Django REST framework

Lookup for vulnerabilities affecting packages.

Vulnerability_id VCID-qpfs-f882-gqd3

Summary Directory traversal vulnerability in naxsi-ui/nx_extract.py in the Naxsi module before 0.46-1 for Nginx allows local users to read arbitrary files via unspecified vectors.

Aliases

alias	CVE-2012-3380

Fixed_packages

url	pkg:deb/debian/nginx@1.2.1-2?distro=trixie
purl	pkg:deb/debian/nginx@1.2.1-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.2.1-2%3Fdistro=trixie

url pkg:deb/debian/nginx@1.2.1-2.2%2Bwheezy4

purl pkg:deb/debian/nginx@1.2.1-2.2%2Bwheezy4

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-22cq-z7km-cfdc

vulnerability	VCID-36pf-ddpb-3khs

vulnerability	VCID-3ysf-pvuu-47bs

vulnerability	VCID-64n7-ygvq-cfds

vulnerability	VCID-9hzg-r1fj-pubf

vulnerability	VCID-asr7-uwpu-a7a5

vulnerability	VCID-bana-j1wy-cfdy

vulnerability	VCID-c4ta-jqmg-wfgf

vulnerability	VCID-c9ym-ckeq-63dq

vulnerability	VCID-cbn4-utmp-n7ba

vulnerability	VCID-cjx4-a19z-xufq

vulnerability	VCID-dmv4-ydq9-a7eq

vulnerability	VCID-e49f-y1ky-5yb4

vulnerability	VCID-eb23-pd25-yqg3

vulnerability	VCID-fgaf-wqmd-gqf3

vulnerability	VCID-jtgk-h6v6-2fgs

vulnerability	VCID-kcsp-h1s5-wbea

vulnerability	VCID-m1y8-m8z6-kyg9

vulnerability	VCID-nckn-qkc8-t7ge

vulnerability	VCID-p933-hxvk-37bk

vulnerability	VCID-pmrf-dxst-p7a7

vulnerability	VCID-qzcz-zvv6-dyda

vulnerability	VCID-rsr7-p977-tycc

vulnerability	VCID-u25m-v3f6-23dk

vulnerability	VCID-u8aq-2qhu-gff5

vulnerability	VCID-uqb5-ensa-8yht

vulnerability	VCID-wc3j-5xmu-kyex

vulnerability	VCID-x8ck-rceh-ukdw

vulnerability	VCID-y3tg-7fge-1yfy

vulnerability	VCID-yu2j-f4q9-bbcx

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.2.1-2.2%252Bwheezy4

url pkg:deb/debian/nginx@1.18.0-6.1%2Bdeb11u3?distro=trixie

purl pkg:deb/debian/nginx@1.18.0-6.1%2Bdeb11u3?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2cu7-pyw5-t3dm

vulnerability	VCID-3czf-dtzg-8kdm

vulnerability	VCID-5781-s1ny-q7ey

vulnerability	VCID-d1c6-dt2p-9kaa

vulnerability	VCID-fmvd-vyt7-mkfk

vulnerability	VCID-hemy-pnpj-sfg3

vulnerability	VCID-kpjx-rrjs-subs

vulnerability	VCID-sxf9-qr1j-u3et

vulnerability	VCID-z3xb-4krg-rbae

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.18.0-6.1%252Bdeb11u3%3Fdistro=trixie

url pkg:deb/debian/nginx@1.22.1-9%2Bdeb12u3?distro=trixie

purl pkg:deb/debian/nginx@1.22.1-9%2Bdeb12u3?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2cu7-pyw5-t3dm

vulnerability	VCID-3czf-dtzg-8kdm

vulnerability	VCID-5781-s1ny-q7ey

vulnerability	VCID-fmvd-vyt7-mkfk

vulnerability	VCID-kpjx-rrjs-subs

vulnerability	VCID-sxf9-qr1j-u3et

vulnerability	VCID-z3xb-4krg-rbae

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.22.1-9%252Bdeb12u3%3Fdistro=trixie

