Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:pypi/eventlet@0.23.0
Typepypi
Namespace
Nameeventlet
Version0.23.0
Qualifiers
Subpath
Is_vulnerabletrue
Next_non_vulnerable_version0.40.3
Latest_non_vulnerable_version0.40.3
Affected_by_vulnerabilities
0
url VCID-7493-kzzq-27dw
vulnerability_id VCID-7493-kzzq-27dw
summary 
Potential DoS via the Tudoor mechanism in eventlet and dnspython
eventlet before 0.35.2, as used in dnspython before 2.6.0, allows remote attackers to interfere with DNS name resolution by quickly sending an invalid packet from the expected IP address and source port, aka a "TuDoor" attack. In other words, dnspython does not have the preferred behavior in which the DNS name resolution algorithm would proceed, within the full time window, in order to wait for a valid packet. NOTE: dnspython 2.6.0 is unusable for a different reason that was addressed in 2.6.1.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-29483.json
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-29483.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2023-29483
reference_id
reference_type
scores
0
value 0.04954
scoring_system epss
scoring_elements 0.89671
published_at 2026-04-18T12:55:00Z
1
value 0.04954
scoring_system epss
scoring_elements 0.8967
published_at 2026-04-16T12:55:00Z
2
value 0.04954
scoring_system epss
scoring_elements 0.89655
published_at 2026-04-13T12:55:00Z
3
value 0.04954
scoring_system epss
scoring_elements 0.89661
published_at 2026-04-12T12:55:00Z
4
value 0.04954
scoring_system epss
scoring_elements 0.89663
published_at 2026-04-11T12:55:00Z
5
value 0.04954
scoring_system epss
scoring_elements 0.89656
published_at 2026-04-09T12:55:00Z
6
value 0.04954
scoring_system epss
scoring_elements 0.8965
published_at 2026-04-08T12:55:00Z
7
value 0.04954
scoring_system epss
scoring_elements 0.89633
published_at 2026-04-07T12:55:00Z
8
value 0.04954
scoring_system epss
scoring_elements 0.89619
published_at 2026-04-02T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2023-29483
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29483
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29483
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://github.com/eventlet/eventlet
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/eventlet/eventlet
5
reference_url https://github.com/eventlet/eventlet/commit/51e3c4928d4938beb576eff34f3bf97e6e64e6b4
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/eventlet/eventlet/commit/51e3c4928d4938beb576eff34f3bf97e6e64e6b4
6
reference_url https://github.com/eventlet/eventlet/issues/913
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:H
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-11T17:34:51Z/
url https://github.com/eventlet/eventlet/issues/913
7
reference_url https://github.com/eventlet/eventlet/releases/tag/v0.35.2
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:H
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-11T17:34:51Z/
url https://github.com/eventlet/eventlet/releases/tag/v0.35.2
8
reference_url https://github.com/rthalley/dnspython/commit/0ea5ad0a4583e1f519b9bcc67cfac381230d9cf2
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/rthalley/dnspython/commit/0ea5ad0a4583e1f519b9bcc67cfac381230d9cf2
9
reference_url https://github.com/rthalley/dnspython/issues/1045
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:H
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-11T17:34:51Z/
url https://github.com/rthalley/dnspython/issues/1045
10
reference_url https://github.com/rthalley/dnspython/releases/tag/v2.6.0
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:H
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-11T17:34:51Z/
url https://github.com/rthalley/dnspython/releases/tag/v2.6.0
11
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NLRKR57IFVKQC2GCXZBFLCLBAWBWL3F6
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NLRKR57IFVKQC2GCXZBFLCLBAWBWL3F6
12
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VOHJOO3OM65UIUUUVDEXMCTXNM6LXZEH
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VOHJOO3OM65UIUUUVDEXMCTXNM6LXZEH
13
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X3BNSIK5NFYSAP53Y45GOCMOQHHDLGIF
