Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:apk/alpine/mbedtls@2.16.3-r0?arch=x86&distroversion=v3.17&reponame=main
Typeapk
Namespacealpine
Namembedtls
Version2.16.3-r0
Qualifiers
arch x86
distroversion v3.17
reponame main
Subpath
Is_vulnerablefalse
Next_non_vulnerable_version2.16.4-r0
Latest_non_vulnerable_version2.28.9-r0
Affected_by_vulnerabilities
Fixing_vulnerabilities
0
url VCID-ydp2-phc9-m7b1
vulnerability_id VCID-ydp2-phc9-m7b1
summary Arm Mbed TLS before 2.19.0 and Arm Mbed Crypto before 2.0.0, when deterministic ECDSA is enabled, use an RNG with insufficient entropy for blinding, which might allow an attacker to recover a private key via side-channel attacks if a victim signs the same message many times. (For Mbed TLS, the fix is also available in versions 2.7.12 and 2.16.3.)
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2019-16910
reference_id
reference_type
scores
0
value 0.00925
scoring_system epss
scoring_elements 0.76061
published_at 2026-04-18T12:55:00Z
1
value 0.00925
scoring_system epss
scoring_elements 0.76058
published_at 2026-04-16T12:55:00Z
2
value 0.00925
scoring_system epss
scoring_elements 0.75959
published_at 2026-04-01T12:55:00Z
3
value 0.00925
scoring_system epss
scoring_elements 0.75962
published_at 2026-04-02T12:55:00Z
4
value 0.00925
scoring_system epss
scoring_elements 0.75994
published_at 2026-04-04T12:55:00Z
5
value 0.00925
scoring_system epss
scoring_elements 0.75974
published_at 2026-04-07T12:55:00Z
6
value 0.00925
scoring_system epss
scoring_elements 0.76006
published_at 2026-04-08T12:55:00Z
7
value 0.00925
scoring_system epss
scoring_elements 0.76021
published_at 2026-04-09T12:55:00Z
8
value 0.00925
scoring_system epss
scoring_elements 0.76046
published_at 2026-04-11T12:55:00Z
9
value 0.00925
scoring_system epss
scoring_elements 0.76023
published_at 2026-04-12T12:55:00Z
10
value 0.00925
scoring_system epss
scoring_elements 0.76018
published_at 2026-04-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2019-16910
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16910
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16910
2
reference_url https://github.com/ARMmbed/mbedtls/commit/298a43a77ec0ed2c19a8c924ddd8571ef3e65dfd
reference_id
reference_type
scores
url https://github.com/ARMmbed/mbedtls/commit/298a43a77ec0ed2c19a8c924ddd8571ef3e65dfd
3
reference_url https://github.com/ARMmbed/mbedtls/commit/33f66ba6fd234114aa37f0209dac031bb2870a9b
reference_id
reference_type
scores
url https://github.com/ARMmbed/mbedtls/commit/33f66ba6fd234114aa37f0209dac031bb2870a9b
4
reference_url https://lists.debian.org/debian-lts-announce/2022/12/msg00036.html
reference_id
reference_type
scores
url https://lists.debian.org/debian-lts-announce/2022/12/msg00036.html
5
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CGSKQSGR5SOBRBXDSSPTCDSBB5K3GMPF/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CGSKQSGR5SOBRBXDSSPTCDSBB5K3GMPF/
6
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CSFFOROD6IVLADZHNJC2LPDV7FQRP7XB/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CSFFOROD6IVLADZHNJC2LPDV7FQRP7XB/
7
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PEHHH2DOBXB25CAU3Q6E66X723VAYTB5/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PEHHH2DOBXB25CAU3Q6E66X723VAYTB5/
8
reference_url https://tls.mbed.org/tech-updates/security-advisories/mbedtls-security-advisory-2019-10
reference_id
reference_type
scores
url https://tls.mbed.org/tech-updates/security-advisories/mbedtls-security-advisory-2019-10
9
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=941265
reference_id 941265
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=941265
10
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:arm:mbed_crypto:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:arm:mbed_crypto:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:arm:mbed_crypto:*:*:*:*:*:*:*:*
11
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:arm:mbed_tls:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:arm:mbed_tls:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:arm:mbed_tls:*:*:*:*:*:*:*:*
12
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*
13
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*
reference_id cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*
14
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*
reference_id cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*
15
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*
reference_id cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*
16
reference_url https://nvd.nist.gov/vuln/detail/CVE-2019-16910
reference_id CVE-2019-16910
reference_type
scores
0
value 2.6
scoring_system cvssv2
scoring_elements AV:N/AC:H/Au:N/C:P/I:N/A:N
1
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N
url https://nvd.nist.gov/vuln/detail/CVE-2019-16910
fixed_packages
0
url pkg:apk/alpine/mbedtls@2.16.3-r0?arch=x86&distroversion=v3.17&reponame=main
purl pkg:apk/alpine/mbedtls@2.16.3-r0?arch=x86&distroversion=v3.17&reponame=main
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/mbedtls@2.16.3-r0%3Farch=x86&distroversion=v3.17&reponame=main
aliases CVE-2019-16910
risk_score 2.4
exploitability 0.5
weighted_severity 4.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ydp2-phc9-m7b1
Risk_scorenull
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:apk/alpine/mbedtls@2.16.3-r0%3Farch=x86&distroversion=v3.17&reponame=main