Django REST framework

Lookup for vulnerabilities affecting packages.

Vulnerability_id VCID-k4qv-8ggs-afef

Summary bind: assertion failure in DNSSEC validation

Aliases

alias	CVE-2017-3139

Fixed_packages

url	pkg:deb/debian/bind9@0?distro=trixie
purl	pkg:deb/debian/bind9@0?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@0%3Fdistro=trixie

url pkg:deb/debian/bind9@1:9.16.50-1~deb11u2?distro=trixie

purl pkg:deb/debian/bind9@1:9.16.50-1~deb11u2?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-d9np-47r3-rkg1

vulnerability	VCID-gdhz-6yzf-afda

vulnerability	VCID-unqt-mcxv-c7fw

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.16.50-1~deb11u2%3Fdistro=trixie

url pkg:deb/debian/bind9@1:9.18.41-1~deb12u1?distro=trixie

purl pkg:deb/debian/bind9@1:9.18.41-1~deb12u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-d9np-47r3-rkg1

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.18.41-1~deb12u1%3Fdistro=trixie

url	pkg:deb/debian/bind9@1:9.20.18-1~deb13u1?distro=trixie
purl	pkg:deb/debian/bind9@1:9.20.18-1~deb13u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.20.18-1~deb13u1%3Fdistro=trixie

url	pkg:deb/debian/bind9@1:9.20.21-1?distro=trixie
purl	pkg:deb/debian/bind9@1:9.20.21-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.20.21-1%3Fdistro=trixie

url	pkg:deb/debian/bind9@1:9.20.22-1?distro=trixie
purl	pkg:deb/debian/bind9@1:9.20.22-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.20.22-1%3Fdistro=trixie

Affected_packages

url pkg:rpm/redhat/bind@32:9.7.3-8.P3.el6_2?arch=9

purl pkg:rpm/redhat/bind@32:9.7.3-8.P3.el6_2?arch=9

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5jpj-6zqd-3ub9

vulnerability	VCID-k4qv-8ggs-afef

vulnerability	VCID-sh9s-2ef5-ruct

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/bind@32:9.7.3-8.P3.el6_2%3Farch=9

url pkg:rpm/redhat/bind@32:9.8.2-0.17.rc1.el6_4?arch=12

purl pkg:rpm/redhat/bind@32:9.8.2-0.17.rc1.el6_4?arch=12

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5jpj-6zqd-3ub9

vulnerability	VCID-k4qv-8ggs-afef

vulnerability	VCID-sh9s-2ef5-ruct

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/bind@32:9.8.2-0.17.rc1.el6_4%3Farch=12

url pkg:rpm/redhat/bind@32:9.8.2-0.23.rc1.el6_5?arch=7

purl pkg:rpm/redhat/bind@32:9.8.2-0.23.rc1.el6_5?arch=7

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5jpj-6zqd-3ub9

vulnerability	VCID-k4qv-8ggs-afef

vulnerability	VCID-sh9s-2ef5-ruct

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/bind@32:9.8.2-0.23.rc1.el6_5%3Farch=7

url pkg:rpm/redhat/bind@32:9.8.2-0.30.rc1.el6_6?arch=9

purl pkg:rpm/redhat/bind@32:9.8.2-0.30.rc1.el6_6?arch=9

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5jpj-6zqd-3ub9

vulnerability	VCID-k4qv-8ggs-afef

vulnerability	VCID-sh9s-2ef5-ruct

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/bind@32:9.8.2-0.30.rc1.el6_6%3Farch=9

url pkg:rpm/redhat/bind@32:9.8.2-0.37.rc1.el6_7?arch=11

purl pkg:rpm/redhat/bind@32:9.8.2-0.37.rc1.el6_7?arch=11

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5jpj-6zqd-3ub9

vulnerability	VCID-k4qv-8ggs-afef

vulnerability	VCID-sh9s-2ef5-ruct

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/bind@32:9.8.2-0.37.rc1.el6_7%3Farch=11

url pkg:rpm/redhat/bind@32:9.8.2-0.62.rc1.el6_9?arch=2

purl pkg:rpm/redhat/bind@32:9.8.2-0.62.rc1.el6_9?arch=2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-k4qv-8ggs-afef