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X3BNSIK5NFYSAP53Y45GOCMOQHHDLGIF
14
reference_url https://nvd.nist.gov/vuln/detail/CVE-2023-29483
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2023-29483
15
reference_url https://security.netapp.com/advisory/ntap-20240510-0001
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://security.netapp.com/advisory/ntap-20240510-0001
16
reference_url https://security.snyk.io/vuln/SNYK-PYTHON-DNSPYTHON-6241713
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:H
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-11T17:34:51Z/
url https://security.snyk.io/vuln/SNYK-PYTHON-DNSPYTHON-6241713
17
reference_url https://www.dnspython.org
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.dnspython.org
18
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2274520
reference_id 2274520
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2274520
19
reference_url https://github.com/advisories/GHSA-3rq5-2g8h-59hc
reference_id GHSA-3rq5-2g8h-59hc
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-3rq5-2g8h-59hc
20
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NLRKR57IFVKQC2GCXZBFLCLBAWBWL3F6/
reference_id NLRKR57IFVKQC2GCXZBFLCLBAWBWL3F6
reference_type
scores
0
value 7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-11T17:34:51Z/
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NLRKR57IFVKQC2GCXZBFLCLBAWBWL3F6/
21
reference_url https://security.netapp.com/advisory/ntap-20240510-0001/
reference_id ntap-20240510-0001
reference_type
scores
0
value 7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-11T17:34:51Z/
url https://security.netapp.com/advisory/ntap-20240510-0001/
22
reference_url https://access.redhat.com/errata/RHSA-2024:3275
reference_id RHSA-2024:3275
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:3275
23
reference_url https://access.redhat.com/errata/RHSA-2024:3483
reference_id RHSA-2024:3483
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:3483
24
reference_url https://access.redhat.com/errata/RHSA-2024:4846
reference_id RHSA-2024:4846
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:4846
25
reference_url https://access.redhat.com/errata/RHSA-2024:9423
reference_id RHSA-2024:9423
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:9423
26
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VOHJOO3OM65UIUUUVDEXMCTXNM6LXZEH/
reference_id VOHJOO3OM65UIUUUVDEXMCTXNM6LXZEH
reference_type
scores
0
value 7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-11T17:34:51Z/
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VOHJOO3OM65UIUUUVDEXMCTXNM6LXZEH/
27
reference_url https://www.dnspython.org/
reference_id www.dnspython.org
reference_type
scores
0
value 7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-11T17:34:51Z/
url https://www.dnspython.org/
28
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X3BNSIK5NFYSAP53Y45GOCMOQHHDLGIF/
reference_id X3BNSIK5NFYSAP53Y45GOCMOQHHDLGIF
reference_type
scores
0
value 7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-11T17:34:51Z/
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X3BNSIK5NFYSAP53Y45GOCMOQHHDLGIF/
fixed_packages
0
url pkg:pypi/eventlet@0.35.2
purl pkg:pypi/eventlet@0.35.2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-bnye-3p23-zyc9
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/eventlet@0.35.2
aliases CVE-2023-29483, GHSA-3rq5-2g8h-59hc
risk_score 3.1
exploitability 0.5
weighted_severity 6.3
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-7493-kzzq-27dw
1
url VCID-bnye-3p23-zyc9
vulnerability_id VCID-bnye-3p23-zyc9
summary 
Eventlet affected by HTTP request smuggling in unparsed trailers
### Impact
The Eventlet WSGI parser is vulnerable to HTTP Request Smuggling due to improper handling of HTTP trailer sections.

This vulnerability could enable attackers to:
- Bypass front-end security controls
- Launch targeted attacks against active site users
- Poison web caches

### Patches
Problem has been patched in eventlet 0.40.3.

The patch just drops trailers. If a backend behind eventlet.wsgi proxy requires trailers, then this patch BREAKS your setup.

### Workarounds
Do not use eventlet.wsgi facing untrusted clients.

