Django REST framework

Lookup for vulnerabilities affecting packages.

Vulnerability_id VCID-7nrw-67ae-zbap

Summary GNU objdump 2.43 is vulnerable to Buffer Overflow in the BFD (Binary File Descriptor) library's handling of tekhex format files.

Aliases

alias	CVE-2024-53589

Fixed_packages

url	pkg:deb/debian/binutils@2.43.1-5
purl	pkg:deb/debian/binutils@2.43.1-5
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/binutils@2.43.1-5

url	pkg:deb/debian/binutils@2.44-1?distro=trixie
purl	pkg:deb/debian/binutils@2.44-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/binutils@2.44-1%3Fdistro=trixie

url pkg:deb/debian/binutils@2.44-3?distro=trixie

purl pkg:deb/debian/binutils@2.44-3?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1q89-5fpv-xufp

vulnerability	VCID-2bq7-4txd-audc

vulnerability	VCID-2msu-1qmt-j7hh

vulnerability	VCID-47qh-4hy8-fuhr

vulnerability	VCID-484t-wtdb-e3de

vulnerability	VCID-63pk-fun7-3fhr

vulnerability	VCID-8bwu-un3b-jfhq

vulnerability	VCID-a9v8-gc3v-eybb

vulnerability	VCID-b8uw-m25z-sfbg

vulnerability	VCID-becf-z7z4-uuf4

vulnerability	VCID-c6qr-qkbn-cfcx

vulnerability	VCID-ce52-r43w-a7g8

vulnerability	VCID-d5ph-eegf-h3gx

vulnerability	VCID-dm86-sdup-z7e2

vulnerability	VCID-dy6u-1dju-57bw

vulnerability	VCID-g8xf-e4q5-33d2

vulnerability	VCID-h66d-2att-afab

vulnerability	VCID-jmnb-p5js-gkcy

vulnerability	VCID-kjbz-f1q3-pbdw

vulnerability	VCID-m29v-t4rx-rqfu

vulnerability	VCID-nz18-v55y-5kav

vulnerability	VCID-p2j2-ewme-hqff

vulnerability	VCID-pdjd-2pxy-5qhg

vulnerability	VCID-tzx1-f57b-pqfy

vulnerability	VCID-urtu-grgf-nkbs

vulnerability	VCID-v7ew-yr1f-2yec

vulnerability	VCID-v8et-6ggb-afen

vulnerability	VCID-zs44-kckm-pyb7

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/binutils@2.44-3%3Fdistro=trixie

url	pkg:deb/debian/binutils@2.46-3?distro=trixie
purl	pkg:deb/debian/binutils@2.46-3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/binutils@2.46-3%3Fdistro=trixie

Affected_packages

url pkg:deb/debian/binutils@2.35.2-2

purl pkg:deb/debian/binutils@2.35.2-2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-13sg-vnwx-e3au

