Django REST framework

Vulnerability Instance

Lookup for vulnerabilities affecting packages.

Vulnerability_idVCID-esap-nkps-cfg9
SummaryInvalid Accept-Encoding header can cause Apache Traffic Server to fail cache lookup and force forwarding requests. This issue affects Apache Traffic Server: from 8.0.0 through 8.1.10, from 9.0.0 through 9.2.4. Users are recommended to upgrade to version 8.1.11 or 9.2.5, which fixes the issue.
Aliases
0
alias CVE-2024-35296
Fixed_packages
0
url pkg:deb/debian/trafficserver@8.1.10%2Bds-1~deb11u1?distro=sid
purl pkg:deb/debian/trafficserver@8.1.10%2Bds-1~deb11u1?distro=sid
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-4738-xk8n-hbac
1
vulnerability VCID-4hs3-be7k-9qe7
2
vulnerability VCID-4uhe-mtbx-nfdu
3
vulnerability VCID-5e1r-3jec-tkhp
4
vulnerability VCID-c62p-6ghw-j3dv
5
vulnerability VCID-eay7-63um-43e9
6
vulnerability VCID-kjah-am9e-xkev
7
vulnerability VCID-tevw-8dcp-yfh6
8
vulnerability VCID-ww3t-p3pq-gkhy
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@8.1.10%252Bds-1~deb11u1%3Fdistro=sid
1
url pkg:deb/debian/trafficserver@8.1.11%2Bds-0%2Bdeb11u1?distro=sid
purl pkg:deb/debian/trafficserver@8.1.11%2Bds-0%2Bdeb11u1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@8.1.11%252Bds-0%252Bdeb11u1%3Fdistro=sid
2
url pkg:deb/debian/trafficserver@9.2.5%2Bds-0%2Bdeb12u1?distro=sid
purl pkg:deb/debian/trafficserver@9.2.5%2Bds-0%2Bdeb12u1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@9.2.5%252Bds-0%252Bdeb12u1%3Fdistro=sid
3
url pkg:deb/debian/trafficserver@9.2.5%2Bds-0%2Bdeb12u3?distro=sid
purl pkg:deb/debian/trafficserver@9.2.5%2Bds-0%2Bdeb12u3?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@9.2.5%252Bds-0%252Bdeb12u3%3Fdistro=sid
4
url pkg:deb/debian/trafficserver@9.2.5%2Bds-0%2Bdeb12u3
purl pkg:deb/debian/trafficserver@9.2.5%2Bds-0%2Bdeb12u3
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@9.2.5%252Bds-0%252Bdeb12u3
5
url pkg:deb/debian/trafficserver@9.2.5%2Bds-1?distro=sid
purl pkg:deb/debian/trafficserver@9.2.5%2Bds-1?distro=sid
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-4738-xk8n-hbac
1
vulnerability VCID-4hs3-be7k-9qe7
2
vulnerability VCID-4uhe-mtbx-nfdu
3
vulnerability VCID-5e1r-3jec-tkhp
4
vulnerability VCID-c62p-6ghw-j3dv
5
vulnerability VCID-eay7-63um-43e9
6
vulnerability VCID-jabw-thzt-63bb
7
vulnerability VCID-kjah-am9e-xkev
8
vulnerability VCID-rcdg-j23x-xfbn
9
vulnerability VCID-tevw-8dcp-yfh6
10
vulnerability VCID-ww3t-p3pq-gkhy
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@9.2.5%252Bds-1%3Fdistro=sid
Affected_packages
0
url pkg:deb/debian/trafficserver@3.0.5-1
purl pkg:deb/debian/trafficserver@3.0.5-1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-41x7-hv4u-byb9
1
vulnerability VCID-4js5-31yx-gkf1
2
vulnerability VCID-4men-293s-3bhn
3
vulnerability VCID-4wwn-74ac-p7dp
4
vulnerability VCID-568b-s8ks-vfa6
5
vulnerability VCID-5781-s1ny-q7ey
6
vulnerability VCID-6bwv-cd3d-mudb
7
vulnerability VCID-73aa-rk27-tye1
