Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:deb/debian/ruby-net-ldap@0.16.1-1
Typedeb
Namespacedebian
Nameruby-net-ldap
Version0.16.1-1
Qualifiers
Subpath
Is_vulnerablefalse
Next_non_vulnerable_versionnull
Latest_non_vulnerable_versionnull
Affected_by_vulnerabilities
Fixing_vulnerabilities
0
url VCID-mv26-fzn6-vycf
vulnerability_id VCID-mv26-fzn6-vycf
summary 
No validation of hostname certificate
Net-ldap does not validate the hostname certificate. Ruby is relying on OpenSSL, and one common mistake made by users of OpenSSL is to assume that OpenSSL will validate the hostname in the server's certificate. did not perform hostname validation. and up contain support for hostname validation, but they still require the user to call a few functions to set it up.
references
0
reference_url http://openwall.com/lists/oss-security/2017/12/17/10
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://openwall.com/lists/oss-security/2017/12/17/10
1
reference_url http://ruby-doc.org/stdlib-1.9.3/libdoc/openssl/rdoc/OpenSSL/SSL.html#method-c-verify_certificate_identity
reference_id
reference_type
scores
url http://ruby-doc.org/stdlib-1.9.3/libdoc/openssl/rdoc/OpenSSL/SSL.html#method-c-verify_certificate_identity
2
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-17718.json
reference_id
reference_type
scores
0
value 4.8
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-17718.json
3
reference_url https://api.first.org/data/v1/epss?cve=CVE-2017-17718
reference_id
reference_type
scores
0
value 0.00172
scoring_system epss
scoring_elements 0.38478
published_at 2026-04-12T12:55:00Z
1
value 0.00172
scoring_system epss
scoring_elements 0.38515
published_at 2026-04-11T12:55:00Z
2
value 0.00172
scoring_system epss
scoring_elements 0.38501
published_at 2026-04-09T12:55:00Z
3
value 0.00172
scoring_system epss
scoring_elements 0.38492
published_at 2026-04-08T12:55:00Z
4
value 0.00172
scoring_system epss
scoring_elements 0.38441
published_at 2026-04-07T12:55:00Z
5
value 0.00172
scoring_system epss
scoring_elements 0.38578
published_at 2026-04-04T12:55:00Z
6
value 0.00172
scoring_system epss
scoring_elements 0.38417
published_at 2026-04-01T12:55:00Z
7
value 0.00172
scoring_system epss
scoring_elements 0.38554
published_at 2026-04-02T12:55:00Z
8
value 0.00172
scoring_system epss
scoring_elements 0.385
published_at 2026-04-16T12:55:00Z
9
value 0.00172
scoring_system epss
scoring_elements 0.38453
published_at 2026-04-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2017-17718
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17718
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17718
5
reference_url https://github.com/ruby-ldap/ruby-net-ldap
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/ruby-ldap/ruby-net-ldap
6
reference_url https://github.com/ruby-ldap/ruby-net-ldap/issues/258
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3
scoring_elements
1
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/ruby-ldap/ruby-net-ldap/issues/258
7
reference_url https://github.com/ruby-ldap/ruby-net-ldap/pull/279
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/ruby-ldap/ruby-net-ldap/pull/279
8
reference_url https://nvd.nist.gov/vuln/detail/CVE-2017-17718
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv2
scoring_elements AV:N/AC:M/Au:N/C:P/I:N/A:N
1
value 5.9
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
2
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
3
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2017-17718
9
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1527048
reference_id 1527048
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1527048
10
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=884693
reference_id 884693
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=884693
11
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:net-ldap_project:net-ldap:0.0.5:*:*:*:*:ruby:*:*
reference_id cpe:2.3:a:net-ldap_project:net-ldap:0.0.5:*:*:*:*:ruby:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:net-ldap_project:net-ldap:0.0.5:*:*:*:*:ruby:*:*
12
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:net-ldap_project:net-ldap:0.10.0:*:*:*:*:ruby:*:*
reference_id cpe:2.3:a:net-ldap_project:net-ldap:0.10.0:*:*:*:*:ruby:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:net-ldap_project:net-ldap:0.10.0:*:*:*:*:ruby:*:*
13
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:net-ldap_project:net-ldap:0.10.1:*:*:*:*:ruby:*:*
reference_id cpe:2.3:a:net-ldap_project:net-ldap:0.10.1:*:*:*:*:ruby:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:net-ldap_project:net-ldap:0.10.1:*:*:*:*:ruby:*:*
14
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:net-ldap_project:net-ldap:0.1.0:*:*:*:*:ruby:*:*
reference_id cpe:2.3:a:net-ldap_project:net-ldap:0.1.0:*:*:*:*:ruby:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:net-ldap_project:net-ldap:0.1.0:*:*:*:*:ruby:*:*
15
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:net-ldap_project:net-ldap:0.1.1:*:*:*:*:ruby:*:*
reference_id cpe:2.3:a:net-ldap_project:net-ldap:0.1.1:*:*:*:*:ruby:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:net-ldap_project:net-ldap:0.1.1:*:*:*:*:ruby:*:*
16
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:net-ldap_project:net-ldap:0.11:*:*:*:*:ruby:*:*
