Django REST framework

Vulnerability Instance

Lookup for vulnerabilities affecting packages.

Vulnerability_idVCID-4738-xk8n-hbac
SummaryImproper Input Validation vulnerability in Apache Traffic Server. This issue affects Apache Traffic Server: from 8.0.0 through 8.1.11, from 9.0.0 through 9.2.8, from 10.0.0 through 10.0.3. Users are recommended to upgrade to version 9.2.9 or 10.0.4, which fixes the issue.
Aliases
0
alias CVE-2024-38311
Fixed_packages
0
url pkg:deb/debian/trafficserver@9.2.5%2Bds-0%2Bdeb12u2?distro=sid
purl pkg:deb/debian/trafficserver@9.2.5%2Bds-0%2Bdeb12u2?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@9.2.5%252Bds-0%252Bdeb12u2%3Fdistro=sid
1
url pkg:deb/debian/trafficserver@9.2.5%2Bds-0%2Bdeb12u3
purl pkg:deb/debian/trafficserver@9.2.5%2Bds-0%2Bdeb12u3
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@9.2.5%252Bds-0%252Bdeb12u3
2
url pkg:deb/debian/trafficserver@9.2.5%2Bds-0%2Bdeb12u3?distro=sid
purl pkg:deb/debian/trafficserver@9.2.5%2Bds-0%2Bdeb12u3?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@9.2.5%252Bds-0%252Bdeb12u3%3Fdistro=sid
Affected_packages
0
url pkg:deb/debian/trafficserver@8.1.10%2Bds-1~deb11u1
purl pkg:deb/debian/trafficserver@8.1.10%2Bds-1~deb11u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-4738-xk8n-hbac
1
vulnerability VCID-4hs3-be7k-9qe7
2
vulnerability VCID-4uhe-mtbx-nfdu
3
vulnerability VCID-5e1r-3jec-tkhp
4
vulnerability VCID-c62p-6ghw-j3dv
5
vulnerability VCID-eay7-63um-43e9
6
vulnerability VCID-esap-nkps-cfg9
7
vulnerability VCID-jabw-thzt-63bb
8
vulnerability VCID-jb1b-9gr2-suez
9
vulnerability VCID-kjah-am9e-xkev
10
vulnerability VCID-rcdg-j23x-xfbn
11
vulnerability VCID-rw58-bnwt-2bam
12
vulnerability VCID-tevw-8dcp-yfh6
13
vulnerability VCID-ww3t-p3pq-gkhy
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@8.1.10%252Bds-1~deb11u1
1
url pkg:deb/debian/trafficserver@8.1.10%2Bds-1~deb11u1?distro=sid
purl pkg:deb/debian/trafficserver@8.1.10%2Bds-1~deb11u1?distro=sid
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-4738-xk8n-hbac
1
vulnerability VCID-4hs3-be7k-9qe7
2
vulnerability VCID-4uhe-mtbx-nfdu
3
vulnerability VCID-5e1r-3jec-tkhp
4
vulnerability VCID-c62p-6ghw-j3dv
5
vulnerability VCID-eay7-63um-43e9
6
vulnerability VCID-kjah-am9e-xkev
7
vulnerability VCID-tevw-8dcp-yfh6
8
vulnerability VCID-ww3t-p3pq-gkhy
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@8.1.10%252Bds-1~deb11u1%3Fdistro=sid
2
url pkg:deb/debian/trafficserver@9.2.5%2Bds-1
purl pkg:deb/debian/trafficserver@9.2.5%2Bds-1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-4738-xk8n-hbac
1
vulnerability VCID-4hs3-be7k-9qe7
2
vulnerability VCID-4uhe-mtbx-nfdu
3
vulnerability VCID-5e1r-3jec-tkhp
4
vulnerability VCID-c62p-6ghw-j3dv
5
vulnerability VCID-eay7-63um-43e9
6
vulnerability VCID-jabw-thzt-63bb
7
vulnerability VCID-kjah-am9e-xkev
8
vulnerability VCID-rcdg-j23x-xfbn
9
vulnerability VCID-tevw-8dcp-yfh6
10
vulnerability VCID-ww3t-p3pq-gkhy
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@9.2.5%252Bds-1
3
url pkg:deb/debian/trafficserver@9.2.5%2Bds-1?distro=sid
purl pkg:deb/debian/trafficserver@9.2.5%2Bds-1?distro=sid
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-4738-xk8n-hbac
1
vulnerability VCID-4hs3-be7k-9qe7
2
vulnerability VCID-4uhe-mtbx-nfdu
3