8
vulnerability VCID-7nhc-5p2x-t3cj
9
vulnerability VCID-8aev-nmwa-fkcg
10
vulnerability VCID-931v-ukcc-6qaa
11
vulnerability VCID-9pd6-v7d1-9qem
12
vulnerability VCID-9rs4-uvph-3yh7
13
vulnerability VCID-aqt5-2ffy-9bgs
14
vulnerability VCID-au6q-ek7r-8bgr
15
vulnerability VCID-b7zx-ywwc-57d9
16
vulnerability VCID-bb5y-kjej-bbfm
17
vulnerability VCID-bdgg-edbf-xfav
18
vulnerability VCID-btm9-vxvc-3qhv
19
vulnerability VCID-c5hc-3jtx-k3a6
20
vulnerability VCID-c675-5njd-63hk
21
vulnerability VCID-cbe5-hhz8-bqbn
22
vulnerability VCID-cscf-sb71-jybq
23
vulnerability VCID-esap-nkps-cfg9
24
vulnerability VCID-fmwc-nmhh-ryaf
25
vulnerability VCID-fq5y-b9yq-nbee
26
vulnerability VCID-hbte-dsw2-y7ad
27
vulnerability VCID-j6r7-ypa1-zybv
28
vulnerability VCID-jabw-thzt-63bb
29
vulnerability VCID-jb1b-9gr2-suez
30
vulnerability VCID-jdjf-3w9k-xbaw
31
vulnerability VCID-k2ks-3t6e-uqgu
32
vulnerability VCID-khz4-1uav-cqgg
33
vulnerability VCID-m8p8-5n65-qyhy
34
vulnerability VCID-msu4-5h99-2yaq
35
vulnerability VCID-n66u-b73u-zucb
36
vulnerability VCID-nbwy-fdv2-uydt
37
vulnerability VCID-p5f7-uu6r-8bez
38
vulnerability VCID-pxaf-6qxa-77h9
39
vulnerability VCID-qwmj-ez4q-7qex
40
vulnerability VCID-r86j-zujn-f7ez
41
vulnerability VCID-rcdg-j23x-xfbn
42
vulnerability VCID-rw58-bnwt-2bam
43
vulnerability VCID-scpg-5hcj-5yd3
44
vulnerability VCID-skrs-cynm-r7du
45
vulnerability VCID-t559-a5u6-4ke1
46
vulnerability VCID-u4tn-85je-n7gt
47
vulnerability VCID-u5qg-vszr-9ye2
48
vulnerability VCID-ue7s-pn8b-vydz
49
vulnerability VCID-uhqf-tsxe-ayc2
50
vulnerability VCID-uhxq-9bzs-u3fd
51
vulnerability VCID-uvhz-uspt-7ygz
52
vulnerability VCID-uy1m-av2n-jybt
53
vulnerability VCID-va7d-ktp2-m7et
54
vulnerability VCID-w42s-4aps-y3c5
55
vulnerability VCID-waer-as81-8fed
56
vulnerability VCID-xh97-4sn5-vyfw
57
vulnerability VCID-xwdc-hndy-yubc
58
vulnerability VCID-xwru-y5m9-gucd
59
vulnerability VCID-zmh1-wmct-uyf7
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@3.0.5-1
1
url pkg:deb/debian/trafficserver@6.2.0-1~bpo8%2B1
purl pkg:deb/debian/trafficserver@6.2.0-1~bpo8%2B1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-41x7-hv4u-byb9
1
vulnerability VCID-4men-293s-3bhn
2
vulnerability VCID-4wwn-74ac-p7dp
3
vulnerability VCID-568b-s8ks-vfa6
4
vulnerability VCID-5781-s1ny-q7ey
5
vulnerability VCID-6bwv-cd3d-mudb
6
vulnerability VCID-73aa-rk27-tye1
7
vulnerability VCID-7nhc-5p2x-t3cj
8
vulnerability VCID-8aev-nmwa-fkcg
9
vulnerability VCID-931v-ukcc-6qaa
10
vulnerability VCID-aqt5-2ffy-9bgs
11
vulnerability VCID-au6q-ek7r-8bgr
12
vulnerability VCID-b7zx-ywwc-57d9
13
vulnerability VCID-bb5y-kjej-bbfm
14
vulnerability VCID-bdgg-edbf-xfav
15
vulnerability VCID-btm9-vxvc-3qhv
16
vulnerability VCID-c5hc-3jtx-k3a6
17
vulnerability VCID-c675-5njd-63hk
18
vulnerability VCID-cbe5-hhz8-bqbn
19
vulnerability VCID-cscf-sb71-jybq
20
vulnerability VCID-esap-nkps-cfg9
21
vulnerability VCID-fmwc-nmhh-ryaf
22
vulnerability VCID-fq5y-b9yq-nbee
