Django REST framework

Vulnerability Instance

Lookup for vulnerabilities affecting packages.

Vulnerability_idVCID-ab8v-3vdh-a7gy
SummaryA flaw was found in avahi 0.8-5. A reachable assertion is present in avahi_s_host_name_resolver_start function allowing a local attacker to crash the avahi service by requesting hostname resolutions through the avahi socket or dbus methods for invalid hostnames. The highest threat from this vulnerability is to the service availability.
Aliases
0
alias CVE-2021-3502
Fixed_packages
0
url pkg:alpm/archlinux/avahi@0.8%2B22%2Bgfd482a7-1
purl pkg:alpm/archlinux/avahi@0.8%2B22%2Bgfd482a7-1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/avahi@0.8%252B22%252Bgfd482a7-1
1
url pkg:deb/debian/avahi@0.8-5%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/avahi@0.8-5%2Bdeb11u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/avahi@0.8-5%252Bdeb11u1%3Fdistro=trixie
2
url pkg:deb/debian/avahi@0.8-5%2Bdeb11u2?distro=trixie
purl pkg:deb/debian/avahi@0.8-5%2Bdeb11u2?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-be9g-jekm-hqe7
1
vulnerability VCID-ehnk-9bpb-a3bn
2
vulnerability VCID-v97n-z9h3-xyfs
3
vulnerability VCID-wztc-a3ye-cbfe
4
vulnerability VCID-xc4g-yv34-8fbv
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/avahi@0.8-5%252Bdeb11u2%3Fdistro=trixie
3
url pkg:deb/debian/avahi@0.8-6?distro=trixie
purl pkg:deb/debian/avahi@0.8-6?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/avahi@0.8-6%3Fdistro=trixie
4
url pkg:deb/debian/avahi@0.8-10%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/avahi@0.8-10%2Bdeb12u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-be9g-jekm-hqe7
1
vulnerability VCID-ehnk-9bpb-a3bn
2
vulnerability VCID-v97n-z9h3-xyfs
3
vulnerability VCID-wztc-a3ye-cbfe
4
vulnerability VCID-xc4g-yv34-8fbv
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/avahi@0.8-10%252Bdeb12u1%3Fdistro=trixie
5
url pkg:deb/debian/avahi@0.8-16?distro=trixie
purl pkg:deb/debian/avahi@0.8-16?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-be9g-jekm-hqe7
1
vulnerability VCID-ehnk-9bpb-a3bn
2
vulnerability VCID-v97n-z9h3-xyfs
3
vulnerability VCID-wztc-a3ye-cbfe
4
vulnerability VCID-xc4g-yv34-8fbv
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/avahi@0.8-16%3Fdistro=trixie
6
url pkg:deb/debian/avahi@0.8-18?distro=trixie
purl pkg:deb/debian/avahi@0.8-18?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/avahi@0.8-18%3Fdistro=trixie
Affected_packages
0
url pkg:alpm/archlinux/avahi@0.8%2B20%2Bgd1e71b3-1
purl pkg:alpm/archlinux/avahi@0.8%2B20%2Bgd1e71b3-1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-ab8v-3vdh-a7gy
resource_url http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/avahi@0.8%252B20%252Bgd1e71b3-1
1
url pkg:rpm/redhat/avahi@0.8-15?arch=el9
purl pkg:rpm/redhat/avahi@0.8-15?arch=el9
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-ab8v-3vdh-a7gy
1
vulnerability VCID-nac4-671z-pygr
2
vulnerability VCID-w3pq-ah78-3qec
resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/avahi@0.8-15%3Farch=el9
References
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3502.json
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3502.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-3502
reference_id
reference_type
scores
0
value 0.00032
scoring_system epss
scoring_elements 0.09631
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-3502
2
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1946914
reference_id 1946914
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1946914
3
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=986018
reference_id 986018
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=986018
4
reference_url https://security.archlinux.org/AVG-2341
reference_id AVG-2341
reference_type
scores
0
value Low
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-2341
5
reference_url https://access.redhat.com/errata/RHSA-2023:6707
reference_id RHSA-2023:6707
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:6707
Weaknesses
0
cwe_id 617
name Reachable Assertion
description The product contains an assert() or similar statement that can be triggered by an attacker, which leads to an application exit or other behavior that is more severe than necessary.
1
cwe_id 476
name NULL Pointer Dereference
description A NULL pointer dereference occurs when the application dereferences a pointer that it expects to be valid, but is NULL, typically causing a crash or exit.
Exploits
Severity_range_score0.1 - 5.5
Exploitability0.5
Weighted_severity5.0
Risk_score2.5
Resource_urlhttp://public2.vulnerablecode.io/vulnerabilities/VCID-ab8v-3vdh-a7gy