### References
- Patch https://github.com/eventlet/eventlet/pull/1062
- This issue is similar to https://github.com/advisories/GHSA-9548-qrrj-x5pj
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-58068.json
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-58068.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-58068
reference_id
reference_type
scores
0
value 0.00059
scoring_system epss
scoring_elements 0.1839
published_at 2026-04-18T12:55:00Z
1
value 0.00059
scoring_system epss
scoring_elements 0.18378
published_at 2026-04-16T12:55:00Z
2
value 0.00059
scoring_system epss
scoring_elements 0.18434
published_at 2026-04-13T12:55:00Z
3
value 0.00059
scoring_system epss
scoring_elements 0.18485
published_at 2026-04-12T12:55:00Z
4
value 0.00059
scoring_system epss
scoring_elements 0.18533
published_at 2026-04-11T12:55:00Z
5
value 0.00059
scoring_system epss
scoring_elements 0.18532
published_at 2026-04-09T12:55:00Z
6
value 0.00059
scoring_system epss
scoring_elements 0.18479
published_at 2026-04-08T12:55:00Z
7
value 0.00059
scoring_system epss
scoring_elements 0.18398
published_at 2026-04-07T12:55:00Z
8
value 0.00059
scoring_system epss
scoring_elements 0.18683
published_at 2026-04-04T12:55:00Z
9
value 0.00062
scoring_system epss
scoring_elements 0.19415
published_at 2026-04-02T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-58068
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-58068
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-58068
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://github.com/eventlet/eventlet
reference_id
reference_type
scores
0
value 6.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/eventlet/eventlet
5
reference_url https://github.com/eventlet/eventlet/commit/0bfebd1117d392559e25b4bfbfcc941754de88fb
reference_id
reference_type
scores
0
value 6.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-09-02T13:49:48Z/
url https://github.com/eventlet/eventlet/commit/0bfebd1117d392559e25b4bfbfcc941754de88fb
6
reference_url https://github.com/eventlet/eventlet/pull/1062
reference_id
reference_type
scores
0
value 6.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-09-02T13:49:48Z/
url https://github.com/eventlet/eventlet/pull/1062
7
reference_url https://github.com/eventlet/eventlet/security/advisories/GHSA-hw6f-rjfj-j7j7
reference_id
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
1
value 6.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-09-02T13:49:48Z/
url https://github.com/eventlet/eventlet/security/advisories/GHSA-hw6f-rjfj-j7j7
8
reference_url https://lists.debian.org/debian-lts-announce/2025/09/msg00003.html
reference_id
reference_type
scores
0
value 6.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.debian.org/debian-lts-announce/2025/09/msg00003.html
9
reference_url https://nvd.nist.gov/vuln/detail/CVE-2025-58068
reference_id
reference_type
scores
0
value 6.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2025-58068
10
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1112515
reference_id 1112515
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1112515
11
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2391958
reference_id 2391958
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2391958
12
reference_url https://github.com/advisories/GHSA-hw6f-rjfj-j7j7
reference_id GHSA-hw6f-rjfj-j7j7
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-hw6f-rjfj-j7j7
13
reference_url https://access.redhat.com/errata/RHSA-2026:0663
reference_id RHSA-2026:0663
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:0663
14
reference_url https://access.redhat.com/errata/RHSA-2026:1062
reference_id RHSA-2026:1062
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1062
15
reference_url https://access.redhat.com/errata/RHSA-2026:1549
reference_id RHSA-2026:1549
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1549
16
reference_url https://access.redhat.com/errata/RHSA-2026:1552
reference_id RHSA-2026:1552
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1552
17
reference_url https://access.redhat.com/errata/RHSA-2026:1577
reference_id RHSA-2026:1577
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1577
18
reference_url https://access.redhat.com/errata/RHSA-2026:1959
reference_id RHSA-2026:1959
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1959
19
reference_url https://access.redhat.com/errata/RHSA-2026:2129
reference_id RHSA-2026:2129
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2129
20
reference_url https://access.redhat.com/errata/RHSA-2026:2661
reference_id RHSA-2026:2661
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2661
21
reference_url https://access.redhat.com/errata/RHSA-2026:2990
reference_id RHSA-2026:2990
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2990
22
reference_url https://access.redhat.com/errata/RHSA-2026:3422
reference_id RHSA-2026:3422
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3422
23
reference_url https://access.redhat.com/errata/RHSA-2026:3870
reference_id RHSA-2026:3870
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3870
24
reference_url https://usn.ubuntu.com/7772-1/
reference_id USN-7772-1
reference_type
scores
url https://usn.ubuntu.com/7772-1/