url pkg:deb/debian/nginx@1.26.3-3%2Bdeb13u2?distro=trixie

purl pkg:deb/debian/nginx@1.26.3-3%2Bdeb13u2?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2cu7-pyw5-t3dm

vulnerability	VCID-3czf-dtzg-8kdm

vulnerability	VCID-fmvd-vyt7-mkfk

vulnerability	VCID-kpjx-rrjs-subs

vulnerability	VCID-sxf9-qr1j-u3et

vulnerability	VCID-z3xb-4krg-rbae

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.26.3-3%252Bdeb13u2%3Fdistro=trixie

url	pkg:deb/debian/nginx@1.28.3-2?distro=trixie
purl	pkg:deb/debian/nginx@1.28.3-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.28.3-2%3Fdistro=trixie

Affected_packages

url pkg:deb/debian/nginx@0.4.13-2

purl pkg:deb/debian/nginx@0.4.13-2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-22cq-z7km-cfdc

vulnerability	VCID-36pf-ddpb-3khs

vulnerability	VCID-3ysf-pvuu-47bs

vulnerability	VCID-4mqa-bkha-kbaj

vulnerability	VCID-64n7-ygvq-cfds

vulnerability	VCID-9hzg-r1fj-pubf

vulnerability	VCID-asr7-uwpu-a7a5

vulnerability	VCID-bana-j1wy-cfdy

vulnerability	VCID-c4ta-jqmg-wfgf

vulnerability	VCID-c9ym-ckeq-63dq

vulnerability	VCID-cbn4-utmp-n7ba

vulnerability	VCID-cjx4-a19z-xufq

vulnerability	VCID-dmv4-ydq9-a7eq

vulnerability	VCID-e49f-y1ky-5yb4

vulnerability	VCID-eb23-pd25-yqg3

vulnerability	VCID-fgaf-wqmd-gqf3

vulnerability	VCID-g39b-k8vv-kyaq

vulnerability	VCID-jau7-gfz8-dkfa

vulnerability	VCID-jtgk-h6v6-2fgs

vulnerability	VCID-kcsp-h1s5-wbea

vulnerability	VCID-ktxc-d5t4-bkhg

vulnerability	VCID-m1y8-m8z6-kyg9

vulnerability	VCID-m393-anc8-dfgf

vulnerability	VCID-mhdp-u59y-2kgw

vulnerability	VCID-nckn-qkc8-t7ge

vulnerability	VCID-p933-hxvk-37bk

vulnerability	VCID-pmrf-dxst-p7a7

vulnerability	VCID-qpfs-f882-gqd3

vulnerability	VCID-qzcz-zvv6-dyda

vulnerability	VCID-rsr7-p977-tycc

vulnerability	VCID-t6gs-g1cq-hqem

vulnerability	VCID-u25m-v3f6-23dk

vulnerability	VCID-u8aq-2qhu-gff5

vulnerability	VCID-uqb5-ensa-8yht

vulnerability	VCID-wc3j-5xmu-kyex

vulnerability	VCID-wsxq-wqqr-n3ey

vulnerability	VCID-x8ck-rceh-ukdw

vulnerability	VCID-y3tg-7fge-1yfy

vulnerability	VCID-yu2j-f4q9-bbcx

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@0.4.13-2

url pkg:deb/debian/nginx@0.4.13-2%2Betch3

purl pkg:deb/debian/nginx@0.4.13-2%2Betch3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-22cq-z7km-cfdc

