Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:pypi/rsa@3.3
Typepypi
Namespace
Namersa
Version3.3
Qualifiers
Subpath
Is_vulnerabletrue
Next_non_vulnerable_version4.7
Latest_non_vulnerable_version4.7
Affected_by_vulnerabilities
0
url VCID-f4rp-ce4j-xkd3
vulnerability_id VCID-f4rp-ce4j-xkd3
summary Python-RSA before 4.1 ignores leading '\0' bytes during decryption of ciphertext. This could conceivably have a security-relevant impact, e.g., by helping an attacker to infer that an application uses Python-RSA, or if the length of accepted ciphertext affects application behavior (such as by causing excessive memory allocation).
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-13757.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-13757.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-13757
reference_id
reference_type
scores
0
value 0.00098
scoring_system epss
scoring_elements 0.26905
published_at 2026-04-24T12:55:00Z
1
value 0.00098
scoring_system epss
scoring_elements 0.26951
published_at 2026-04-21T12:55:00Z
2
value 0.00098
scoring_system epss
scoring_elements 0.27014
published_at 2026-04-16T12:55:00Z
3
value 0.00098
scoring_system epss
scoring_elements 0.27004
published_at 2026-04-13T12:55:00Z
4
value 0.00098
scoring_system epss
scoring_elements 0.27061
published_at 2026-04-12T12:55:00Z
5
value 0.00098
scoring_system epss
scoring_elements 0.27105
published_at 2026-04-11T12:55:00Z
6
value 0.00098
scoring_system epss
scoring_elements 0.27102
published_at 2026-04-09T12:55:00Z
7
value 0.00098
scoring_system epss
scoring_elements 0.27056
published_at 2026-04-08T12:55:00Z
8
value 0.00098
scoring_system epss
scoring_elements 0.26988
published_at 2026-04-18T12:55:00Z
9
value 0.00098
scoring_system epss
scoring_elements 0.27195
published_at 2026-04-04T12:55:00Z
10
value 0.00098
scoring_system epss
scoring_elements 0.27159
published_at 2026-04-02T12:55:00Z
11
value 0.00098
scoring_system epss
scoring_elements 0.27118
published_at 2026-04-01T12:55:00Z
12
value 0.00107
scoring_system epss
scoring_elements 0.28561
published_at 2026-04-29T12:55:00Z
13
value 0.00107
scoring_system epss
scoring_elements 0.2863
published_at 2026-04-26T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-13757
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13757
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13757
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://github.com/advisories/GHSA-537h-rv9q-vvph
reference_id
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-537h-rv9q-vvph
5
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/rsa/PYSEC-2020-99.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/rsa/PYSEC-2020-99.yaml
6
reference_url https://github.com/sybrenstuvel/python-rsa
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/sybrenstuvel/python-rsa
7
reference_url https://github.com/sybrenstuvel/python-rsa/issues/146
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/sybrenstuvel/python-rsa/issues/146
8
reference_url https://github.com/sybrenstuvel/python-rsa/issues/146#issuecomment-641845667
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/sybrenstuvel/python-rsa/issues/146#issuecomment-641845667
9
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2KILTHBHNSDUCYV22ODLOKTICJJ7JQIQ
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2KILTHBHNSDUCYV22ODLOKTICJJ7JQIQ
10
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2KILTHBHNSDUCYV22ODLOKTICJJ7JQIQ/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2KILTHBHNSDUCYV22ODLOKTICJJ7JQIQ/
11
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZYB65VNILRBTXL6EITQTH2PZPK7I23MW
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZYB65VNILRBTXL6EITQTH2PZPK7I23MW
12
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZYB65VNILRBTXL6EITQTH2PZPK7I23MW/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZYB65VNILRBTXL6EITQTH2PZPK7I23MW/
13
reference_url https://nvd.nist.gov/vuln/detail/CVE-2020-13757
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2020-13757
14
reference_url https://usn.ubuntu.com/4478-1
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://usn.ubuntu.com/4478-1
15
reference_url https://usn.ubuntu.com/4478-1/
reference_id
reference_type
scores
url https://usn.ubuntu.com/4478-1/
16
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1848507
reference_id 1848507
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1848507
17
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=962142
reference_id 962142
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=962142
18
reference_url https://access.redhat.com/errata/RHSA-2020:3453