23
vulnerability VCID-hbte-dsw2-y7ad
24
vulnerability VCID-j6r7-ypa1-zybv
25
vulnerability VCID-jabw-thzt-63bb
26
vulnerability VCID-jb1b-9gr2-suez
27
vulnerability VCID-jdjf-3w9k-xbaw
28
vulnerability VCID-k2ks-3t6e-uqgu
29
vulnerability VCID-m8p8-5n65-qyhy
30
vulnerability VCID-msu4-5h99-2yaq
31
vulnerability VCID-n66u-b73u-zucb
32
vulnerability VCID-nbwy-fdv2-uydt
33
vulnerability VCID-p5f7-uu6r-8bez
34
vulnerability VCID-pxaf-6qxa-77h9
35
vulnerability VCID-qwmj-ez4q-7qex
36
vulnerability VCID-r86j-zujn-f7ez
37
vulnerability VCID-rcdg-j23x-xfbn
38
vulnerability VCID-rw58-bnwt-2bam
39
vulnerability VCID-scpg-5hcj-5yd3
40
vulnerability VCID-skrs-cynm-r7du
41
vulnerability VCID-t559-a5u6-4ke1
42
vulnerability VCID-u5qg-vszr-9ye2
43
vulnerability VCID-ue7s-pn8b-vydz
44
vulnerability VCID-uhqf-tsxe-ayc2
45
vulnerability VCID-uhxq-9bzs-u3fd
46
vulnerability VCID-uy1m-av2n-jybt
47
vulnerability VCID-va7d-ktp2-m7et
48
vulnerability VCID-w42s-4aps-y3c5
49
vulnerability VCID-waer-as81-8fed
50
vulnerability VCID-xh97-4sn5-vyfw
51
vulnerability VCID-xwdc-hndy-yubc
52
vulnerability VCID-xwru-y5m9-gucd
53
vulnerability VCID-zmh1-wmct-uyf7
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@6.2.0-1~bpo8%252B1
2
url pkg:deb/debian/trafficserver@7.0.0-4~bpo8%2B1
purl pkg:deb/debian/trafficserver@7.0.0-4~bpo8%2B1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-41x7-hv4u-byb9
1
vulnerability VCID-4men-293s-3bhn
2
vulnerability VCID-4wwn-74ac-p7dp
3
vulnerability VCID-568b-s8ks-vfa6
4
vulnerability VCID-5781-s1ny-q7ey
5
vulnerability VCID-6bwv-cd3d-mudb
6
vulnerability VCID-73aa-rk27-tye1
7
vulnerability VCID-7nhc-5p2x-t3cj
8
vulnerability VCID-931v-ukcc-6qaa
9
vulnerability VCID-aqt5-2ffy-9bgs
10
vulnerability VCID-au6q-ek7r-8bgr
11
vulnerability VCID-b7zx-ywwc-57d9
12
vulnerability VCID-bb5y-kjej-bbfm
13
vulnerability VCID-bdgg-edbf-xfav
14
vulnerability VCID-btm9-vxvc-3qhv
15
vulnerability VCID-c5hc-3jtx-k3a6
16
vulnerability VCID-c675-5njd-63hk
17
vulnerability VCID-cbe5-hhz8-bqbn
18
vulnerability VCID-cscf-sb71-jybq
19
vulnerability VCID-esap-nkps-cfg9
20
vulnerability VCID-fmwc-nmhh-ryaf
21
vulnerability VCID-fq5y-b9yq-nbee
22
vulnerability VCID-hbte-dsw2-y7ad
23
vulnerability VCID-j6r7-ypa1-zybv
24
vulnerability VCID-jabw-thzt-63bb
25
vulnerability VCID-jb1b-9gr2-suez
26
vulnerability VCID-jdjf-3w9k-xbaw
27
vulnerability VCID-k2ks-3t6e-uqgu
28
vulnerability VCID-msu4-5h99-2yaq
29
vulnerability VCID-n66u-b73u-zucb
30
vulnerability VCID-nbwy-fdv2-uydt
31
vulnerability VCID-p5f7-uu6r-8bez
32
vulnerability VCID-pxaf-6qxa-77h9
33
vulnerability VCID-qwmj-ez4q-7qex
34
vulnerability VCID-r86j-zujn-f7ez
35
vulnerability VCID-rcdg-j23x-xfbn
36
vulnerability VCID-rw58-bnwt-2bam
37
vulnerability VCID-skrs-cynm-r7du
38
vulnerability VCID-t559-a5u6-4ke1
39
vulnerability VCID-u5qg-vszr-9ye2
40
vulnerability VCID-ue7s-pn8b-vydz
41
vulnerability VCID-uhqf-tsxe-ayc2
42
vulnerability VCID-uhxq-9bzs-u3fd
43