vulnerability	VCID-36pf-ddpb-3khs

vulnerability	VCID-3ysf-pvuu-47bs

vulnerability	VCID-4mqa-bkha-kbaj

vulnerability	VCID-64n7-ygvq-cfds

vulnerability	VCID-9hzg-r1fj-pubf

vulnerability	VCID-asr7-uwpu-a7a5

vulnerability	VCID-bana-j1wy-cfdy

vulnerability	VCID-c4ta-jqmg-wfgf

vulnerability	VCID-c9ym-ckeq-63dq

vulnerability	VCID-cbn4-utmp-n7ba

vulnerability	VCID-cjx4-a19z-xufq

vulnerability	VCID-dmv4-ydq9-a7eq

vulnerability	VCID-e49f-y1ky-5yb4

vulnerability	VCID-eb23-pd25-yqg3

vulnerability	VCID-fgaf-wqmd-gqf3

vulnerability	VCID-g39b-k8vv-kyaq

vulnerability	VCID-jau7-gfz8-dkfa

vulnerability	VCID-jtgk-h6v6-2fgs

vulnerability	VCID-kcsp-h1s5-wbea

vulnerability	VCID-ktxc-d5t4-bkhg

vulnerability	VCID-m1y8-m8z6-kyg9

vulnerability	VCID-m393-anc8-dfgf

vulnerability	VCID-mhdp-u59y-2kgw

vulnerability	VCID-nckn-qkc8-t7ge

vulnerability	VCID-p933-hxvk-37bk

vulnerability	VCID-pmrf-dxst-p7a7

vulnerability	VCID-qpfs-f882-gqd3

vulnerability	VCID-qzcz-zvv6-dyda

vulnerability	VCID-rsr7-p977-tycc

vulnerability	VCID-t6gs-g1cq-hqem

vulnerability	VCID-u25m-v3f6-23dk

vulnerability	VCID-u8aq-2qhu-gff5

vulnerability	VCID-uqb5-ensa-8yht

vulnerability	VCID-wc3j-5xmu-kyex

vulnerability	VCID-wsxq-wqqr-n3ey

vulnerability	VCID-x8ck-rceh-ukdw

vulnerability	VCID-y3tg-7fge-1yfy

vulnerability	VCID-yu2j-f4q9-bbcx

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@0.4.13-2%252Betch3

url pkg:deb/debian/nginx@0.6.32-3%2Blenny3

purl pkg:deb/debian/nginx@0.6.32-3%2Blenny3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-22cq-z7km-cfdc

vulnerability	VCID-36pf-ddpb-3khs

vulnerability	VCID-3ysf-pvuu-47bs

vulnerability	VCID-4mqa-bkha-kbaj

vulnerability	VCID-64n7-ygvq-cfds

vulnerability	VCID-9hzg-r1fj-pubf

vulnerability	VCID-asr7-uwpu-a7a5

vulnerability	VCID-bana-j1wy-cfdy

vulnerability	VCID-c4ta-jqmg-wfgf

vulnerability	VCID-c9ym-ckeq-63dq

vulnerability	VCID-cbn4-utmp-n7ba

vulnerability	VCID-cjx4-a19z-xufq

vulnerability	VCID-dmv4-ydq9-a7eq

vulnerability	VCID-e49f-y1ky-5yb4

vulnerability	VCID-eb23-pd25-yqg3

vulnerability	VCID-fgaf-wqmd-gqf3

vulnerability	VCID-g39b-k8vv-kyaq

vulnerability	VCID-jau7-gfz8-dkfa

vulnerability	VCID-jtgk-h6v6-2fgs

vulnerability	VCID-kcsp-h1s5-wbea

vulnerability	VCID-ktxc-d5t4-bkhg

vulnerability	VCID-m1y8-m8z6-kyg9

vulnerability	VCID-m393-anc8-dfgf

vulnerability	VCID-mhdp-u59y-2kgw

vulnerability	VCID-nckn-qkc8-t7ge

vulnerability	VCID-p933-hxvk-37bk

vulnerability	VCID-pmrf-dxst-p7a7

vulnerability	VCID-qpfs-f882-gqd3

vulnerability	VCID-qzcz-zvv6-dyda

vulnerability	VCID-rsr7-p977-tycc

vulnerability	VCID-t6gs-g1cq-hqem

vulnerability	VCID-u25m-v3f6-23dk

vulnerability	VCID-u8aq-2qhu-gff5

vulnerability	VCID-uqb5-ensa-8yht

vulnerability	VCID-wc3j-5xmu-kyex

vulnerability	VCID-wsxq-wqqr-n3ey

vulnerability	VCID-x8ck-rceh-ukdw

vulnerability	VCID-y3tg-7fge-1yfy

vulnerability	VCID-yu2j-f4q9-bbcx

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@0.6.32-3%252Blenny3

url pkg:deb/debian/nginx@0.7.67-3%2Bsqueeze3

purl pkg:deb/debian/nginx@0.7.67-3%2Bsqueeze3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-22cq-z7km-cfdc

