Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:deb/debian/keystone@2:27.0.0-3%2Bdeb13u1
Typedeb
Namespacedebian
Namekeystone
Version2:27.0.0-3+deb13u1
Qualifiers
Subpath
Is_vulnerabletrue
Next_non_vulnerable_version2:29.0.1-1
Latest_non_vulnerable_version2:29.0.1-1
Affected_by_vulnerabilities
0
url VCID-6wj2-abbb-xqf6
vulnerability_id VCID-6wj2-abbb-xqf6
summary
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-33551.json
reference_id
reference_type
scores
0
value 3.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:N/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-33551.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-33551
reference_id
reference_type
scores
0
value 0.0002
scoring_system epss
scoring_elements 0.05506
published_at 2026-04-11T12:55:00Z
1
value 0.0002
scoring_system epss
scoring_elements 0.05486
published_at 2026-04-13T12:55:00Z
2
value 0.0002
scoring_system epss
scoring_elements 0.05493
published_at 2026-04-12T12:55:00Z
3
value 0.00023
scoring_system epss
scoring_elements 0.06264
published_at 2026-04-21T12:55:00Z
4
value 0.00023
scoring_system epss
scoring_elements 0.06101
published_at 2026-04-16T12:55:00Z
5
value 0.00023
scoring_system epss
scoring_elements 0.06112
published_at 2026-04-18T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-33551
2
reference_url https://bugs.launchpad.net/keystone/+bug/2142138
reference_id
reference_type
scores
0
value 3.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:N/I:L/A:N
1
value LOW
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-10T13:50:09Z/
url https://bugs.launchpad.net/keystone/+bug/2142138
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-33551
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-33551
4
reference_url https://github.com/openstack/keystone
reference_id
reference_type
scores
0
value 3.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:N/I:L/A:N
1
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/openstack/keystone
5
reference_url https://nvd.nist.gov/vuln/detail/CVE-2026-33551
reference_id
reference_type
scores
0
value 3.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:N/I:L/A:N
1
value LOW
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2026-33551
6
reference_url https://security.openstack.org/ossa/OSSA-2026-005.html
reference_id
reference_type
scores
0
value 3.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:N/I:L/A:N
1
value LOW
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-10T13:50:09Z/
url https://security.openstack.org/ossa/OSSA-2026-005.html
7
reference_url http://www.openwall.com/lists/oss-security/2026/04/07/12
reference_id
reference_type
scores
0
value 3.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:N/I:L/A:N
1
value LOW
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2026/04/07/12
8
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1133118
reference_id 1133118
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1133118
9
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2451037
reference_id 2451037
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2451037
10
reference_url https://github.com/advisories/GHSA-4phw-6824-6cfp
reference_id GHSA-4phw-6824-6cfp
reference_type
scores
0
value LOW
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-4phw-6824-6cfp
fixed_packages
0
url pkg:deb/debian/keystone@2:29.0.0-2
purl pkg:deb/debian/keystone@2:29.0.0-2
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/keystone@2:29.0.0-2
1
url pkg:deb/debian/keystone@2:29.0.0-3
purl pkg:deb/debian/keystone@2:29.0.0-3
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/keystone@2:29.0.0-3
2
url pkg:deb/debian/keystone@2:29.0.1-1
purl pkg:deb/debian/keystone@2:29.0.1-1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/keystone@2:29.0.1-1
aliases CVE-2026-33551, GHSA-4phw-6824-6cfp
risk_score 1.6
exploitability 0.5
weighted_severity 3.1
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-6wj2-abbb-xqf6
Fixing_vulnerabilities
0
url VCID-93vc-hgec-nfe6
vulnerability_id VCID-93vc-hgec-nfe6
summary 
Openstack Keystone Incorrect Authorization vulnerability
A flaw was found in openstack-keystone, only the first 72 characters of an application secret are verified allowing attackers bypass some password complexity which administrators may be counting on. The highest threat from this vulnerability is to data confidentiality and integrity. A [patch](https://opendev.org/openstack/keystone/commit/7859ed26003858ebfd9a5e866b43f1a6a9e83dca) is available.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3563.json
reference_id
reference_type
scores
0
value 7.4
