyd-fkfq
127
vulnerability VCID-zptc-hpne-x7at
128
vulnerability VCID-zqb9-5v29-xbc6
129
vulnerability VCID-ztbp-3phk-zkeg
resource_url http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.ChakraCore@1.2.0
Affected_packages
References
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-0186
reference_id
reference_type
scores
0
value 0.21761
scoring_system epss
scoring_elements 0.95843
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-0186
1
reference_url https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-052
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-052
2
reference_url https://github.com/chakra-core/ChakraCore
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/chakra-core/ChakraCore
3
reference_url https://github.com/chakra-core/ChakraCore/commit/d21529b131d831fc4470139bfc90d80ae7481fa2
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/chakra-core/ChakraCore/commit/d21529b131d831fc4470139bfc90d80ae7481fa2
4
reference_url https://web.archive.org/web/20201024061334/http://www.securitytracker.com/id/1035821
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20201024061334/http://www.securitytracker.com/id/1035821
5
reference_url https://web.archive.org/web/20210123133438/http://www.securityfocus.com/bid/90008
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20210123133438/http://www.securityfocus.com/bid/90008
6
reference_url http://www.zerodayinitiative.com/advisories/ZDI-16-338
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.zerodayinitiative.com/advisories/ZDI-16-338
7
reference_url http://www.zerodayinitiative.com/advisories/ZDI-16-355
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.zerodayinitiative.com/advisories/ZDI-16-355
8
reference_url https://nvd.nist.gov/vuln/detail/CVE-2016-0186
reference_id CVE-2016-0186
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2016-0186
9
reference_url https://github.com/advisories/GHSA-fjj8-gv4j-953p
reference_id GHSA-fjj8-gv4j-953p
reference_type
scores
url https://github.com/advisories/GHSA-fjj8-gv4j-953p
Weaknesses
0
cwe_id 1035
name OWASP Top Ten 2017 Category A9 - Using Components with Known Vulnerabilities
description Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2017.
1
cwe_id 119
name Improper Restriction of Operations within the Bounds of a Memory Buffer
description The product performs operations on a memory buffer, but it can read from or write to a memory location that is outside of the intended boundary of the buffer.
2
cwe_id 78
name Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
description The product constructs all or part of an OS command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended OS command when it is sent to a downstream component.
3
cwe_id 937
name OWASP Top Ten 2013 Category A9 - Using Components with Known Vulnerabilities
description Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2013.
Exploits
Severity_range_score7.0 - 8.9
Exploitabilitynull
Weighted_severitynull
Risk_scorenull
Resource_urlhttp://public2.vulnerablecode.io/vulnerabilities/VCID-dd4f-ze16-nudp