Django REST framework

Lookup for vulnerabilities affecting packages.

Vulnerability_id VCID-hgm4-mszj-53hv

Summary

Aliases

alias	CVE-2019-19794

alias	GHSA-44r7-7p62-q3fr

Fixed_packages

url	pkg:deb/debian/golang-github-miekg-dns@1.1.26-1?distro=trixie
purl	pkg:deb/debian/golang-github-miekg-dns@1.1.26-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-github-miekg-dns@1.1.26-1%3Fdistro=trixie

url	pkg:deb/debian/golang-github-miekg-dns@1.1.35-1
purl	pkg:deb/debian/golang-github-miekg-dns@1.1.35-1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-github-miekg-dns@1.1.35-1

url	pkg:deb/debian/golang-github-miekg-dns@1.1.35-1?distro=trixie
purl	pkg:deb/debian/golang-github-miekg-dns@1.1.35-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-github-miekg-dns@1.1.35-1%3Fdistro=trixie

url	pkg:deb/debian/golang-github-miekg-dns@1.1.50-2?distro=trixie
purl	pkg:deb/debian/golang-github-miekg-dns@1.1.50-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-github-miekg-dns@1.1.50-2%3Fdistro=trixie

url	pkg:deb/debian/golang-github-miekg-dns@1.1.64-1?distro=trixie
purl	pkg:deb/debian/golang-github-miekg-dns@1.1.64-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-github-miekg-dns@1.1.64-1%3Fdistro=trixie

url	pkg:deb/debian/golang-github-miekg-dns@1.1.72-1?distro=trixie
purl	pkg:deb/debian/golang-github-miekg-dns@1.1.72-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-github-miekg-dns@1.1.72-1%3Fdistro=trixie

url	pkg:golang/github.com/miekg/dns@1.1.25
purl	pkg:golang/github.com/miekg/dns@1.1.25
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:golang/github.com/miekg/dns@1.1.25

Affected_packages

url pkg:deb/debian/golang-github-miekg-dns@0.0~git20161018.0.58f52c5-1~bpo8%2B2

purl pkg:deb/debian/golang-github-miekg-dns@0.0~git20161018.0.58f52c5-1~bpo8%2B2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1dvp-r3yh-1ya4

vulnerability	VCID-hgm4-mszj-53hv

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-github-miekg-dns@0.0~git20161018.0.58f52c5-1~bpo8%252B2

url pkg:deb/debian/golang-github-miekg-dns@0.0~git20161018.0.58f52c5-1

purl pkg:deb/debian/golang-github-miekg-dns@0.0~git20161018.0.58f52c5-1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1dvp-r3yh-1ya4

vulnerability	VCID-hgm4-mszj-53hv

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-github-miekg-dns@0.0~git20161018.0.58f52c5-1

url pkg:deb/debian/golang-github-miekg-dns@1.0.4%2Bds-1

purl pkg:deb/debian/golang-github-miekg-dns@1.0.4%2Bds-1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-hgm4-mszj-53hv

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-github-miekg-dns@1.0.4%252Bds-1

References

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-19794.json

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-19794.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2019-19794

reference_id

reference_type

scores

value	0.00297
scoring_system	epss
scoring_elements	0.53644
published_at	2026-06-12T12:55:00Z

value	0.00297
scoring_system	epss
scoring_elements	0.53517
published_at	2026-06-11T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2019-19794

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19794
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19794

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

https://github.com/coredns/coredns/issues/3519

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/coredns/coredns/issues/3519

reference_url

https://github.com/coredns/coredns/issues/3547

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/coredns/coredns/issues/3547

reference_url

https://github.com/miekg/dns/commit/8ebf2e419df7857ac8919baa05248789a8ffbf33

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/miekg/dns/commit/8ebf2e419df7857ac8919baa05248789a8ffbf33

reference_url

https://github.com/miekg/dns/compare/v1.1.24...v1.1.25

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/miekg/dns/compare/v1.1.24...v1.1.25

reference_url

https://github.com/miekg/dns/issues/1037

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/miekg/dns/issues/1037

reference_url

https://github.com/miekg/dns/issues/1043

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/miekg/dns/issues/1043

reference_url

https://github.com/miekg/dns/pull/1044

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/miekg/dns/pull/1044

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2019-19794

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2019-19794

reference_url

https://pkg.go.dev/vuln/GO-2020-0008

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://pkg.go.dev/vuln/GO-2020-0008

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1786761
reference_id	1786761
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1786761

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=947403
reference_id	947403
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=947403

reference_url	https://access.redhat.com/errata/RHSA-2020:5198
reference_id	RHSA-2020:5198
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:5198

reference_url	https://access.redhat.com/errata/RHSA-2022:2183
reference_id	RHSA-2022:2183
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:2183

Weaknesses

cwe_id	338
name	Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG)
description	The product uses a Pseudo-Random Number Generator (PRNG) in a security context, but the PRNG's algorithm is not cryptographically strong.

cwe_id	330
name	Use of Insufficiently Random Values
description	The product uses insufficiently random numbers or values in a security context that depends on unpredictable numbers.

Exploits

Severity_range_score 4.0 - 6.9

Exploitability 0.5

Weighted_severity 6.2

Risk_score 3.1

Resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-hgm4-mszj-53hv

Vulnerability Instance