vulnerability	VCID-1q89-5fpv-xufp

vulnerability	VCID-26nf-gatz-w7d9

vulnerability	VCID-2bq7-4txd-audc

vulnerability	VCID-2msu-1qmt-j7hh

vulnerability	VCID-31xx-kcqr-uyb5

vulnerability	VCID-39b4-jy5b-wyhv

vulnerability	VCID-3qpx-z6qm-jycg

vulnerability	VCID-3qs1-hpg5-rkgu

vulnerability	VCID-47qh-4hy8-fuhr

vulnerability	VCID-484t-wtdb-e3de

vulnerability	VCID-63pk-fun7-3fhr

vulnerability	VCID-6f4u-nbce-fyeq

vulnerability	VCID-6kcf-s35h-uqhk

vulnerability	VCID-7nrw-67ae-zbap

vulnerability	VCID-8bwu-un3b-jfhq

vulnerability	VCID-8eu7-1vxt-9kh2

vulnerability	VCID-94gu-dt9j-9kcq

vulnerability	VCID-9b55-m8k1-p3ad

vulnerability	VCID-a5c8-dd7w-b7a3

vulnerability	VCID-a72c-187w-uqem

vulnerability	VCID-a7am-aqmd-akhe

vulnerability	VCID-a9v8-gc3v-eybb

vulnerability	VCID-aaya-jzc2-pyem

vulnerability	VCID-ayra-kncw-xfem

vulnerability	VCID-b6v7-xrsy-kffw

vulnerability	VCID-b8uw-m25z-sfbg

vulnerability	VCID-becf-z7z4-uuf4

vulnerability	VCID-bw9y-d617-y3cn

vulnerability	VCID-c6qr-qkbn-cfcx

vulnerability	VCID-ce52-r43w-a7g8

vulnerability	VCID-d5ph-eegf-h3gx

vulnerability	VCID-dm86-sdup-z7e2

vulnerability	VCID-dy6u-1dju-57bw

vulnerability	VCID-g8xf-e4q5-33d2

vulnerability	VCID-h2vh-h3t3-fbea

vulnerability	VCID-h66d-2att-afab

vulnerability	VCID-h6j5-rr4h-xkgm

vulnerability	VCID-hkky-g7kv-kkg3

vulnerability	VCID-jmnb-p5js-gkcy

vulnerability	VCID-kjbz-f1q3-pbdw

vulnerability	VCID-m29v-t4rx-rqfu

vulnerability	VCID-m3eb-2q8j-ryde

vulnerability	VCID-mjxb-h3c2-xqae

vulnerability	VCID-mpwg-g44n-b3a4

vulnerability	VCID-nkj3-v17h-gfdh

vulnerability	VCID-nz18-v55y-5kav

vulnerability	VCID-p2j2-ewme-hqff

vulnerability	VCID-pdjd-2pxy-5qhg

vulnerability	VCID-pp32-aq7j-dqc5

vulnerability	VCID-r16e-t1ks-3bgg

vulnerability	VCID-rfv2-sye9-3ua2

vulnerability	VCID-samj-nyu7-73eh

vulnerability	VCID-tm7f-qkd5-ruez

vulnerability	VCID-tzx1-f57b-pqfy

vulnerability	VCID-ud5g-wn8w-syhe

vulnerability	VCID-urtu-grgf-nkbs

vulnerability	VCID-urxv-f5cr-q7hn

vulnerability	VCID-v7ew-yr1f-2yec

vulnerability	VCID-v8et-6ggb-afen

vulnerability	VCID-vvdq-88wp-a3fw

vulnerability	VCID-wgpn-1e2g-kkdh

vulnerability	VCID-x8jp-gd9c-j3gc

vulnerability	VCID-yzkq-1m63-g7gc

vulnerability	VCID-zaxe-xnj6-6qdd

vulnerability	VCID-zs44-kckm-pyb7

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/binutils@2.35.2-2

url pkg:deb/debian/binutils@2.35.2-2?distro=trixie

purl pkg:deb/debian/binutils@2.35.2-2?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-13sg-vnwx-e3au