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/bind@32:9.8.2-0.62.rc1.el6_9%3Farch=2

References

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-3139.json

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-3139.json

reference_url	https://access.redhat.com/security/cve/cve-2017-3139
reference_id
reference_type
scores
url	https://access.redhat.com/security/cve/cve-2017-3139

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2017-3139

reference_id

reference_type

scores

value	0.00723
scoring_system	epss
scoring_elements	0.7249
published_at	2026-04-07T12:55:00Z

value	0.00723
scoring_system	epss
scoring_elements	0.72717
published_at	2026-05-14T12:55:00Z

value	0.00723
scoring_system	epss
scoring_elements	0.72673
published_at	2026-05-09T12:55:00Z

value	0.00723
scoring_system	epss
scoring_elements	0.72637
published_at	2026-05-11T12:55:00Z

value	0.00723
scoring_system	epss
scoring_elements	0.72663
published_at	2026-05-12T12:55:00Z

value	0.00723
scoring_system	epss
scoring_elements	0.72497
published_at	2026-04-02T12:55:00Z

value	0.00723
scoring_system	epss
scoring_elements	0.72514
published_at	2026-04-04T12:55:00Z

value	0.00723
scoring_system	epss
scoring_elements	0.72529
published_at	2026-04-08T12:55:00Z

value	0.00723
scoring_system	epss
scoring_elements	0.72541
published_at	2026-04-09T12:55:00Z

value	0.00723
scoring_system	epss
scoring_elements	0.72565
published_at	2026-04-11T12:55:00Z

value	0.00723
scoring_system	epss
scoring_elements	0.72548
published_at	2026-04-12T12:55:00Z

value	0.00723
scoring_system	epss
scoring_elements	0.72538
published_at	2026-04-13T12:55:00Z

value	0.00723
scoring_system	epss
scoring_elements	0.7258
published_at	2026-04-21T12:55:00Z

value	0.00723
scoring_system	epss
scoring_elements	0.7259
published_at	2026-04-18T12:55:00Z

value	0.00723
scoring_system	epss
scoring_elements	0.72622
published_at	2026-04-24T12:55:00Z

value	0.00723
scoring_system	epss
scoring_elements	0.7263
published_at	2026-04-26T12:55:00Z

value	0.00723
scoring_system	epss
scoring_elements	0.72627
published_at	2026-04-29T12:55:00Z

value	0.00723
scoring_system	epss
scoring_elements	0.72619
published_at	2026-05-05T12:55:00Z

value	0.00723
scoring_system	epss
scoring_elements	0.72649
published_at	2026-05-07T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2017-3139

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1447743
reference_id	1447743
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1447743

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:6.2:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server_aus:6.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:6.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:6.4:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server_aus:6.4:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:6.4:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:6.5:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server_aus:6.5:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:6.5:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:6.6:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server_aus:6.6:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:6.6:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:6.7:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server_eus:6.7:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:6.7:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:6.5:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server_tus:6.5:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:6.5:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:6.6:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server_tus:6.6:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:6.6:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2017-3139

reference_id

CVE-2017-3139

reference_type

scores

value	5.0
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:N/I:N/A:P

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://nvd.nist.gov/vuln/detail/CVE-2017-3139

reference_url	https://access.redhat.com/errata/RHSA-2017:1202
reference_id	RHSA-2017:1202
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2017:1202

reference_url	https://access.redhat.com/errata/RHSA-2017:1582
reference_id	RHSA-2017:1582
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2017:1582

Weaknesses

cwe_id	617
name	Reachable Assertion
description	The product contains an assert() or similar statement that can be triggered by an attacker, which leads to an application exit or other behavior that is more severe than necessary.

Exploits

Severity_range_score 5.0 - 7.5

Exploitability 0.5

Weighted_severity 6.8

Risk_score 3.4

Resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-k4qv-8ggs-afef

Vulnerability Instance