vulnerability	VCID-36pf-ddpb-3khs

vulnerability	VCID-3ysf-pvuu-47bs

vulnerability	VCID-4mqa-bkha-kbaj

vulnerability	VCID-64n7-ygvq-cfds

vulnerability	VCID-9hzg-r1fj-pubf

vulnerability	VCID-asr7-uwpu-a7a5

vulnerability	VCID-bana-j1wy-cfdy

vulnerability	VCID-c4ta-jqmg-wfgf

vulnerability	VCID-c9ym-ckeq-63dq

vulnerability	VCID-cbn4-utmp-n7ba

vulnerability	VCID-cjx4-a19z-xufq

vulnerability	VCID-dmv4-ydq9-a7eq

vulnerability	VCID-e49f-y1ky-5yb4

vulnerability	VCID-eb23-pd25-yqg3

vulnerability	VCID-fgaf-wqmd-gqf3

vulnerability	VCID-jtgk-h6v6-2fgs

vulnerability	VCID-kcsp-h1s5-wbea

vulnerability	VCID-ktxc-d5t4-bkhg

vulnerability	VCID-m1y8-m8z6-kyg9

vulnerability	VCID-m393-anc8-dfgf

vulnerability	VCID-nckn-qkc8-t7ge

vulnerability	VCID-p933-hxvk-37bk

vulnerability	VCID-pmrf-dxst-p7a7

vulnerability	VCID-qpfs-f882-gqd3

vulnerability	VCID-qzcz-zvv6-dyda

vulnerability	VCID-rsr7-p977-tycc

vulnerability	VCID-u25m-v3f6-23dk

vulnerability	VCID-u8aq-2qhu-gff5

vulnerability	VCID-uqb5-ensa-8yht

vulnerability	VCID-wc3j-5xmu-kyex

vulnerability	VCID-wsxq-wqqr-n3ey

vulnerability	VCID-x8ck-rceh-ukdw

vulnerability	VCID-y3tg-7fge-1yfy

vulnerability	VCID-yu2j-f4q9-bbcx

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@0.7.67-3%252Bsqueeze3

url pkg:deb/debian/nginx@0.7.67-3%2Bsqueeze4%2Bdeb6u1

purl pkg:deb/debian/nginx@0.7.67-3%2Bsqueeze4%2Bdeb6u1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-22cq-z7km-cfdc

