Django REST framework

Vulnerability Instance

Lookup for vulnerabilities affecting packages.

Vulnerability_idVCID-vgg2-vymx-b3fe
SummaryMultiple vulnerabilities have been discovered in Perl, the worst of which can lead to arbitrary code execution.
Aliases
0
alias CVE-2023-31486
Fixed_packages
0
url pkg:deb/debian/libhttp-tiny-perl@0.088-1?distro=trixie
purl pkg:deb/debian/libhttp-tiny-perl@0.088-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libhttp-tiny-perl@0.088-1%3Fdistro=trixie
1
url pkg:deb/debian/libhttp-tiny-perl@0.090-1
purl pkg:deb/debian/libhttp-tiny-perl@0.090-1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-etjn-tm4a-cbb7
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libhttp-tiny-perl@0.090-1
2
url pkg:deb/debian/libhttp-tiny-perl@0.090-1?distro=trixie
purl pkg:deb/debian/libhttp-tiny-perl@0.090-1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-etjn-tm4a-cbb7
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libhttp-tiny-perl@0.090-1%3Fdistro=trixie
3
url pkg:deb/debian/libhttp-tiny-perl@0.092-1?distro=trixie
purl pkg:deb/debian/libhttp-tiny-perl@0.092-1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-etjn-tm4a-cbb7
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libhttp-tiny-perl@0.092-1%3Fdistro=trixie
4
url pkg:deb/debian/libhttp-tiny-perl@0.092-2?distro=trixie
purl pkg:deb/debian/libhttp-tiny-perl@0.092-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libhttp-tiny-perl@0.092-2%3Fdistro=trixie
5
url pkg:deb/debian/perl@5.38.2-2?distro=trixie
purl pkg:deb/debian/perl@5.38.2-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/perl@5.38.2-2%3Fdistro=trixie
6
url pkg:deb/debian/perl@5.40.1-6
purl pkg:deb/debian/perl@5.40.1-6
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/perl@5.40.1-6
7
url pkg:deb/debian/perl@5.40.1-6?distro=trixie
purl pkg:deb/debian/perl@5.40.1-6?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/perl@5.40.1-6%3Fdistro=trixie
8
url pkg:deb/debian/perl@5.40.1-7?distro=trixie
purl pkg:deb/debian/perl@5.40.1-7?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/perl@5.40.1-7%3Fdistro=trixie
9
url pkg:ebuild/dev-lang/perl@5.38.2
purl pkg:ebuild/dev-lang/perl@5.38.2
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-lang/perl@5.38.2
Affected_packages
0
url pkg:deb/debian/libhttp-tiny-perl@0.082-2
purl pkg:deb/debian/libhttp-tiny-perl@0.082-2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-etjn-tm4a-cbb7
1
vulnerability VCID-vgg2-vymx-b3fe
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libhttp-tiny-perl@0.082-2
1
url pkg:deb/debian/libhttp-tiny-perl@0.082-2?distro=trixie
purl pkg:deb/debian/libhttp-tiny-perl@0.082-2?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-etjn-tm4a-cbb7
1
vulnerability VCID-vgg2-vymx-b3fe
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libhttp-tiny-perl@0.082-2%3Fdistro=trixie
2
url pkg:deb/debian/perl@5.32.1-4%2Bdeb11u3?distro=trixie
purl pkg:deb/debian/perl@5.32.1-4%2Bdeb11u3?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-r3y5-1dk2-pyfc
1
vulnerability VCID-vgg2-vymx-b3fe
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/perl@5.32.1-4%252Bdeb11u3%3Fdistro=trixie
3
url pkg:deb/debian/perl@5.32.1-4%2Bdeb11u3
purl pkg:deb/debian/perl@5.32.1-4%2Bdeb11u3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-kcy1-7ny3-sufc
1
vulnerability VCID-r3y5-1dk2-pyfc
2
vulnerability VCID-vdc9-td4x-qkek
3
vulnerability VCID-vgg2-vymx-b3fe
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/perl@5.32.1-4%252Bdeb11u3
4
url pkg:deb/debian/perl@5.36.0-7%2Bdeb12u3
purl pkg:deb/debian/perl@5.36.0-7%2Bdeb12u3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-vgg2-vymx-b3fe
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/perl@5.36.0-7%252Bdeb12u3
5
url pkg:deb/debian/perl@5.36.0-7%2Bdeb12u3?distro=trixie
purl pkg:deb/debian/perl@5.36.0-7%2Bdeb12u3?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-vgg2-vymx-b3fe
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/perl@5.36.0-7%252Bdeb12u3%3Fdistro=trixie
6
url pkg:rpm/redhat/perl-HTTP-Tiny@0.074-1.el8_6?arch=1
purl pkg:rpm/redhat/perl-HTTP-Tiny@0.074-1.el8_6?arch=1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-vgg2-vymx-b3fe
resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/perl-HTTP-Tiny@0.074-1.el8_6%3Farch=1
7
url pkg:rpm/redhat/perl-HTTP-Tiny@0.074-1.el8_8?arch=2
purl pkg:rpm/redhat/perl-HTTP-Tiny@0.074-1.el8_8?arch=2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-vgg2-vymx-b3fe
resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/perl-HTTP-Tiny@0.074-1.el8_8%3Farch=2
8
url pkg:rpm/redhat/perl-HTTP-Tiny@0.074-2?arch=el8
purl pkg:rpm/redhat/perl-HTTP-Tiny@0.074-2?arch=el8
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-vgg2-vymx-b3fe
resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/perl-HTTP-Tiny@0.074-2%3Farch=el8
9
url pkg:rpm/redhat/perl-HTTP-Tiny@0.076-461?arch=el9_2
purl pkg:rpm/redhat/perl-HTTP-Tiny@0.076-461?arch=el9_2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-vgg2-vymx-b3fe
resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/perl-HTTP-Tiny@0.076-461%3Farch=el9_2
10
url pkg:rpm/redhat/perl-HTTP-Tiny@0.076-461?arch=el9
purl pkg:rpm/redhat/perl-HTTP-Tiny@0.076-461?arch=el9
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-vgg2-vymx-b3fe
resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/perl-HTTP-Tiny@0.076-461%3Farch=el9
11
url pkg:rpm/redhat/perl-main@1.03-524.1?arch=hum1
purl pkg:rpm/redhat/perl-main@1.03-524.1?arch=hum1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-a1cw-hg74-v3c3
1
vulnerability VCID-efz8-y2qe-dkgj
2
vulnerability VCID-fcg3-35wj-1bbm
3
vulnerability VCID-kcy1-7ny3-sufc
4
vulnerability VCID-kw8t-k4h2-cbcd
5
vulnerability VCID-p9gy-p1x1-ayfw
6
vulnerability VCID-tkh2-ctmb-q7fm
7
vulnerability VCID-vbkg-c84e-g3dx
8
vulnerability VCID-vgg2-vymx-b3fe
resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/perl-main@1.03-524.1%3Farch=hum1
References
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-31486.json
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-31486.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2023-31486
reference_id
reference_type
scores
0
value 0.00598
scoring_system epss
scoring_elements 0.69337
published_at 2026-04-02T12:55:00Z
1
value 0.00598
scoring_system epss
scoring_elements 0.69354
published_at 2026-04-04T12:55:00Z
2
value 0.00598
scoring_system epss
scoring_elements 0.69425
published_at 2026-04-21T12:55:00Z
3
value 0.00598
scoring_system epss
scoring_elements 0.69443
published_at 2026-04-18T12:55:00Z
4
value 0.00598
scoring_system epss
scoring_elements 0.69433
published_at 2026-04-16T12:55:00Z
5
value 0.00598
scoring_system epss
scoring_elements 0.69394
published_at 2026-04-13T12:55:00Z
6
value 0.00598
scoring_system epss
scoring_elements 0.69408
published_at 2026-04-12T12:55:00Z
7
value 0.00598
scoring_system epss
scoring_elements 0.69423
published_at 2026-04-11T12:55:00Z
8
value 0.00598
scoring_system epss
scoring_elements 0.69401
published_at 2026-04-09T12:55:00Z
9
value 0.00598
scoring_system epss
scoring_elements 0.69384
published_at 2026-04-08T12:55:00Z
10
value 0.00598
scoring_system epss
scoring_elements 0.69334
published_at 2026-04-07T12:55:00Z
11
value 0.00598
scoring_system epss
scoring_elements 0.69489
published_at 2026-04-29T12:55:00Z
12
value 0.00598
scoring_system epss
scoring_elements 0.69484
published_at 2026-04-26T12:55:00Z
13
value 0.00598
scoring_system epss
scoring_elements 0.69477
published_at 2026-04-24T12:55:00Z
14
value 0.00661
scoring_system epss
scoring_elements 0.71215
published_at 2026-05-05T12:55:00Z
15
value 0.00661
scoring_system epss
scoring_elements 0.71333
published_at 2026-05-14T12:55:00Z
16
value 0.00661
scoring_system epss
scoring_elements 0.71277
published_at 2026-05-12T12:55:00Z
17
value 0.00661
scoring_system epss
scoring_elements 0.7125
published_at 2026-05-11T12:55:00Z
18
value 0.00661
scoring_system epss
scoring_elements 0.71287
published_at 2026-05-09T12:55:00Z
19
value 0.00661
scoring_system epss
scoring_elements 0.71253
published_at 2026-05-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2023-31486
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-31486
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-31486
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url http://www.openwall.com/lists/oss-security/2023/04/29/1
reference_id 1
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-01-30T19:18:03Z/