reference_id RHSA-2020:3453
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:3453
19
reference_url https://access.redhat.com/errata/RHSA-2020:3541
reference_id RHSA-2020:3541
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:3541
20
reference_url https://usn.ubuntu.com/USN-4478-2/
reference_id USN-USN-4478-2
reference_type
scores
url https://usn.ubuntu.com/USN-4478-2/
fixed_packages
0
url pkg:pypi/rsa@4.1
purl pkg:pypi/rsa@4.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-jeu8-p6h8-8ffx
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/rsa@4.1
aliases CVE-2020-13757, GHSA-537h-rv9q-vvph, PYSEC-2020-99
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-f4rp-ce4j-xkd3
1
url VCID-jeu8-p6h8-8ffx
vulnerability_id VCID-jeu8-p6h8-8ffx
summary It was found that python-rsa is vulnerable to Bleichenbacher timing attacks. An attacker can use this flaw via the RSA decryption API to decrypt parts of the cipher text encrypted with RSA.
references
0
reference_url https://access.redhat.com/errata/RHSA-2020:5634
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value 8.2
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2020:5634
1
reference_url https://access.redhat.com/errata/RHSA-2021:0637
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value 8.2
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2021:0637
2
reference_url https://access.redhat.com/errata/RHSA-2022:1716
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value 8.2
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2022:1716
3
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-25658.json
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-25658.json
4
reference_url https://access.redhat.com/security/cve/CVE-2020-25658
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value 8.2
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/security/cve/CVE-2020-25658
5
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-25658
reference_id
reference_type
scores
0
value 0.00144
scoring_system epss
scoring_elements 0.34696
published_at 2026-04-16T12:55:00Z
1
value 0.00144
scoring_system epss
scoring_elements 0.34303
published_at 2026-04-29T12:55:00Z
2
value 0.00144
scoring_system epss
scoring_elements 0.34681
published_at 2026-04-18T12:55:00Z
3
value 0.00144
scoring_system epss
scoring_elements 0.34641
published_at 2026-04-21T12:55:00Z
4
value 0.00144
scoring_system epss
scoring_elements 0.34407
published_at 2026-04-24T12:55:00Z
5
value 0.00144
scoring_system epss
scoring_elements 0.34388
published_at 2026-04-26T12:55:00Z
6
value 0.00255
scoring_system epss
scoring_elements 0.48884
published_at 2026-04-13T12:55:00Z
7
value 0.00255
scoring_system epss
scoring_elements 0.48876
published_at 2026-04-12T12:55:00Z
8
value 0.00255
scoring_system epss
scoring_elements 0.48901
published_at 2026-04-11T12:55:00Z
9
value 0.00255
scoring_system epss
scoring_elements 0.48888
published_at 2026-04-08T12:55:00Z
10
value 0.00255
scoring_system epss
scoring_elements 0.48833
published_at 2026-04-07T12:55:00Z
11
value 0.00255
scoring_system epss
scoring_elements 0.4888
published_at 2026-04-04T12:55:00Z
12
value 0.00255
scoring_system epss
scoring_elements 0.48854
published_at 2026-04-02T12:55:00Z
13
value 0.00255
scoring_system epss
scoring_elements 0.48818
published_at 2026-04-01T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-25658
6
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1889972
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value 8.2
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://bugzilla.redhat.com/show_bug.cgi?id=1889972
7
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-25658
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value 8.2
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-25658
8
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25658
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25658
9
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
10
reference_url https://github.com/advisories/GHSA-xrx6-fmxq-rjj2
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
2
value 8.2
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
3
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/advisories/GHSA-xrx6-fmxq-rjj2
11
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/rsa/PYSEC-2020-100.yaml
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value 8.2
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/rsa/PYSEC-2020-100.yaml
12
reference_url https://github.com/sybrenstuvel/python-rsa
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value 8.2
