Django REST framework

Lookup for vulnerabilities affecting packages.

Vulnerability_id VCID-q3c4-ra65-dbcv

Summary

Aliases

alias	CVE-2017-14992

alias	GHSA-hqwh-8xv9-42hw

Fixed_packages

url	pkg:deb/debian/docker.io@18.03.1%2Bdfsg1-2?distro=trixie
purl	pkg:deb/debian/docker.io@18.03.1%2Bdfsg1-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/docker.io@18.03.1%252Bdfsg1-2%3Fdistro=trixie

url pkg:deb/debian/docker.io@20.10.5%2Bdfsg1-1%2Bdeb11u2?distro=trixie

purl pkg:deb/debian/docker.io@20.10.5%2Bdfsg1-1%2Bdeb11u2?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-67mg-1q8a-rbcq

vulnerability	VCID-7ugc-yqjg-kue6

vulnerability	VCID-858t-sgz7-j3ey

vulnerability	VCID-bmuh-qc4u-mffu

vulnerability	VCID-cbyh-2554-gqce

vulnerability	VCID-fzbm-j2tx-fqac

vulnerability	VCID-nvya-ncuk-w7de

vulnerability	VCID-pwvp-y9g3-6bd2

vulnerability	VCID-s3rd-3y77-z3f8

vulnerability	VCID-w2sn-zam3-s3fv

vulnerability	VCID-zq4c-xjcf-pqgb

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/docker.io@20.10.5%252Bdfsg1-1%252Bdeb11u2%3Fdistro=trixie

url pkg:deb/debian/docker.io@20.10.24%2Bdfsg1-1%2Bdeb12u1?distro=trixie

purl pkg:deb/debian/docker.io@20.10.24%2Bdfsg1-1%2Bdeb12u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-7ugc-yqjg-kue6

vulnerability	VCID-858t-sgz7-j3ey

vulnerability	VCID-bmuh-qc4u-mffu

vulnerability	VCID-fzbm-j2tx-fqac

vulnerability	VCID-nvya-ncuk-w7de

vulnerability	VCID-pwvp-y9g3-6bd2

vulnerability	VCID-s3rd-3y77-z3f8

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/docker.io@20.10.24%252Bdfsg1-1%252Bdeb12u1%3Fdistro=trixie

url pkg:deb/debian/docker.io@26.1.5%2Bdfsg1-9?distro=trixie

purl pkg:deb/debian/docker.io@26.1.5%2Bdfsg1-9?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-nvya-ncuk-w7de

vulnerability	VCID-pwvp-y9g3-6bd2

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/docker.io@26.1.5%252Bdfsg1-9%3Fdistro=trixie

url	pkg:deb/debian/docker.io@28.5.2%2Bdfsg4-2?distro=trixie
purl	pkg:deb/debian/docker.io@28.5.2%2Bdfsg4-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/docker.io@28.5.2%252Bdfsg4-2%3Fdistro=trixie

url	pkg:deb/debian/golang-github-vbatts-tar-split@0.10.2-1?distro=trixie
purl	pkg:deb/debian/golang-github-vbatts-tar-split@0.10.2-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-github-vbatts-tar-split@0.10.2-1%3Fdistro=trixie

url	pkg:deb/debian/golang-github-vbatts-tar-split@0.11.1-2?distro=trixie
purl	pkg:deb/debian/golang-github-vbatts-tar-split@0.11.1-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-github-vbatts-tar-split@0.11.1-2%3Fdistro=trixie

url	pkg:deb/debian/golang-github-vbatts-tar-split@0.11.2%2Bds1-1?distro=trixie
purl	pkg:deb/debian/golang-github-vbatts-tar-split@0.11.2%2Bds1-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-github-vbatts-tar-split@0.11.2%252Bds1-1%3Fdistro=trixie

url	pkg:deb/debian/golang-github-vbatts-tar-split@0.11.6-1?distro=trixie
purl	pkg:deb/debian/golang-github-vbatts-tar-split@0.11.6-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-github-vbatts-tar-split@0.11.6-1%3Fdistro=trixie

url	pkg:golang/github.com/vbatts/tar-split@0.10.2
purl	pkg:golang/github.com/vbatts/tar-split@0.10.2
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:golang/github.com/vbatts/tar-split@0.10.2

Affected_packages

References

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-14992.json

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-14992.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2017-14992

reference_id

reference_type

scores

value	0.0042
scoring_system	epss
scoring_elements	0.62361
published_at	2026-06-11T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2017-14992

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14992
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14992

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	4.9
scoring_system	cvssv2
scoring_elements	AV:L/AC:L/Au:N/C:N/I:N/A:C

value	6.2
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

https://github.com/moby/moby/issues/35075

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/moby/moby/issues/35075

reference_url

https://github.com/vbatts/tar-split

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/vbatts/tar-split

reference_url

https://github.com/vbatts/tar-split/pull/42

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/vbatts/tar-split/pull/42

reference_url

https://github.com/vbatts/tar-split/releases/tag/v0.10.2

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/vbatts/tar-split/releases/tag/v0.10.2

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2017-14992

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2017-14992

reference_url

https://web.archive.org/web/20171119174639/https://blog.cloudpassage.com/2017/10/13/discovering-docker-cve-2017-14992

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://web.archive.org/web/20171119174639/https://blog.cloudpassage.com/2017/10/13/discovering-docker-cve-2017-14992

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1510348
reference_id	1510348
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1510348

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=908055
reference_id	908055
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=908055

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=908056
reference_id	908056
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=908056

Weaknesses

cwe_id	20
name	Improper Input Validation
description	The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

cwe_id	770
name	Allocation of Resources Without Limits or Throttling
description	The product allocates a reusable resource or group of resources on behalf of an actor without imposing any restrictions on the size or number of resources that can be allocated, in violation of the intended security policy for that actor.

Exploits

Severity_range_score 4.0 - 7.5

Exploitability null

Weighted_severity null

Risk_score null

Resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-q3c4-ra65-dbcv

Vulnerability Instance