Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:apk/alpine/openvpn@2.4.9-r0?arch=loongarch64&distroversion=v3.21&reponame=main
Typeapk
Namespacealpine
Nameopenvpn
Version2.4.9-r0
Qualifiers
arch loongarch64
distroversion v3.21
reponame main
Subpath
Is_vulnerablefalse
Next_non_vulnerable_version2.5.2-r0
Latest_non_vulnerable_version2.6.16-r0
Affected_by_vulnerabilities
Fixing_vulnerabilities
0
url VCID-69y7-qv5p-gqar
vulnerability_id VCID-69y7-qv5p-gqar
summary An issue was discovered in OpenVPN 2.4.x before 2.4.9. An attacker can inject a data channel v2 (P_DATA_V2) packet using a victim's peer-id. Normally such packets are dropped, but if this packet arrives before the data channel crypto parameters have been initialized, the victim's connection will be dropped. This requires careful timing due to the small time window (usually within a few seconds) between the victim client connection starting and the server PUSH_REPLY response back to the client. This attack will only work if Negotiable Cipher Parameters (NCP) is in use.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-11810
reference_id
reference_type
scores
0
value 0.02358
scoring_system epss
scoring_elements 0.84945
published_at 2026-04-18T12:55:00Z
1
value 0.02358
scoring_system epss
scoring_elements 0.84944
published_at 2026-04-16T12:55:00Z
2
value 0.02358
scoring_system epss
scoring_elements 0.84845
published_at 2026-04-01T12:55:00Z
3
value 0.02358
scoring_system epss
scoring_elements 0.84861
published_at 2026-04-02T12:55:00Z
4
value 0.02358
scoring_system epss
scoring_elements 0.84879
published_at 2026-04-04T12:55:00Z
5
value 0.02358
scoring_system epss
scoring_elements 0.84881
published_at 2026-04-07T12:55:00Z
6
value 0.02358
scoring_system epss
scoring_elements 0.84904
published_at 2026-04-08T12:55:00Z
7
value 0.02358
scoring_system epss
scoring_elements 0.84911
published_at 2026-04-09T12:55:00Z
8
value 0.02358
scoring_system epss
scoring_elements 0.84929
published_at 2026-04-11T12:55:00Z
9
value 0.02358
scoring_system epss
scoring_elements 0.84928
published_at 2026-04-12T12:55:00Z
10
value 0.02358
scoring_system epss
scoring_elements 0.84922
published_at 2026-04-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-11810
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11810
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11810
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 3.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://security.archlinux.org/ASA-202004-16
reference_id ASA-202004-16
reference_type
scores
url https://security.archlinux.org/ASA-202004-16
4
reference_url https://security.archlinux.org/AVG-1135
reference_id AVG-1135
reference_type
scores
0
value Medium
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-1135
5
reference_url https://usn.ubuntu.com/4933-1/
reference_id USN-4933-1
reference_type
scores
url https://usn.ubuntu.com/4933-1/
fixed_packages
0
url pkg:apk/alpine/openvpn@2.4.9-r0?arch=loongarch64&distroversion=v3.21&reponame=main
purl pkg:apk/alpine/openvpn@2.4.9-r0?arch=loongarch64&distroversion=v3.21&reponame=main
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/openvpn@2.4.9-r0%3Farch=loongarch64&distroversion=v3.21&reponame=main
aliases CVE-2020-11810
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-69y7-qv5p-gqar
Risk_scorenull
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:apk/alpine/openvpn@2.4.9-r0%3Farch=loongarch64&distroversion=v3.21&reponame=main