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/sybrenstuvel/python-rsa
13
reference_url https://github.com/sybrenstuvel/python-rsa/commit/dae8ce0d85478e16f2368b2341632775313d41ed
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value 8.2
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/sybrenstuvel/python-rsa/commit/dae8ce0d85478e16f2368b2341632775313d41ed
14
reference_url https://github.com/sybrenstuvel/python-rsa/issues/165
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value 8.2
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/sybrenstuvel/python-rsa/issues/165
15
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2SAF67KDGSOHLVFTRDOHNEAFDRSSYIWA
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value 8.2
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2SAF67KDGSOHLVFTRDOHNEAFDRSSYIWA
16
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/APF364QJ2IYLPDNVFBOEJ24QP2WLVLJP
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value 8.2
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/APF364QJ2IYLPDNVFBOEJ24QP2WLVLJP
17
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QY4PJWTYSOV7ZEYZVMYIF6XRU73CY6O7
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value 8.2
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QY4PJWTYSOV7ZEYZVMYIF6XRU73CY6O7
18
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2SAF67KDGSOHLVFTRDOHNEAFDRSSYIWA
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value 8.2
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2SAF67KDGSOHLVFTRDOHNEAFDRSSYIWA
19
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/APF364QJ2IYLPDNVFBOEJ24QP2WLVLJP
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value 8.2
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/APF364QJ2IYLPDNVFBOEJ24QP2WLVLJP
20
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QY4PJWTYSOV7ZEYZVMYIF6XRU73CY6O7
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value 8.2
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QY4PJWTYSOV7ZEYZVMYIF6XRU73CY6O7
21
reference_url https://nvd.nist.gov/vuln/detail/CVE-2020-25658
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value 8.2
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2020-25658
22
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=974685
reference_id 974685
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=974685
fixed_packages
0
url pkg:pypi/rsa@4.7
purl pkg:pypi/rsa@4.7
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/rsa@4.7
aliases CVE-2020-25658, GHSA-xrx6-fmxq-rjj2, PYSEC-2020-100
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-jeu8-p6h8-8ffx
Fixing_vulnerabilities
0
url VCID-nqxh-d5pz-tuc1
vulnerability_id VCID-nqxh-d5pz-tuc1
summary The verify function in the RSA package for Python (Python-RSA) before 3.3 allows attackers to spoof signatures with a small public exponent via crafted signature padding, aka a BERserk attack.
references
0
reference_url http://lists.fedoraproject.org/pipermail/package-announce/2016-January/175897.html
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://lists.fedoraproject.org/pipermail/package-announce/2016-January/175897.html
1
reference_url http://lists.fedoraproject.org/pipermail/package-announce/2016-January/175942.html
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://lists.fedoraproject.org/pipermail/package-announce/2016-January/175942.html
2
reference_url http://lists.opensuse.org/opensuse-updates/2016-01/msg00032.html
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://lists.opensuse.org/opensuse-updates/2016-01/msg00032.html
3
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-1494
reference_id
reference_type
scores
0
value 0.05091
scoring_system epss
scoring_elements 0.89821
published_at 2026-04-21T12:55:00Z
1
value 0.05091
scoring_system epss
scoring_elements 0.89822
published_at 2026-04-11T12:55:00Z
2
value 0.05091
scoring_system epss
scoring_elements 0.89774
published_at 2026-04-02T12:55:00Z
3
value 0.05091
scoring_system epss
scoring_elements 0.89835
published_at 2026-04-29T12:55:00Z
4
value 0.05091
scoring_system epss
scoring_elements 0.89836
published_at 2026-04-26T12:55:00Z
5
value 0.05091
scoring_system epss
scoring_elements 0.89828
published_at 2026-04-18T12:55:00Z
6
value 0.05091
scoring_system epss
scoring_elements 0.89827
published_at 2026-04-16T12:55:00Z
7
value 0.05091
scoring_system epss
scoring_elements 0.89813
published_at 2026-04-13T12:55:00Z
8
value 0.05091
scoring_system epss
scoring_elements 0.89816
published_at 2026-04-09T12:55:00Z
9
value 0.05091
scoring_system epss
scoring_elements 0.8981
