Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:conan/botan@2.18.1
Typeconan
Namespace
Namebotan
Version2.18.1
Qualifiers
Subpath
Is_vulnerabletrue
Next_non_vulnerable_versionnull
Latest_non_vulnerable_versionnull
Affected_by_vulnerabilities
0
url VCID-xffg-w6fz-yqfj
vulnerability_id VCID-xffg-w6fz-yqfj
summary 
Use of a Broken or Risky Cryptographic Algorithm
The ElGamal implementation in Botan, as used in Thunderbird and other products, allows plaintext recovery because, during interaction between two cryptographic libraries, a certain dangerous combination of the prime defined by the receiver's public key, the generator defined by the receiver's public key, and the sender's ephemeral exponents can lead to a cross-configuration attack against OpenPGP.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-40529
reference_id
reference_type
scores
0
value 0.003
scoring_system epss
scoring_elements 0.53363
published_at 2026-04-16T12:55:00Z
1
value 0.003
scoring_system epss
scoring_elements 0.53242
published_at 2026-04-01T12:55:00Z
2
value 0.003
scoring_system epss
scoring_elements 0.53265
published_at 2026-04-02T12:55:00Z
3
value 0.003
scoring_system epss
scoring_elements 0.53291
published_at 2026-04-04T12:55:00Z
4
value 0.003
scoring_system epss
scoring_elements 0.5326
published_at 2026-04-07T12:55:00Z
5
value 0.003
scoring_system epss
scoring_elements 0.53312
published_at 2026-04-08T12:55:00Z
6
value 0.003
scoring_system epss
scoring_elements 0.53307
published_at 2026-04-09T12:55:00Z
7
value 0.003
scoring_system epss
scoring_elements 0.53357
published_at 2026-04-11T12:55:00Z
8
value 0.003
scoring_system epss
scoring_elements 0.53341
published_at 2026-04-12T12:55:00Z
9
value 0.003
scoring_system epss
scoring_elements 0.53325
published_at 2026-04-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-40529
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-40529
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-40529
2
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=993840
reference_id 993840
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=993840
3
reference_url https://security.archlinux.org/AVG-2362
reference_id AVG-2362
reference_type
scores
0
value Medium
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-2362
4
reference_url https://nvd.nist.gov/vuln/detail/CVE-2021-40529
reference_id CVE-2021-40529
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2021-40529
5
reference_url https://security.gentoo.org/glsa/202208-14
reference_id GLSA-202208-14
reference_type
scores
url https://security.gentoo.org/glsa/202208-14
fixed_packages
0
url pkg:conan/botan@2.18.2
purl pkg:conan/botan@2.18.2
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:conan/botan@2.18.2
aliases CVE-2021-40529
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-xffg-w6fz-yqfj
Fixing_vulnerabilities
Risk_score3.1
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:conan/botan@2.18.1