vulnerability	VCID-1q89-5fpv-xufp

vulnerability	VCID-26nf-gatz-w7d9

vulnerability	VCID-2bq7-4txd-audc

vulnerability	VCID-2msu-1qmt-j7hh

vulnerability	VCID-31xx-kcqr-uyb5

vulnerability	VCID-39b4-jy5b-wyhv

vulnerability	VCID-3qpx-z6qm-jycg

vulnerability	VCID-3qs1-hpg5-rkgu

vulnerability	VCID-47qh-4hy8-fuhr

vulnerability	VCID-484t-wtdb-e3de

vulnerability	VCID-63pk-fun7-3fhr

vulnerability	VCID-6f4u-nbce-fyeq

vulnerability	VCID-6kcf-s35h-uqhk

vulnerability	VCID-7nrw-67ae-zbap

vulnerability	VCID-8bwu-un3b-jfhq

vulnerability	VCID-8eu7-1vxt-9kh2

vulnerability	VCID-94gu-dt9j-9kcq

vulnerability	VCID-9b55-m8k1-p3ad

vulnerability	VCID-a5c8-dd7w-b7a3

vulnerability	VCID-a72c-187w-uqem

vulnerability	VCID-a7am-aqmd-akhe

vulnerability	VCID-a9v8-gc3v-eybb

vulnerability	VCID-aaya-jzc2-pyem

vulnerability	VCID-ayra-kncw-xfem

vulnerability	VCID-b6v7-xrsy-kffw

vulnerability	VCID-b8uw-m25z-sfbg

vulnerability	VCID-becf-z7z4-uuf4

vulnerability	VCID-bw9y-d617-y3cn

vulnerability	VCID-c6qr-qkbn-cfcx

vulnerability	VCID-ce52-r43w-a7g8

vulnerability	VCID-d5ph-eegf-h3gx

vulnerability	VCID-dm86-sdup-z7e2

vulnerability	VCID-dy6u-1dju-57bw

vulnerability	VCID-g8xf-e4q5-33d2

vulnerability	VCID-h2vh-h3t3-fbea

vulnerability	VCID-h66d-2att-afab

vulnerability	VCID-h6j5-rr4h-xkgm

vulnerability	VCID-hkky-g7kv-kkg3

vulnerability	VCID-jmnb-p5js-gkcy

vulnerability	VCID-kjbz-f1q3-pbdw

vulnerability	VCID-m29v-t4rx-rqfu

vulnerability	VCID-m3eb-2q8j-ryde

vulnerability	VCID-mjxb-h3c2-xqae

vulnerability	VCID-mpwg-g44n-b3a4

vulnerability	VCID-nkj3-v17h-gfdh

vulnerability	VCID-nz18-v55y-5kav

vulnerability	VCID-p2j2-ewme-hqff

vulnerability	VCID-pdjd-2pxy-5qhg

vulnerability	VCID-pp32-aq7j-dqc5

vulnerability	VCID-r16e-t1ks-3bgg

vulnerability	VCID-rfv2-sye9-3ua2

vulnerability	VCID-samj-nyu7-73eh

vulnerability	VCID-tm7f-qkd5-ruez

vulnerability	VCID-tzx1-f57b-pqfy

vulnerability	VCID-ud5g-wn8w-syhe

vulnerability	VCID-urtu-grgf-nkbs

vulnerability	VCID-urxv-f5cr-q7hn

vulnerability	VCID-v7ew-yr1f-2yec

vulnerability	VCID-v8et-6ggb-afen

vulnerability	VCID-vvdq-88wp-a3fw

vulnerability	VCID-wgpn-1e2g-kkdh

vulnerability	VCID-x8jp-gd9c-j3gc

vulnerability	VCID-yzkq-1m63-g7gc

vulnerability	VCID-zaxe-xnj6-6qdd

vulnerability	VCID-zs44-kckm-pyb7

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/binutils@2.35.2-2%3Fdistro=trixie

url pkg:deb/debian/binutils@2.40-2

purl pkg:deb/debian/binutils@2.40-2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1q89-5fpv-xufp

vulnerability	VCID-2bq7-4txd-audc

vulnerability	VCID-2msu-1qmt-j7hh

vulnerability	VCID-31xx-kcqr-uyb5

vulnerability	VCID-47qh-4hy8-fuhr

vulnerability	VCID-484t-wtdb-e3de

vulnerability	VCID-63pk-fun7-3fhr

vulnerability	VCID-7nrw-67ae-zbap

vulnerability	VCID-8bwu-un3b-jfhq

vulnerability	VCID-8eu7-1vxt-9kh2

vulnerability	VCID-a9v8-gc3v-eybb

vulnerability	VCID-ayra-kncw-xfem

vulnerability	VCID-b8uw-m25z-sfbg

vulnerability	VCID-becf-z7z4-uuf4

vulnerability	VCID-c6qr-qkbn-cfcx

vulnerability	VCID-ce52-r43w-a7g8

vulnerability	VCID-d5ph-eegf-h3gx

vulnerability	VCID-dm86-sdup-z7e2

vulnerability	VCID-dy6u-1dju-57bw

vulnerability	VCID-g8xf-e4q5-33d2

vulnerability	VCID-h66d-2att-afab

vulnerability	VCID-h6j5-rr4h-xkgm

vulnerability	VCID-jmnb-p5js-gkcy

vulnerability	VCID-kjbz-f1q3-pbdw

vulnerability	VCID-m29v-t4rx-rqfu

vulnerability	VCID-nz18-v55y-5kav

vulnerability	VCID-p2j2-ewme-hqff

vulnerability	VCID-pdjd-2pxy-5qhg

vulnerability	VCID-tzx1-f57b-pqfy

vulnerability	VCID-urtu-grgf-nkbs

vulnerability	VCID-v7ew-yr1f-2yec

vulnerability	VCID-v8et-6ggb-afen

vulnerability	VCID-wgpn-1e2g-kkdh

vulnerability	VCID-zs44-kckm-pyb7

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/binutils@2.40-2

url pkg:deb/debian/binutils@2.40-2?distro=trixie

purl pkg:deb/debian/binutils@2.40-2?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1q89-5fpv-xufp