vulnerability VCID-uy1m-av2n-jybt
44
vulnerability VCID-va7d-ktp2-m7et
45
vulnerability VCID-w42s-4aps-y3c5
46
vulnerability VCID-waer-as81-8fed
47
vulnerability VCID-xh97-4sn5-vyfw
48
vulnerability VCID-xwdc-hndy-yubc
49
vulnerability VCID-xwru-y5m9-gucd
50
vulnerability VCID-zmh1-wmct-uyf7
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@7.0.0-4~bpo8%252B1
3
url pkg:deb/debian/trafficserver@8.0.2%2Bds-1%2Bdeb10u6
purl pkg:deb/debian/trafficserver@8.0.2%2Bds-1%2Bdeb10u6
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-41x7-hv4u-byb9
1
vulnerability VCID-4men-293s-3bhn
2
vulnerability VCID-4wwn-74ac-p7dp
3
vulnerability VCID-568b-s8ks-vfa6
4
vulnerability VCID-5781-s1ny-q7ey
5
vulnerability VCID-6bwv-cd3d-mudb
6
vulnerability VCID-73aa-rk27-tye1
7
vulnerability VCID-7nhc-5p2x-t3cj
8
vulnerability VCID-931v-ukcc-6qaa
9
vulnerability VCID-aqt5-2ffy-9bgs
10
vulnerability VCID-b7zx-ywwc-57d9
11
vulnerability VCID-bb5y-kjej-bbfm
12
vulnerability VCID-bdgg-edbf-xfav
13
vulnerability VCID-btm9-vxvc-3qhv
14
vulnerability VCID-c5hc-3jtx-k3a6
15
vulnerability VCID-c675-5njd-63hk
16
vulnerability VCID-cbe5-hhz8-bqbn
17
vulnerability VCID-cscf-sb71-jybq
18
vulnerability VCID-esap-nkps-cfg9
19
vulnerability VCID-fmwc-nmhh-ryaf
20
vulnerability VCID-fq5y-b9yq-nbee
21
vulnerability VCID-hbte-dsw2-y7ad
22
vulnerability VCID-j6r7-ypa1-zybv
23
vulnerability VCID-jabw-thzt-63bb
24
vulnerability VCID-jb1b-9gr2-suez
25
vulnerability VCID-jdjf-3w9k-xbaw
26
vulnerability VCID-k2ks-3t6e-uqgu
27
vulnerability VCID-n66u-b73u-zucb
28
vulnerability VCID-p5f7-uu6r-8bez
29
vulnerability VCID-pxaf-6qxa-77h9
30
vulnerability VCID-rcdg-j23x-xfbn
31
vulnerability VCID-rw58-bnwt-2bam
32
vulnerability VCID-skrs-cynm-r7du
33
vulnerability VCID-t559-a5u6-4ke1
34
vulnerability VCID-u5qg-vszr-9ye2
35
vulnerability VCID-uhqf-tsxe-ayc2
36
vulnerability VCID-uhxq-9bzs-u3fd
37
vulnerability VCID-uy1m-av2n-jybt
38
vulnerability VCID-w42s-4aps-y3c5
39
vulnerability VCID-waer-as81-8fed
40
vulnerability VCID-xh97-4sn5-vyfw
41
vulnerability VCID-xwdc-hndy-yubc
42
vulnerability VCID-xwru-y5m9-gucd
43
vulnerability VCID-zmh1-wmct-uyf7
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@8.0.2%252Bds-1%252Bdeb10u6
4
url pkg:deb/debian/trafficserver@8.1.10%2Bds-1~deb11u1
purl pkg:deb/debian/trafficserver@8.1.10%2Bds-1~deb11u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-4738-xk8n-hbac
1
vulnerability VCID-4hs3-be7k-9qe7
2
vulnerability VCID-4uhe-mtbx-nfdu
3
vulnerability VCID-5e1r-3jec-tkhp
4
vulnerability VCID-c62p-6ghw-j3dv
5
vulnerability VCID-eay7-63um-43e9
6
vulnerability VCID-esap-nkps-cfg9
7
vulnerability VCID-jabw-thzt-63bb
8
vulnerability VCID-jb1b-9gr2-suez
9
vulnerability VCID-kjah-am9e-xkev
10
vulnerability VCID-rcdg-j23x-xfbn
11
vulnerability VCID-rw58-bnwt-2bam
12
vulnerability VCID-tevw-8dcp-yfh6
13
vulnerability VCID-ww3t-p3pq-gkhy
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@8.1.10%252Bds-1~deb11u1
References