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3563.json
1
reference_url https://access.redhat.com/security/cve/CVE-2021-3563
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/security/cve/CVE-2021-3563
2
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-3563
reference_id
reference_type
scores
0
value 0.00056
scoring_system epss
scoring_elements 0.17584
published_at 2026-04-16T12:55:00Z
1
value 0.00056
scoring_system epss
scoring_elements 0.17628
published_at 2026-04-21T12:55:00Z
2
value 0.00056
scoring_system epss
scoring_elements 0.17689
published_at 2026-04-12T12:55:00Z
3
value 0.00056
scoring_system epss
scoring_elements 0.17735
published_at 2026-04-11T12:55:00Z
4
value 0.00056
scoring_system epss
scoring_elements 0.17717
published_at 2026-04-09T12:55:00Z
5
value 0.00056
scoring_system epss
scoring_elements 0.17656
published_at 2026-04-08T12:55:00Z
6
value 0.00056
scoring_system epss
scoring_elements 0.17566
published_at 2026-04-07T12:55:00Z
7
value 0.00056
scoring_system epss
scoring_elements 0.17866
published_at 2026-04-04T12:55:00Z
8
value 0.00056
scoring_system epss
scoring_elements 0.17812
published_at 2026-04-02T12:55:00Z
9
value 0.00056
scoring_system epss
scoring_elements 0.1765
published_at 2026-04-01T12:55:00Z
10
value 0.00056
scoring_system epss
scoring_elements 0.17593
published_at 2026-04-18T12:55:00Z
11
value 0.00056
scoring_system epss
scoring_elements 0.17638
published_at 2026-04-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-3563
3
reference_url https://bugs.launchpad.net/ossa/+bug/1901891
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://bugs.launchpad.net/ossa/+bug/1901891
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1962908
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://bugzilla.redhat.com/show_bug.cgi?id=1962908
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3563
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3563
6
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
7
reference_url https://lists.debian.org/debian-lts-announce/2024/01/msg00007.html
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://lists.debian.org/debian-lts-announce/2024/01/msg00007.html
8
reference_url https://nvd.nist.gov/vuln/detail/CVE-2021-3563
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2021-3563
9
reference_url https://opendev.org/openstack/keystone
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://opendev.org/openstack/keystone
10
reference_url https://opendev.org/openstack/keystone/commit/7859ed26003858ebfd9a5e866b43f1a6a9e83dca
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://opendev.org/openstack/keystone/commit/7859ed26003858ebfd9a5e866b43f1a6a9e83dca
11
reference_url https://review.opendev.org/c/openstack/keystone/+/803641
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://review.opendev.org/c/openstack/keystone/+/803641
12
reference_url https://review.opendev.org/c/openstack/keystone/+/828595
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://review.opendev.org/c/openstack/keystone/+/828595
13
reference_url https://review.opendev.org/c/openstack/keystone/+/856489
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://review.opendev.org/c/openstack/keystone/+/856489
14
reference_url https://security-tracker.debian.org/tracker/CVE-2021-3563
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://security-tracker.debian.org/tracker/CVE-2021-3563
15
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=989998
reference_id 989998
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=989998
16
reference_url https://security.archlinux.org/AVG-1979
reference_id AVG-1979
reference_type
scores
0
value Medium
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-1979
17
reference_url https://github.com/advisories/GHSA-cc99-whm5-mmq3
reference_id GHSA-cc99-whm5-mmq3
reference_type
scores
0
value CRITICAL
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-cc99-whm5-mmq3
18
reference_url https://usn.ubuntu.com/7926-1/
reference_id USN-7926-1
reference_type
scores
url https://usn.ubuntu.com/7926-1/
fixed_packages
0
url pkg:deb/debian/keystone@2:27.0.0-3%2Bdeb13u1
purl pkg:deb/debian/keystone@2:27.0.0-3%2Bdeb13u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-6wj2-abbb-xqf6
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/keystone@2:27.0.0-3%252Bdeb13u1
aliases CVE-2021-3563, GHSA-cc99-whm5-mmq3
risk_score 4.5
exploitability 0.5
weighted_severity 9.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-93vc-hgec-nfe6
Risk_score1.6
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:deb/debian/keystone@2:27.0.0-3%252Bdeb13u1