published_at 2026-04-08T12:55:00Z
10
value 0.05091
scoring_system epss
scoring_elements 0.89792
published_at 2026-04-07T12:55:00Z
11
value 0.05091
scoring_system epss
scoring_elements 0.89789
published_at 2026-04-04T12:55:00Z
12
value 0.05091
scoring_system epss
scoring_elements 0.89771
published_at 2026-04-01T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-1494
4
reference_url https://bitbucket.org/sybren/python-rsa/pull-requests/14/security-fix-bb06-attack-in-verify-by/diff
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://bitbucket.org/sybren/python-rsa/pull-requests/14/security-fix-bb06-attack-in-verify-by/diff
5
reference_url https://blog.filippo.io/bleichenbacher-06-signature-forgery-in-python-rsa
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://blog.filippo.io/bleichenbacher-06-signature-forgery-in-python-rsa
6
reference_url https://blog.filippo.io/bleichenbacher-06-signature-forgery-in-python-rsa/
reference_id
reference_type
scores
url https://blog.filippo.io/bleichenbacher-06-signature-forgery-in-python-rsa/
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1494
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1494
8
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.8
scoring_system cvssv2
scoring_elements AV:N/AC:M/Au:N/C:P/I:P/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
9
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/rsa/PYSEC-2016-10.yaml
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/rsa/PYSEC-2016-10.yaml
10
reference_url https://github.com/sybrenstuvel/python-rsa
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/sybrenstuvel/python-rsa
11
reference_url https://github.com/sybrenstuvel/python-rsa/commit/ab5d21c3b554f926d51ff3ad9c794bcf32e95b3c
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/sybrenstuvel/python-rsa/commit/ab5d21c3b554f926d51ff3ad9c794bcf32e95b3c
12
reference_url https://web.archive.org/web/20210123020914/http://www.securityfocus.com/bid/79829
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20210123020914/http://www.securityfocus.com/bid/79829
13
reference_url http://www.openwall.com/lists/oss-security/2016/01/05/1
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2016/01/05/1
14
reference_url http://www.openwall.com/lists/oss-security/2016/01/05/3
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2016/01/05/3
15
reference_url http://www.securityfocus.com/bid/79829
reference_id
reference_type
scores
url http://www.securityfocus.com/bid/79829
16
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=809980
reference_id 809980
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=809980
17
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:rsa:*:*:*:*:*:python:*:*
reference_id cpe:2.3:a:python:rsa:*:*:*:*:*:python:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:rsa:*:*:*:*:*:python:*:*
18
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:22:*:*:*:*:*:*:*
reference_id cpe:2.3:o:fedoraproject:fedora:22:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:22:*:*:*:*:*:*:*
19
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:23:*:*:*:*:*:*:*
reference_id cpe:2.3:o:fedoraproject:fedora:23:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:23:*:*:*:*:*:*:*
20
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*
reference_id cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*
21
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*
reference_id cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*
22
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*
reference_id cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*
23
reference_url https://nvd.nist.gov/vuln/detail/CVE-2016-1494
reference_id CVE-2016-1494
reference_type
scores
0
value 5.0
scoring_system cvssv2
scoring_elements AV:N/AC:L/Au:N/C:N/I:P/A:N
1
value 5.3
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
2
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
3
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2016-1494
24
reference_url https://github.com/advisories/GHSA-8rjr-6qq5-pj9p
reference_id GHSA-8rjr-6qq5-pj9p
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-8rjr-6qq5-pj9p
fixed_packages
0
url pkg:pypi/rsa@3.3
purl pkg:pypi/rsa@3.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-f4rp-ce4j-xkd3
1
vulnerability VCID-jeu8-p6h8-8ffx
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/rsa@3.3
aliases CVE-2016-1494, GHSA-8rjr-6qq5-pj9p, PYSEC-2016-10
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-nqxh-d5pz-tuc1
Risk_score4.0
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:pypi/rsa@3.3