fixed_packages
0
url pkg:pypi/eventlet@0.40.3
purl pkg:pypi/eventlet@0.40.3
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/eventlet@0.40.3
aliases CVE-2025-58068, GHSA-hw6f-rjfj-j7j7
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-bnye-3p23-zyc9
2
url VCID-cgcf-st57-tkd1
vulnerability_id VCID-cgcf-st57-tkd1
summary Eventlet is a concurrent networking library for Python. A websocket peer may exhaust memory on Eventlet side by sending very large websocket frames. Malicious peer may exhaust memory on Eventlet side by sending highly compressed data frame. A patch in version 0.31.0 restricts websocket frame to reasonable limits. As a workaround, restricting memory usage via OS limits would help against overall machine exhaustion, but there is no workaround to protect Eventlet process.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-21419.json
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-21419.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-21419
reference_id
reference_type
scores
0
value 0.00097
scoring_system epss
scoring_elements 0.26716
published_at 2026-04-18T12:55:00Z
1
value 0.00097
scoring_system epss
scoring_elements 0.26744
published_at 2026-04-16T12:55:00Z
2
value 0.00097
scoring_system epss
scoring_elements 0.26736
published_at 2026-04-13T12:55:00Z
3
value 0.00097
scoring_system epss
scoring_elements 0.26793
published_at 2026-04-12T12:55:00Z
4
value 0.00097
scoring_system epss
scoring_elements 0.26838
published_at 2026-04-11T12:55:00Z
5
value 0.00097
scoring_system epss
scoring_elements 0.26835
published_at 2026-04-09T12:55:00Z
6
value 0.00097
scoring_system epss
scoring_elements 0.26786
published_at 2026-04-08T12:55:00Z
7
value 0.00097
scoring_system epss
scoring_elements 0.26717
published_at 2026-04-07T12:55:00Z
8
value 0.00097
scoring_system epss
scoring_elements 0.26929
published_at 2026-04-04T12:55:00Z
9
value 0.00097
scoring_system epss
scoring_elements 0.26854
published_at 2026-04-01T12:55:00Z
10
value 0.00097
scoring_system epss
scoring_elements 0.26895
published_at 2026-04-02T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-21419
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21419
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21419
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://github.com/eventlet/eventlet
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/eventlet/eventlet
5
reference_url https://github.com/eventlet/eventlet/commit/1412f5e4125b4313f815778a1acb4d3336efcd07
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/eventlet/eventlet/commit/1412f5e4125b4313f815778a1acb4d3336efcd07
6
reference_url https://github.com/eventlet/eventlet/security/advisories/GHSA-9p9m-jm8w-94p2
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
1
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
2
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
3
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/eventlet/eventlet/security/advisories/GHSA-9p9m-jm8w-94p2
7
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/eventlet/PYSEC-2021-12.yaml
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/eventlet/PYSEC-2021-12.yaml
8
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2WJFSBPLCNSZNHYQC4QDRDFRTEZRMD2L
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2WJFSBPLCNSZNHYQC4QDRDFRTEZRMD2L
9
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R5JZP4LZOSP7CUAM3GIRW6PIAWKH5VGB
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R5JZP4LZOSP7CUAM3GIRW6PIAWKH5VGB
10
reference_url https://nvd.nist.gov/vuln/detail/CVE-2021-21419
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2021-21419
11
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1958407
reference_id 1958407
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1958407
12
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=988342
reference_id 988342
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=988342
13
reference_url https://security.archlinux.org/AVG-1928
reference_id AVG-1928
reference_type
scores
0
value Medium
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-1928
14
reference_url https://github.com/advisories/GHSA-9p9m-jm8w-94p2
reference_id GHSA-9p9m-jm8w-94p2
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-9p9m-jm8w-94p2
15
reference_url https://access.redhat.com/errata/RHSA-2021:2437
reference_id RHSA-2021:2437
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:2437
16
reference_url https://access.redhat.com/errata/RHSA-2021:5071
reference_id RHSA-2021:5071
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:5071
17
reference_url https://usn.ubuntu.com/4956-1/
reference_id USN-4956-1
reference_type
scores
url https://usn.ubuntu.com/4956-1/
fixed_packages
0
url pkg:pypi/eventlet@0.31.0
purl pkg:pypi/eventlet@0.31.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-7493-kzzq-27dw
1
vulnerability VCID-bnye-3p23-zyc9
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/eventlet@0.31.0
aliases CVE-2021-21419, GHSA-9p9m-jm8w-94p2, PYSEC-2021-12
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-cgcf-st57-tkd1
Fixing_vulnerabilities
Risk_score3.1
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:pypi/eventlet@0.23.0