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2024-35296
reference_id
reference_type
scores
0
value 0.00121
scoring_system epss
scoring_elements 0.30689
published_at 2026-05-14T12:55:00Z
1
value 0.00121
scoring_system epss
scoring_elements 0.30623
published_at 2026-05-12T12:55:00Z
2
value 0.00121
scoring_system epss
scoring_elements 0.3068
published_at 2026-05-09T12:55:00Z
3
value 0.00121
scoring_system epss
scoring_elements 0.30601
published_at 2026-05-11T12:55:00Z
4
value 0.00123
scoring_system epss
scoring_elements 0.31464
published_at 2026-04-08T12:55:00Z
5
value 0.00123
scoring_system epss
scoring_elements 0.31494
published_at 2026-04-09T12:55:00Z
6
value 0.00123
scoring_system epss
scoring_elements 0.31499
published_at 2026-04-11T12:55:00Z
7
value 0.00123
scoring_system epss
scoring_elements 0.31457
published_at 2026-04-12T12:55:00Z
8
value 0.00123
scoring_system epss
scoring_elements 0.31419
published_at 2026-04-13T12:55:00Z
9
value 0.00123
scoring_system epss
scoring_elements 0.31453
published_at 2026-04-16T12:55:00Z
10
value 0.00123
scoring_system epss
scoring_elements 0.31401
published_at 2026-04-21T12:55:00Z
11
value 0.00123
scoring_system epss
scoring_elements 0.31228
published_at 2026-04-24T12:55:00Z
12
value 0.00123
scoring_system epss
scoring_elements 0.31104
published_at 2026-04-26T12:55:00Z
13
value 0.00123
scoring_system epss
scoring_elements 0.31025
published_at 2026-04-29T12:55:00Z
14
value 0.00123
scoring_system epss
scoring_elements 0.30874
published_at 2026-05-05T12:55:00Z
15
value 0.00123
scoring_system epss
scoring_elements 0.30944
published_at 2026-05-07T12:55:00Z
16
value 0.00123
scoring_system epss
scoring_elements 0.31432
published_at 2026-04-18T12:55:00Z
17
value 0.00123
scoring_system epss
scoring_elements 0.31553
published_at 2026-04-02T12:55:00Z
18
value 0.00123
scoring_system epss
scoring_elements 0.31595
published_at 2026-04-04T12:55:00Z
19
value 0.00123
scoring_system epss
scoring_elements 0.31411
published_at 2026-04-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2024-35296
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-35296
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-35296
2
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1077141
reference_id 1077141
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1077141
3
reference_url https://lists.apache.org/thread/c4mcmpblgl8kkmyt56t23543gp8v56m0
reference_id c4mcmpblgl8kkmyt56t23543gp8v56m0
reference_type
scores
0
value 8.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:L
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-26T14:01:18Z/
url https://lists.apache.org/thread/c4mcmpblgl8kkmyt56t23543gp8v56m0
Weaknesses
0
cwe_id 20
name Improper Input Validation
description The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.
Exploits
Severity_range_score8.2 - 8.2
Exploitability0.5
Weighted_severity7.4
Risk_score3.7
Resource_urlhttp://public2.vulnerablecode.io/vulnerabilities/VCID-esap-nkps-cfg9