vulnerability	VCID-36pf-ddpb-3khs

vulnerability	VCID-3ysf-pvuu-47bs

vulnerability	VCID-4mqa-bkha-kbaj

vulnerability	VCID-64n7-ygvq-cfds

vulnerability	VCID-9hzg-r1fj-pubf

vulnerability	VCID-asr7-uwpu-a7a5

vulnerability	VCID-bana-j1wy-cfdy

vulnerability	VCID-c4ta-jqmg-wfgf

vulnerability	VCID-c9ym-ckeq-63dq

vulnerability	VCID-cbn4-utmp-n7ba

vulnerability	VCID-cjx4-a19z-xufq

vulnerability	VCID-dmv4-ydq9-a7eq

vulnerability	VCID-e49f-y1ky-5yb4

vulnerability	VCID-eb23-pd25-yqg3

vulnerability	VCID-fgaf-wqmd-gqf3

vulnerability	VCID-jtgk-h6v6-2fgs

vulnerability	VCID-kcsp-h1s5-wbea

vulnerability	VCID-ktxc-d5t4-bkhg

vulnerability	VCID-m1y8-m8z6-kyg9

vulnerability	VCID-m393-anc8-dfgf

vulnerability	VCID-nckn-qkc8-t7ge

vulnerability	VCID-p933-hxvk-37bk

vulnerability	VCID-pmrf-dxst-p7a7

vulnerability	VCID-qpfs-f882-gqd3

vulnerability	VCID-qzcz-zvv6-dyda

vulnerability	VCID-rsr7-p977-tycc

vulnerability	VCID-u25m-v3f6-23dk

vulnerability	VCID-u8aq-2qhu-gff5

vulnerability	VCID-uqb5-ensa-8yht

vulnerability	VCID-wc3j-5xmu-kyex

vulnerability	VCID-wsxq-wqqr-n3ey

vulnerability	VCID-x8ck-rceh-ukdw

vulnerability	VCID-y3tg-7fge-1yfy

vulnerability	VCID-yu2j-f4q9-bbcx

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@0.7.67-3%252Bsqueeze4%252Bdeb6u1

References

reference_url	http://code.google.com/p/naxsi/
reference_id
reference_type
scores
url	http://code.google.com/p/naxsi/

reference_url	http://code.google.com/p/naxsi/source/detail?r=307
reference_id
reference_type
scores
url	http://code.google.com/p/naxsi/source/detail?r=307

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2012-3380

reference_id

reference_type

scores

value	0.00166
scoring_system	epss
scoring_elements	0.37649
published_at	2026-04-13T12:55:00Z

value	0.00166
scoring_system	epss
scoring_elements	0.37549
published_at	2026-04-01T12:55:00Z

value	0.00166
scoring_system	epss
scoring_elements	0.37731
published_at	2026-04-02T12:55:00Z

value	0.00166
scoring_system	epss
scoring_elements	0.37756
published_at	2026-04-04T12:55:00Z

value	0.00166
scoring_system	epss
scoring_elements	0.37633
published_at	2026-04-07T12:55:00Z

value	0.00166
scoring_system	epss
scoring_elements	0.37685
published_at	2026-04-08T12:55:00Z

value	0.00166
scoring_system	epss
scoring_elements	0.37698
published_at	2026-04-09T12:55:00Z

value	0.00166
scoring_system	epss
scoring_elements	0.37712
published_at	2026-04-11T12:55:00Z

value	0.00166
scoring_system	epss
scoring_elements	0.37677
published_at	2026-04-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2012-3380

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3380
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3380

reference_url	http://secunia.com/advisories/49811
reference_id
reference_type
scores
url	http://secunia.com/advisories/49811

reference_url	http://www.openwall.com/lists/oss-security/2012/07/05/1
reference_id
reference_type
scores
url	http://www.openwall.com/lists/oss-security/2012/07/05/1

reference_url	http://www.openwall.com/lists/oss-security/2012/07/06/3
reference_id
reference_type
scores
url	http://www.openwall.com/lists/oss-security/2012/07/06/3

reference_url	http://www.osvdb.org/83617
reference_id
reference_type
scores
url	http://www.osvdb.org/83617

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:wargio:naxsi::::::::
reference_id	cpe:2.3:a:wargio:naxsi::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:wargio:naxsi::::::::

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2012-3380

reference_id

CVE-2012-3380

reference_type

scores

value	2.1
scoring_system	cvssv2
scoring_elements	AV:L/AC:L/Au:N/C:P/I:N/A:N

url

https://nvd.nist.gov/vuln/detail/CVE-2012-3380

Weaknesses

cwe_id	22
name	Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
description	The product uses external input to construct a pathname that is intended to identify a file or directory that is located underneath a restricted parent directory, but the product does not properly neutralize special elements within the pathname that can cause the pathname to resolve to a location that is outside of the restricted directory.

Exploits

Severity_range_score 2.1 - 2.1

Exploitability 0.5

Weighted_severity 1.9

Risk_score 0.9

Resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-qpfs-f882-gqd3

Vulnerability Instance