Django REST framework

Vulnerability Instance

Lookup for vulnerabilities affecting packages.

Vulnerability_idVCID-ytmc-t4we-y7gr
Summary389-ds-base before version 1.3.6 is vulnerable to an improperly NULL terminated array in the uniqueness_entry_to_config() function in the "attribute uniqueness" plugin of 389 Directory Server. An authenticated, or possibly unauthenticated, attacker could use this flaw to force an out-of-bound heap memory read, possibly triggering a crash of the LDAP service.
Aliases
0
alias CVE-2017-2591
Fixed_packages
0
url pkg:deb/debian/389-ds-base@1.3.5.15-2?distro=trixie
purl pkg:deb/debian/389-ds-base@1.3.5.15-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/389-ds-base@1.3.5.15-2%3Fdistro=trixie
1
url pkg:deb/debian/389-ds-base@1.3.5.17-2
purl pkg:deb/debian/389-ds-base@1.3.5.17-2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1ncv-1mvn-3ua2
1
vulnerability VCID-3182-86wa-ffgn
2
vulnerability VCID-4gwa-5ha9-2yep
3
vulnerability VCID-6668-ae1t-43bn
4
vulnerability VCID-7k3x-hspm-2bh1
5
vulnerability VCID-8d2y-q7qm-ukba
6
vulnerability VCID-f4xw-eaee-tbaf
7
vulnerability VCID-fe6s-f2sw-tbdb
8
vulnerability VCID-kgfj-ur5s-97hd
9
vulnerability VCID-kyw9-xd61-effu
10
vulnerability VCID-pqup-v2we-kqat
11
vulnerability VCID-sfpm-3ead-t7ds
12
vulnerability VCID-svne-c12c-hucb
13
vulnerability VCID-sz1r-ts2d-uqam
14
vulnerability VCID-ta8n-wu4n-qqfq
15
vulnerability VCID-tjhk-xzr6-p7dx
16
vulnerability VCID-twz6-mtum-qbck
17
vulnerability VCID-uz8q-6ydj-x3cu
18
vulnerability VCID-v1ut-bxzt-kqet
19
vulnerability VCID-v94q-q9gt-zkcq
20
vulnerability VCID-wvqp-u8kz-8bd4
21
vulnerability VCID-xryf-2vae-j7gk
22
vulnerability VCID-xv3p-gza9-4bcg
23
vulnerability VCID-znf9-cydr-nqbm
24
vulnerability VCID-zrba-h7st-jbgz
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/389-ds-base@1.3.5.17-2
2
url pkg:deb/debian/389-ds-base@1.4.4.11-2?distro=trixie
purl pkg:deb/debian/389-ds-base@1.4.4.11-2?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-5mdk-bqm7-mkeu
1
vulnerability VCID-7dna-4mcn-jqd5
2
vulnerability VCID-ft29-jr9j-jbbm
3
vulnerability VCID-k27f-tsq5-73fn
4
vulnerability VCID-ud9m-jz3k-bfhm
5
vulnerability VCID-vadc-mdbp-q3g9
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/389-ds-base@1.4.4.11-2%3Fdistro=trixie
3
url pkg:deb/debian/389-ds-base@2.3.1%2Bdfsg1-1%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/389-ds-base@2.3.1%2Bdfsg1-1%2Bdeb12u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-5mdk-bqm7-mkeu
1
vulnerability VCID-7dna-4mcn-jqd5
2
vulnerability VCID-ft29-jr9j-jbbm
3
vulnerability VCID-k27f-tsq5-73fn
4
vulnerability VCID-ud9m-jz3k-bfhm
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/389-ds-base@2.3.1%252Bdfsg1-1%252Bdeb12u1%3Fdistro=trixie
4
url pkg:deb/debian/389-ds-base@3.1.2%2Bdfsg1-1%2Bdeb13u1?distro=trixie
purl pkg:deb/debian/389-ds-base@3.1.2%2Bdfsg1-1%2Bdeb13u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/389-ds-base@3.1.2%252Bdfsg1-1%252Bdeb13u1%3Fdistro=trixie
5
url pkg:deb/debian/389-ds-base@3.1.2%2Bvendor1-2?distro=trixie
purl pkg:deb/debian/389-ds-base@3.1.2%2Bvendor1-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/389-ds-base@3.1.2%252Bvendor1-2%3Fdistro=trixie
Affected_packages
0
url pkg:deb/debian/389-ds-base@1.3.3.5-4
purl pkg:deb/debian/389-ds-base@1.3.3.5-4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1ncv-1mvn-3ua2
1
vulnerability VCID-3182-86wa-ffgn
2
vulnerability VCID-4gwa-5ha9-2yep
3
vulnerability VCID-6668-ae1t-43bn
4
vulnerability VCID-7k3x-hspm-2bh1
5
vulnerability VCID-8d2y-q7qm-ukba
6
vulnerability VCID-92hm-bx5r-2kb5
7
vulnerability VCID-cuaw-efm3-5kb6
8
vulnerability VCID-f4xw-eaee-tbaf
9
vulnerability VCID-fe6s-f2sw-tbdb
10
vulnerability VCID-kgfj-ur5s-97hd
11
vulnerability VCID-kyw9-xd61-effu
12
vulnerability VCID-m9ab-q9cx-suhk
13
vulnerability VCID-pqup-v2we-kqat
14
vulnerability VCID-qybp-25x7-6fak
15
vulnerability VCID-sfpm-3ead-t7ds
16
vulnerability VCID-svne-c12c-hucb
17
vulnerability VCID-sz1r-ts2d-uqam
18
vulnerability VCID-ta8n-wu4n-qqfq
19
vulnerability VCID-tjhk-xzr6-p7dx
20
vulnerability VCID-twz6-mtum-qbck
21
vulnerability VCID-u5q1-nkup-f7ga
22
vulnerability VCID-uz8q-6ydj-x3cu
23
vulnerability VCID-v1ut-bxzt-kqet
24
vulnerability VCID-v94q-q9gt-zkcq
25
vulnerability VCID-wvqp-u8kz-8bd4
26
vulnerability VCID-xryf-2vae-j7gk
27
vulnerability VCID-xv3p-gza9-4bcg
28
vulnerability VCID-yrgr-fu6h-ykh9
29
vulnerability VCID-ytmc-t4we-y7gr
30
vulnerability VCID-znf9-cydr-nqbm
31
vulnerability VCID-zrba-h7st-jbgz
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/389-ds-base@1.3.3.5-4
References
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-2591.json
reference_id
reference_type
scores
0
value 3.7
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-2591.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2017-2591
reference_id
reference_type
scores
0
value 0.02774
scoring_system epss
scoring_elements 0.86321
published_at 2026-06-04T12:55:00Z
1
value 0.02774
scoring_system epss
scoring_elements 0.86343
published_at 2026-06-05T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2017-2591
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-2591
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-2591
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 2.6
scoring_system cvssv2
scoring_elements AV:N/AC:H/Au:N/C:N/I:N/A:P
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1381481
reference_id 1381481
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1381481
5
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=851769
reference_id 851769
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=851769
Weaknesses
0
cwe_id 122
name Heap-based Buffer Overflow
description A heap overflow condition is a buffer overflow, where the buffer that can be overwritten is allocated in the heap portion of memory, generally meaning that the buffer was allocated using a routine such as malloc().
Exploits
Severity_range_score2.6 - 3.7
Exploitability0.5
Weighted_severity3.3
Risk_score1.6
Resource_urlhttp://public2.vulnerablecode.io/vulnerabilities/VCID-ytmc-t4we-y7gr