vulnerability VCID-5e1r-3jec-tkhp
4
vulnerability VCID-c62p-6ghw-j3dv
5
vulnerability VCID-eay7-63um-43e9
6
vulnerability VCID-jabw-thzt-63bb
7
vulnerability VCID-kjah-am9e-xkev
8
vulnerability VCID-rcdg-j23x-xfbn
9
vulnerability VCID-tevw-8dcp-yfh6
10
vulnerability VCID-ww3t-p3pq-gkhy
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@9.2.5%252Bds-1%3Fdistro=sid
References
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2024-38311
reference_id
reference_type
scores
0
value 0.00082
scoring_system epss
scoring_elements 0.23914
published_at 2026-05-14T12:55:00Z
1
value 0.00082
scoring_system epss
scoring_elements 0.24026
published_at 2026-04-18T12:55:00Z
2
value 0.00082
scoring_system epss
scoring_elements 0.24008
published_at 2026-04-21T12:55:00Z
3
value 0.00082
scoring_system epss
scoring_elements 0.23881
published_at 2026-04-24T12:55:00Z
4
value 0.00082
scoring_system epss
scoring_elements 0.23867
published_at 2026-04-26T12:55:00Z
5
value 0.00082
scoring_system epss
scoring_elements 0.23825
published_at 2026-04-29T12:55:00Z
6
value 0.00082
scoring_system epss
scoring_elements 0.23705
published_at 2026-05-05T12:55:00Z
7
value 0.00082
scoring_system epss
scoring_elements 0.23789
published_at 2026-05-07T12:55:00Z
8
value 0.00082
scoring_system epss
scoring_elements 0.2386
published_at 2026-05-09T12:55:00Z
9
value 0.00082
scoring_system epss
scoring_elements 0.23805
published_at 2026-05-11T12:55:00Z
10
value 0.00082
scoring_system epss
scoring_elements 0.23824
published_at 2026-05-12T12:55:00Z
11
value 0.00082
scoring_system epss
scoring_elements 0.24039
published_at 2026-04-16T12:55:00Z
12
value 0.00274
scoring_system epss
scoring_elements 0.5085
published_at 2026-04-13T12:55:00Z
13
value 0.00745
scoring_system epss
scoring_elements 0.73
published_at 2026-04-02T12:55:00Z
14
value 0.00745
scoring_system epss
scoring_elements 0.7302
published_at 2026-04-04T12:55:00Z
15
value 0.00745
scoring_system epss
scoring_elements 0.72996
published_at 2026-04-07T12:55:00Z
16
value 0.00745
scoring_system epss
scoring_elements 0.73033
published_at 2026-04-08T12:55:00Z
17
value 0.00745
scoring_system epss
scoring_elements 0.73047
published_at 2026-04-09T12:55:00Z
18
value 0.00745
scoring_system epss
scoring_elements 0.73071
published_at 2026-04-11T12:55:00Z
19
value 0.00745
scoring_system epss
scoring_elements 0.7305
published_at 2026-04-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2024-38311
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-38311
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-38311
2
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1099691
reference_id 1099691
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1099691
3
reference_url https://lists.apache.org/thread/btofzws2yqskk2n7f01r3l1819x01023
reference_id btofzws2yqskk2n7f01r3l1819x01023
reference_type
scores
0
value 6.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-06T15:35:26Z/
url https://lists.apache.org/thread/btofzws2yqskk2n7f01r3l1819x01023
Weaknesses
0
cwe_id 20
name Improper Input Validation
description The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.
Exploits
Severity_range_score6.3 - 6.3
Exploitability0.5
Weighted_severity5.7
Risk_score2.9
Resource_urlhttp://public2.vulnerablecode.io/vulnerabilities/VCID-4738-xk8n-hbac