url http://www.openwall.com/lists/oss-security/2023/04/29/1
5
reference_url https://www.openwall.com/lists/oss-security/2023/04/18/14
reference_id 14
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-01-30T19:18:03Z/
url https://www.openwall.com/lists/oss-security/2023/04/18/14
6
reference_url https://github.com/chansen/p5-http-tiny/pull/153
reference_id 153
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-01-30T19:18:03Z/
url https://github.com/chansen/p5-http-tiny/pull/153
7
reference_url http://www.openwall.com/lists/oss-security/2023/05/07/2
reference_id 2
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-01-30T19:18:03Z/
url http://www.openwall.com/lists/oss-security/2023/05/07/2
8
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2228392
reference_id 2228392
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2228392
9
reference_url http://www.openwall.com/lists/oss-security/2023/05/03/3
reference_id 3
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-01-30T19:18:03Z/
url http://www.openwall.com/lists/oss-security/2023/05/03/3
10
reference_url https://www.openwall.com/lists/oss-security/2023/05/03/4
reference_id 4
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-01-30T19:18:03Z/
url https://www.openwall.com/lists/oss-security/2023/05/03/4
11
reference_url http://www.openwall.com/lists/oss-security/2023/05/03/5
reference_id 5
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-01-30T19:18:03Z/
url http://www.openwall.com/lists/oss-security/2023/05/03/5
12
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=954089
reference_id 954089
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=954089
13
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=962407
reference_id 962407
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=962407
14
reference_url https://hackeriet.github.io/cpan-http-tiny-overview/
reference_id cpan-http-tiny-overview
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-01-30T19:18:03Z/
url https://hackeriet.github.io/cpan-http-tiny-overview/
15
reference_url https://security.gentoo.org/glsa/202411-09
reference_id GLSA-202411-09
reference_type
scores
url https://security.gentoo.org/glsa/202411-09
16
reference_url https://blog.hackeriet.no/perl-http-tiny-insecure-tls-default-affects-cpan-modules/
reference_id perl-http-tiny-insecure-tls-default-affects-cpan-modules
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-01-30T19:18:03Z/
url https://blog.hackeriet.no/perl-http-tiny-insecure-tls-default-affects-cpan-modules/
17
reference_url https://www.reddit.com/r/perl/comments/111tadi/psa_httptiny_disabled_ssl_verification_by_default/
reference_id psa_httptiny_disabled_ssl_verification_by_default
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-01-30T19:18:03Z/
url https://www.reddit.com/r/perl/comments/111tadi/psa_httptiny_disabled_ssl_verification_by_default/
18
reference_url https://access.redhat.com/errata/RHSA-2023:6542
reference_id RHSA-2023:6542
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:6542
19
reference_url https://access.redhat.com/errata/RHSA-2023:7174
reference_id RHSA-2023:7174
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:7174
20
reference_url https://access.redhat.com/errata/RHSA-2024:0422
reference_id RHSA-2024:0422
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:0422
21
reference_url https://access.redhat.com/errata/RHSA-2024:0579
reference_id RHSA-2024:0579
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:0579
22
reference_url https://access.redhat.com/errata/RHSA-2024:4430
reference_id RHSA-2024:4430
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:4430
23
reference_url https://access.redhat.com/errata/RHSA-2026:7604
reference_id RHSA-2026:7604
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7604
Weaknesses
0
cwe_id 1188
name Initialization of a Resource with an Insecure Default
description The product initializes or sets a resource with a default that is intended to be changed by the administrator, but the default is not secure.
Exploits
Severity_range_score7.4 - 8.1
Exploitability0.5
Weighted_severity7.3
Risk_score3.6
Resource_urlhttp://public2.vulnerablecode.io/vulnerabilities/VCID-vgg2-vymx-b3fe