Django REST framework

Vulnerability Instance

Lookup for vulnerabilities affecting packages.

Vulnerability_idVCID-st3k-s15t-8uf5
Summary
Aliases
0
alias CVE-2021-3660
Fixed_packages
0
url pkg:alpm/archlinux/cockpit@254-1
purl pkg:alpm/archlinux/cockpit@254-1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/cockpit@254-1
1
url pkg:deb/debian/cockpit@254-1?distro=trixie
purl pkg:deb/debian/cockpit@254-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/cockpit@254-1%3Fdistro=trixie
2
url pkg:deb/debian/cockpit@287.1-0%2Bdeb12u3
purl pkg:deb/debian/cockpit@287.1-0%2Bdeb12u3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-x83m-8w57-dfa3
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/cockpit@287.1-0%252Bdeb12u3
3
url pkg:deb/debian/cockpit@287.1-0%2Bdeb12u3?distro=trixie
purl pkg:deb/debian/cockpit@287.1-0%2Bdeb12u3?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-x83m-8w57-dfa3
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/cockpit@287.1-0%252Bdeb12u3%3Fdistro=trixie
4
url pkg:deb/debian/cockpit@337-1%2Bdeb13u1?distro=trixie
purl pkg:deb/debian/cockpit@337-1%2Bdeb13u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-x83m-8w57-dfa3
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/cockpit@337-1%252Bdeb13u1%3Fdistro=trixie
5
url pkg:deb/debian/cockpit@362-1?distro=trixie
purl pkg:deb/debian/cockpit@362-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/cockpit@362-1%3Fdistro=trixie
Affected_packages
0
url pkg:alpm/archlinux/cockpit@253-1
purl pkg:alpm/archlinux/cockpit@253-1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-st3k-s15t-8uf5
resource_url http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/cockpit@253-1
1
url pkg:deb/debian/cockpit@239-1?distro=trixie
purl pkg:deb/debian/cockpit@239-1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-753s-xekx-1feg
1
vulnerability VCID-st3k-s15t-8uf5
2
vulnerability VCID-u4tc-3vwv-vbdd
3
vulnerability VCID-x83m-8w57-dfa3
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/cockpit@239-1%3Fdistro=trixie
2
url pkg:deb/debian/cockpit@239-1
purl pkg:deb/debian/cockpit@239-1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-753s-xekx-1feg
1
vulnerability VCID-st3k-s15t-8uf5
2
vulnerability VCID-u4tc-3vwv-vbdd
3
vulnerability VCID-x83m-8w57-dfa3
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/cockpit@239-1
3
url pkg:rpm/redhat/cockpit@264.1-1?arch=el8
purl pkg:rpm/redhat/cockpit@264.1-1?arch=el8
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-st3k-s15t-8uf5
1
vulnerability VCID-u4tc-3vwv-vbdd
resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/cockpit@264.1-1%3Farch=el8
References
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3660.json
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3660.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-3660
reference_id
reference_type
scores
0
value 0.0027
scoring_system epss
scoring_elements 0.50748
published_at 2026-06-11T12:55:00Z
1
value 0.0027
scoring_system epss
scoring_elements 0.50882
published_at 2026-06-12T12:55:00Z
2
value 0.0027
scoring_system epss
scoring_elements 0.50898
published_at 2026-06-13T12:55:00Z
3
value 0.0027
scoring_system epss
scoring_elements 0.50886
published_at 2026-06-14T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-3660
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3660
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3660
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1980688
reference_id 1980688
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1980688
5
reference_url https://security.archlinux.org/AVG-2430
reference_id AVG-2430
reference_type
scores
0
value Medium
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-2430
6
reference_url https://access.redhat.com/errata/RHSA-2022:2008
reference_id RHSA-2022:2008
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:2008
Weaknesses
0
cwe_id 1021
name Improper Restriction of Rendered UI Layers or Frames
description The web application does not restrict or incorrectly restricts frame objects or UI layers that belong to another application or domain, which can lead to user confusion about which interface the user is interacting with.
Exploits
Severity_range_score4.0 - 6.9
Exploitability0.5
Weighted_severity6.2
Risk_score3.1
Resource_urlhttp://public2.vulnerablecode.io/vulnerabilities/VCID-st3k-s15t-8uf5