reference_id cpe:2.3:a:net-ldap_project:net-ldap:0.11:*:*:*:*:ruby:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:net-ldap_project:net-ldap:0.11:*:*:*:*:ruby:*:*
17
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:net-ldap_project:net-ldap:0.12.0:*:*:*:*:ruby:*:*
reference_id cpe:2.3:a:net-ldap_project:net-ldap:0.12.0:*:*:*:*:ruby:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:net-ldap_project:net-ldap:0.12.0:*:*:*:*:ruby:*:*
18
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:net-ldap_project:net-ldap:0.12.1:*:*:*:*:ruby:*:*
reference_id cpe:2.3:a:net-ldap_project:net-ldap:0.12.1:*:*:*:*:ruby:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:net-ldap_project:net-ldap:0.12.1:*:*:*:*:ruby:*:*
19
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:net-ldap_project:net-ldap:0.13.0:*:*:*:*:ruby:*:*
reference_id cpe:2.3:a:net-ldap_project:net-ldap:0.13.0:*:*:*:*:ruby:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:net-ldap_project:net-ldap:0.13.0:*:*:*:*:ruby:*:*
20
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:net-ldap_project:net-ldap:0.14.0:*:*:*:*:ruby:*:*
reference_id cpe:2.3:a:net-ldap_project:net-ldap:0.14.0:*:*:*:*:ruby:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:net-ldap_project:net-ldap:0.14.0:*:*:*:*:ruby:*:*
21
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:net-ldap_project:net-ldap:0.15.0:*:*:*:*:ruby:*:*
reference_id cpe:2.3:a:net-ldap_project:net-ldap:0.15.0:*:*:*:*:ruby:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:net-ldap_project:net-ldap:0.15.0:*:*:*:*:ruby:*:*
22
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:net-ldap_project:net-ldap:0.2.1:*:*:*:*:ruby:*:*
reference_id cpe:2.3:a:net-ldap_project:net-ldap:0.2.1:*:*:*:*:ruby:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:net-ldap_project:net-ldap:0.2.1:*:*:*:*:ruby:*:*
23
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:net-ldap_project:net-ldap:0.2.2:*:*:*:*:ruby:*:*
reference_id cpe:2.3:a:net-ldap_project:net-ldap:0.2.2:*:*:*:*:ruby:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:net-ldap_project:net-ldap:0.2.2:*:*:*:*:ruby:*:*
24
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:net-ldap_project:net-ldap:0.2:*:*:*:*:ruby:*:*
reference_id cpe:2.3:a:net-ldap_project:net-ldap:0.2:*:*:*:*:ruby:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:net-ldap_project:net-ldap:0.2:*:*:*:*:ruby:*:*
25
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:net-ldap_project:net-ldap:0.3.0:*:*:*:*:ruby:*:*
reference_id cpe:2.3:a:net-ldap_project:net-ldap:0.3.0:*:*:*:*:ruby:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:net-ldap_project:net-ldap:0.3.0:*:*:*:*:ruby:*:*
26
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:net-ldap_project:net-ldap:0.3.1:*:*:*:*:ruby:*:*
reference_id cpe:2.3:a:net-ldap_project:net-ldap:0.3.1:*:*:*:*:ruby:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:net-ldap_project:net-ldap:0.3.1:*:*:*:*:ruby:*:*
27
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:net-ldap_project:net-ldap:0.5.1:*:*:*:*:ruby:*:*
reference_id cpe:2.3:a:net-ldap_project:net-ldap:0.5.1:*:*:*:*:ruby:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:net-ldap_project:net-ldap:0.5.1:*:*:*:*:ruby:*:*
28
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:net-ldap_project:net-ldap:0.6.0:*:*:*:*:ruby:*:*
reference_id cpe:2.3:a:net-ldap_project:net-ldap:0.6.0:*:*:*:*:ruby:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:net-ldap_project:net-ldap:0.6.0:*:*:*:*:ruby:*:*
29
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:net-ldap_project:net-ldap:0.6.1:*:*:*:*:ruby:*:*
reference_id cpe:2.3:a:net-ldap_project:net-ldap:0.6.1:*:*:*:*:ruby:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:net-ldap_project:net-ldap:0.6.1:*:*:*:*:ruby:*:*
30
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:net-ldap_project:net-ldap:0.7.0:*:*:*:*:ruby:*:*
reference_id cpe:2.3:a:net-ldap_project:net-ldap:0.7.0:*:*:*:*:ruby:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:net-ldap_project:net-ldap:0.7.0:*:*:*:*:ruby:*:*
31
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:net-ldap_project:net-ldap:0.8.0:*:*:*:*:ruby:*:*
reference_id cpe:2.3:a:net-ldap_project:net-ldap:0.8.0:*:*:*:*:ruby:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:net-ldap_project:net-ldap:0.8.0:*:*:*:*:ruby:*:*
32
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:net-ldap_project:net-ldap:0.9.0:*:*:*:*:ruby:*:*
reference_id cpe:2.3:a:net-ldap_project:net-ldap:0.9.0:*:*:*:*:ruby:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:net-ldap_project:net-ldap:0.9.0:*:*:*:*:ruby:*:*
33
reference_url https://github.com/advisories/GHSA-m7p8-9w66-9frm
reference_id GHSA-m7p8-9w66-9frm
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-m7p8-9w66-9frm
34
reference_url https://access.redhat.com/errata/RHSA-2020:1454
reference_id RHSA-2020:1454
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:1454
fixed_packages
0
url pkg:deb/debian/ruby-net-ldap@0.16.1-1
purl pkg:deb/debian/ruby-net-ldap@0.16.1-1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/ruby-net-ldap@0.16.1-1
aliases CVE-2017-17718, GHSA-m7p8-9w66-9frm
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-mv26-fzn6-vycf
Risk_scorenull
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:deb/debian/ruby-net-ldap@0.16.1-1