vulnerability	VCID-2bq7-4txd-audc

vulnerability	VCID-2msu-1qmt-j7hh

vulnerability	VCID-31xx-kcqr-uyb5

vulnerability	VCID-47qh-4hy8-fuhr

vulnerability	VCID-484t-wtdb-e3de

vulnerability	VCID-63pk-fun7-3fhr

vulnerability	VCID-7nrw-67ae-zbap

vulnerability	VCID-8bwu-un3b-jfhq

vulnerability	VCID-8eu7-1vxt-9kh2

vulnerability	VCID-a9v8-gc3v-eybb

vulnerability	VCID-ayra-kncw-xfem

vulnerability	VCID-b8uw-m25z-sfbg

vulnerability	VCID-becf-z7z4-uuf4

vulnerability	VCID-c6qr-qkbn-cfcx

vulnerability	VCID-ce52-r43w-a7g8

vulnerability	VCID-d5ph-eegf-h3gx

vulnerability	VCID-dm86-sdup-z7e2

vulnerability	VCID-dy6u-1dju-57bw

vulnerability	VCID-g8xf-e4q5-33d2

vulnerability	VCID-h66d-2att-afab

vulnerability	VCID-h6j5-rr4h-xkgm

vulnerability	VCID-jmnb-p5js-gkcy

vulnerability	VCID-kjbz-f1q3-pbdw

vulnerability	VCID-m29v-t4rx-rqfu

vulnerability	VCID-nz18-v55y-5kav

vulnerability	VCID-p2j2-ewme-hqff

vulnerability	VCID-pdjd-2pxy-5qhg

vulnerability	VCID-tzx1-f57b-pqfy

vulnerability	VCID-urtu-grgf-nkbs

vulnerability	VCID-v7ew-yr1f-2yec

vulnerability	VCID-v8et-6ggb-afen

vulnerability	VCID-wgpn-1e2g-kkdh

vulnerability	VCID-zs44-kckm-pyb7

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/binutils@2.40-2%3Fdistro=trixie

References

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-53589.json

reference_id

reference_type

scores

value	6.6
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-53589.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2024-53589

reference_id

reference_type

scores

value	0.00235
scoring_system	epss
scoring_elements	0.46512
published_at	2026-06-09T12:55:00Z

value	0.00235
scoring_system	epss
scoring_elements	0.46547
published_at	2026-06-05T12:55:00Z

value	0.00235
scoring_system	epss
scoring_elements	0.46548
published_at	2026-06-06T12:55:00Z

value	0.00235
scoring_system	epss
scoring_elements	0.46527
published_at	2026-06-07T12:55:00Z

value	0.00235
scoring_system	epss
scoring_elements	0.46501
published_at	2026-06-08T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2024-53589

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-53589
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-53589

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	6.6
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2330669
reference_id	2330669
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2330669

reference_url

https://www.gnu.org/software/binutils/

reference_id

binutils

reference_type

scores

value	8.4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	Track*
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-12-11T16:27:26Z/

url

https://www.gnu.org/software/binutils/

reference_url

https://bushido-sec.com/index.php/2024/12/05/binutils-objdump-tekhex-buffer-overflow/

reference_id

binutils-objdump-tekhex-buffer-overflow

reference_type

scores

value	8.4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	Track*
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-12-11T16:27:26Z/

url

https://bushido-sec.com/index.php/2024/12/05/binutils-objdump-tekhex-buffer-overflow/

Weaknesses

cwe_id	125
name	Out-of-bounds Read
description	The product reads data past the end, or before the beginning, of the intended buffer.

Exploits

Severity_range_score 6.6 - 8.4

Exploitability 0.5

Weighted_severity 5.9

Risk_score 3.0

Resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-7nrw-67ae-zbap

Vulnerability Instance