Django REST framework

Lookup for vulnerabilities affecting packages.

Vulnerability_id VCID-4rax-tybh-tye2

Summary

Aliases

alias	CVE-2026-6042

Fixed_packages

url	pkg:apk/alpine/musl@1.2.5-r2?arch=aarch64&distroversion=v3.20&reponame=main
purl	pkg:apk/alpine/musl@1.2.5-r2?arch=aarch64&distroversion=v3.20&reponame=main
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/musl@1.2.5-r2%3Farch=aarch64&distroversion=v3.20&reponame=main

url	pkg:apk/alpine/musl@1.2.5-r2?arch=armhf&distroversion=v3.20&reponame=main
purl	pkg:apk/alpine/musl@1.2.5-r2?arch=armhf&distroversion=v3.20&reponame=main
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/musl@1.2.5-r2%3Farch=armhf&distroversion=v3.20&reponame=main

url	pkg:apk/alpine/musl@1.2.5-r2?arch=armv7&distroversion=v3.20&reponame=main
purl	pkg:apk/alpine/musl@1.2.5-r2?arch=armv7&distroversion=v3.20&reponame=main
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/musl@1.2.5-r2%3Farch=armv7&distroversion=v3.20&reponame=main

url	pkg:apk/alpine/musl@1.2.5-r2?arch=ppc64le&distroversion=v3.20&reponame=main
purl	pkg:apk/alpine/musl@1.2.5-r2?arch=ppc64le&distroversion=v3.20&reponame=main
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/musl@1.2.5-r2%3Farch=ppc64le&distroversion=v3.20&reponame=main

url	pkg:apk/alpine/musl@1.2.5-r2?arch=riscv64&distroversion=v3.20&reponame=main
purl	pkg:apk/alpine/musl@1.2.5-r2?arch=riscv64&distroversion=v3.20&reponame=main
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/musl@1.2.5-r2%3Farch=riscv64&distroversion=v3.20&reponame=main

url	pkg:apk/alpine/musl@1.2.5-r2?arch=s390x&distroversion=v3.20&reponame=main
purl	pkg:apk/alpine/musl@1.2.5-r2?arch=s390x&distroversion=v3.20&reponame=main
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/musl@1.2.5-r2%3Farch=s390x&distroversion=v3.20&reponame=main

url	pkg:apk/alpine/musl@1.2.5-r2?arch=x86_64&distroversion=v3.20&reponame=main
purl	pkg:apk/alpine/musl@1.2.5-r2?arch=x86_64&distroversion=v3.20&reponame=main
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/musl@1.2.5-r2%3Farch=x86_64&distroversion=v3.20&reponame=main

url	pkg:apk/alpine/musl@1.2.5-r2?arch=x86&distroversion=v3.20&reponame=main
purl	pkg:apk/alpine/musl@1.2.5-r2?arch=x86&distroversion=v3.20&reponame=main
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/musl@1.2.5-r2%3Farch=x86&distroversion=v3.20&reponame=main

url	pkg:apk/alpine/musl@1.2.6-r1?arch=aarch64&distroversion=edge&reponame=main
purl	pkg:apk/alpine/musl@1.2.6-r1?arch=aarch64&distroversion=edge&reponame=main
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/musl@1.2.6-r1%3Farch=aarch64&distroversion=edge&reponame=main

url	pkg:apk/alpine/musl@1.2.6-r1?arch=armhf&distroversion=edge&reponame=main
purl	pkg:apk/alpine/musl@1.2.6-r1?arch=armhf&distroversion=edge&reponame=main
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/musl@1.2.6-r1%3Farch=armhf&distroversion=edge&reponame=main

url	pkg:apk/alpine/musl@1.2.6-r1?arch=armv7&distroversion=edge&reponame=main
purl	pkg:apk/alpine/musl@1.2.6-r1?arch=armv7&distroversion=edge&reponame=main
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/musl@1.2.6-r1%3Farch=armv7&distroversion=edge&reponame=main

