Django REST framework

Vulnerability Instance

Lookup for vulnerabilities affecting packages.

Vulnerability_idVCID-3fzh-q1an-1yev
Summarymultiple issues
Aliases
0
alias CVE-2019-0117
Fixed_packages
0
url pkg:alpm/archlinux/intel-ucode@20191112-1
purl pkg:alpm/archlinux/intel-ucode@20191112-1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/intel-ucode@20191112-1
Affected_packages
0
url pkg:alpm/archlinux/intel-ucode@20190918-1
purl pkg:alpm/archlinux/intel-ucode@20190918-1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3fzh-q1an-1yev
1
vulnerability VCID-scm9-j9ah-2qa6
2
vulnerability VCID-srmp-dqh8-gqgk
resource_url http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/intel-ucode@20190918-1
1
url pkg:rpm/redhat/microcode_ctl@2:1.17-17.25?arch=el6_5
purl pkg:rpm/redhat/microcode_ctl@2:1.17-17.25?arch=el6_5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3fzh-q1an-1yev
resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/microcode_ctl@2:1.17-17.25%3Farch=el6_5
2
url pkg:rpm/redhat/microcode_ctl@2:1.17-19.23?arch=el6_6
purl pkg:rpm/redhat/microcode_ctl@2:1.17-19.23?arch=el6_6
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3fzh-q1an-1yev
resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/microcode_ctl@2:1.17-19.23%3Farch=el6_6
3
url pkg:rpm/redhat/microcode_ctl@2:1.17-33.19?arch=el6_10
purl pkg:rpm/redhat/microcode_ctl@2:1.17-33.19?arch=el6_10
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3fzh-q1an-1yev
resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/microcode_ctl@2:1.17-33.19%3Farch=el6_10
4
url pkg:rpm/redhat/microcode_ctl@2:2.1-12.24?arch=el7_2
purl pkg:rpm/redhat/microcode_ctl@2:2.1-12.24?arch=el7_2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3fzh-q1an-1yev
resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/microcode_ctl@2:2.1-12.24%3Farch=el7_2
5
url pkg:rpm/redhat/microcode_ctl@2:2.1-16.27?arch=el7_3
purl pkg:rpm/redhat/microcode_ctl@2:2.1-16.27?arch=el7_3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3fzh-q1an-1yev
resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/microcode_ctl@2:2.1-16.27%3Farch=el7_3
6
url pkg:rpm/redhat/microcode_ctl@2:2.1-22.26?arch=el7_4
purl pkg:rpm/redhat/microcode_ctl@2:2.1-22.26?arch=el7_4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3fzh-q1an-1yev
resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/microcode_ctl@2:2.1-22.26%3Farch=el7_4
7
url pkg:rpm/redhat/microcode_ctl@2:2.1-29.24?arch=el7_5
purl pkg:rpm/redhat/microcode_ctl@2:2.1-29.24?arch=el7_5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3fzh-q1an-1yev
resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/microcode_ctl@2:2.1-29.24%3Farch=el7_5
8
url pkg:rpm/redhat/microcode_ctl@2:2.1-47.8?arch=el7_6
purl pkg:rpm/redhat/microcode_ctl@2:2.1-47.8?arch=el7_6
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3fzh-q1an-1yev
resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/microcode_ctl@2:2.1-47.8%3Farch=el7_6
9
url pkg:rpm/redhat/microcode_ctl@2:2.1-53.3?arch=el7_7
purl pkg:rpm/redhat/microcode_ctl@2:2.1-53.3?arch=el7_7
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3fzh-q1an-1yev
resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/microcode_ctl@2:2.1-53.3%3Farch=el7_7
10
url pkg:rpm/redhat/microcode_ctl@4:20180807a-2.20191112.1?arch=el8_0
purl pkg:rpm/redhat/microcode_ctl@4:20180807a-2.20191112.1?arch=el8_0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3fzh-q1an-1yev
resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/microcode_ctl@4:20180807a-2.20191112.1%3Farch=el8_0
11
url pkg:rpm/redhat/microcode_ctl@4:20190618-1.20191112.1?arch=el8_1
purl pkg:rpm/redhat/microcode_ctl@4:20190618-1.20191112.1?arch=el8_1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3fzh-q1an-1yev
1
vulnerability VCID-scm9-j9ah-2qa6
resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/microcode_ctl@4:20190618-1.20191112.1%3Farch=el8_1
References
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-0117.json
reference_id
reference_type
scores
0
value 6.0
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-0117.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2019-0117
reference_id
reference_type
scores
0
value 0.00134
scoring_system epss
scoring_elements 0.32889
published_at 2026-06-04T12:55:00Z
1
value 0.00134
scoring_system epss
scoring_elements 0.32994
published_at 2026-06-05T12:55:00Z
2
value 0.00134
scoring_system epss
scoring_elements 0.33008
published_at 2026-06-06T12:55:00Z
3
value 0.00134
scoring_system epss
scoring_elements 0.32969
published_at 2026-06-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2019-0117
2
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1758414
reference_id 1758414
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1758414
3
reference_url https://security.archlinux.org/ASA-201911-14
reference_id ASA-201911-14
reference_type
scores
url https://security.archlinux.org/ASA-201911-14
4
reference_url https://security.archlinux.org/AVG-1068
reference_id AVG-1068
reference_type
scores
0
value High
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-1068
Weaknesses
0
cwe_id 1220
name Insufficient Granularity of Access Control
description The product implements access controls via a policy or other feature with the intention to disable or restrict accesses (reads and/or writes) to assets in a system from untrusted agents. However, implemented access controls lack required granularity, which renders the control policy too broad because it allows accesses from unauthorized agents to the security-sensitive assets.
1
cwe_id 200
name Exposure of Sensitive Information to an Unauthorized Actor
description The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.
Exploits
Severity_range_score6.0 - 8.9
Exploitability0.5
Weighted_severity8.0
Risk_score4.0
Resource_urlhttp://public2.vulnerablecode.io/vulnerabilities/VCID-3fzh-q1an-1yev