url	pkg:apk/alpine/musl@1.2.6-r1?arch=loongarch64&distroversion=edge&reponame=main
purl	pkg:apk/alpine/musl@1.2.6-r1?arch=loongarch64&distroversion=edge&reponame=main
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/musl@1.2.6-r1%3Farch=loongarch64&distroversion=edge&reponame=main

url	pkg:apk/alpine/musl@1.2.6-r1?arch=ppc64le&distroversion=edge&reponame=main
purl	pkg:apk/alpine/musl@1.2.6-r1?arch=ppc64le&distroversion=edge&reponame=main
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/musl@1.2.6-r1%3Farch=ppc64le&distroversion=edge&reponame=main

url	pkg:apk/alpine/musl@1.2.6-r1?arch=riscv64&distroversion=edge&reponame=main
purl	pkg:apk/alpine/musl@1.2.6-r1?arch=riscv64&distroversion=edge&reponame=main
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/musl@1.2.6-r1%3Farch=riscv64&distroversion=edge&reponame=main

url	pkg:apk/alpine/musl@1.2.6-r1?arch=s390x&distroversion=edge&reponame=main
purl	pkg:apk/alpine/musl@1.2.6-r1?arch=s390x&distroversion=edge&reponame=main
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/musl@1.2.6-r1%3Farch=s390x&distroversion=edge&reponame=main

url	pkg:apk/alpine/musl@1.2.6-r1?arch=x86_64&distroversion=edge&reponame=main
purl	pkg:apk/alpine/musl@1.2.6-r1?arch=x86_64&distroversion=edge&reponame=main
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/musl@1.2.6-r1%3Farch=x86_64&distroversion=edge&reponame=main

url	pkg:apk/alpine/musl@1.2.6-r1?arch=x86&distroversion=edge&reponame=main
purl	pkg:apk/alpine/musl@1.2.6-r1?arch=x86&distroversion=edge&reponame=main
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/musl@1.2.6-r1%3Farch=x86&distroversion=edge&reponame=main

url	pkg:deb/debian/musl@1.2.5-3
purl	pkg:deb/debian/musl@1.2.5-3
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/musl@1.2.5-3

url	pkg:deb/debian/musl@1.2.5-3.1~deb13u1?distro=trixie
purl	pkg:deb/debian/musl@1.2.5-3.1~deb13u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/musl@1.2.5-3.1~deb13u1%3Fdistro=trixie

url	pkg:deb/debian/musl@1.2.5-3.1?distro=trixie
purl	pkg:deb/debian/musl@1.2.5-3.1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/musl@1.2.5-3.1%3Fdistro=trixie

url	pkg:deb/debian/musl@1.2.6-1?distro=trixie
purl	pkg:deb/debian/musl@1.2.6-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/musl@1.2.6-1%3Fdistro=trixie

Affected_packages

url pkg:deb/debian/musl@1.2.2-1

purl pkg:deb/debian/musl@1.2.2-1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-4rax-tybh-tye2

vulnerability	VCID-4vec-bd6s-sbg1

vulnerability	VCID-c6wy-mrvt-nqgw

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/musl@1.2.2-1

url pkg:deb/debian/musl@1.2.3-1

purl pkg:deb/debian/musl@1.2.3-1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-4rax-tybh-tye2

vulnerability	VCID-4vec-bd6s-sbg1

vulnerability	VCID-c6wy-mrvt-nqgw

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/musl@1.2.3-1

url pkg:deb/debian/musl@1.2.2-1?distro=trixie

purl pkg:deb/debian/musl@1.2.2-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-4rax-tybh-tye2

vulnerability	VCID-4vec-bd6s-sbg1

vulnerability	VCID-c6wy-mrvt-nqgw

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/musl@1.2.2-1%3Fdistro=trixie

url pkg:deb/debian/musl@1.2.3-1?distro=trixie

purl pkg:deb/debian/musl@1.2.3-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-4rax-tybh-tye2

vulnerability	VCID-4vec-bd6s-sbg1

vulnerability	VCID-c6wy-mrvt-nqgw

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/musl@1.2.3-1%3Fdistro=trixie

References

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-6042.json

reference_id

reference_type

scores

value	5.5
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-6042.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2026-6042

reference_id

reference_type

scores

value	7e-05
scoring_system	epss
scoring_elements	0.00498
published_at	2026-05-30T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2026-6042

reference_url

https://www.openwall.com/lists/oss-security/2026/04/02/10

reference_id

reference_type

scores

value	1.7
scoring_system	cvssv2
scoring_elements	AV:L/AC:L/Au:S/C:N/I:N/A:P/E:ND/RL:OF/RC:C

value	3.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L/E:X/RL:O/RC:C

value	3.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L/E:X/RL:O/RC:C

value	4.8
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:X

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-10T15:44:05Z/

url

https://www.openwall.com/lists/oss-security/2026/04/02/10

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1133372
reference_id	1133372
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1133372

reference_url

https://www.openwall.com/lists/oss-security/2026/04/03/2

reference_id

reference_type

scores

value	1.7
scoring_system	cvssv2
scoring_elements	AV:L/AC:L/Au:S/C:N/I:N/A:P/E:ND/RL:OF/RC:C

value	3.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L/E:X/RL:O/RC:C

value	3.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L/E:X/RL:O/RC:C

value	4.8
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:X

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-10T15:44:05Z/

url

https://www.openwall.com/lists/oss-security/2026/04/03/2

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2457266
reference_id	2457266
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2457266

reference_url

https://vuldb.com/vuln/356620

reference_id

356620

reference_type

scores

value	1.7
scoring_system	cvssv2
scoring_elements	AV:L/AC:L/Au:S/C:N/I:N/A:P/E:ND/RL:OF/RC:C

value	3.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L/E:X/RL:O/RC:C

value	3.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L/E:X/RL:O/RC:C

value	4.8
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:X

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-10T15:44:05Z/

url

https://vuldb.com/vuln/356620

reference_url

https://vuldb.com/submit/796352

reference_id

796352

reference_type

scores

value	1.7
scoring_system	cvssv2
scoring_elements	AV:L/AC:L/Au:S/C:N/I:N/A:P/E:ND/RL:OF/RC:C

value	3.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L/E:X/RL:O/RC:C

value	3.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L/E:X/RL:O/RC:C

value	4.8
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:X

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-10T15:44:05Z/

url

https://vuldb.com/submit/796352

reference_url

https://vuldb.com/vuln/356620/cti

reference_id

cti

reference_type

scores

value	1.7
scoring_system	cvssv2
scoring_elements	AV:L/AC:L/Au:S/C:N/I:N/A:P/E:ND/RL:OF/RC:C

value	3.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L/E:X/RL:O/RC:C

value	3.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L/E:X/RL:O/RC:C

value	4.8
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:X

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-10T15:44:05Z/

url

https://vuldb.com/vuln/356620/cti

Weaknesses

cwe_id	1050
name	Excessive Platform Resource Consumption within a Loop
description	The product has a loop body or loop condition that contains a control element that directly or indirectly consumes platform resources, e.g. messaging, sessions, locks, or file descriptors.

cwe_id	404
name	Improper Resource Shutdown or Release
description	The product does not release or incorrectly releases a resource before it is made available for re-use.

cwe_id	407
name	Inefficient Algorithmic Complexity
description	An algorithm in a product has an inefficient worst-case computational complexity that may be detrimental to system performance and can be triggered by an attacker, typically using crafted manipulations that ensure that the worst case is being reached.

Exploits

Severity_range_score 1.7 - 5.5

Exploitability null

Weighted_severity null

Risk_score null

Resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-4rax-tybh-tye2

Vulnerability Instance