Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:apk/alpine/mbedtls@3.6.5-r0?arch=aarch64&distroversion=v3.23&reponame=main
Typeapk
Namespacealpine
Namembedtls
Version3.6.5-r0
Qualifiers
arch aarch64
distroversion v3.23
reponame main
Subpath
Is_vulnerablefalse
Next_non_vulnerable_version3.6.6-r0
Latest_non_vulnerable_version3.6.6-r0
Affected_by_vulnerabilities
Fixing_vulnerabilities
0
url VCID-pj6w-rufw-nqgd
vulnerability_id VCID-pj6w-rufw-nqgd
summary Mbed TLS before 3.6.5 allows a local timing attack against certain RSA operations, and direct calls to mbedtls_mpi_mod_inv or mbedtls_mpi_gcd.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-54764
reference_id
reference_type
scores
0
value 0.00015
scoring_system epss
scoring_elements 0.03308
published_at 2026-04-12T12:55:00Z
1
value 0.00015
scoring_system epss
scoring_elements 0.03287
published_at 2026-04-13T12:55:00Z
2
value 0.0002
scoring_system epss
scoring_elements 0.05503
published_at 2026-04-24T12:55:00Z
3
value 0.0002
scoring_system epss
scoring_elements 0.05307
published_at 2026-04-16T12:55:00Z
4
value 0.0002
scoring_system epss
scoring_elements 0.05308
published_at 2026-04-18T12:55:00Z
5
value 0.0002
scoring_system epss
scoring_elements 0.05464
published_at 2026-04-21T12:55:00Z
6
value 0.0002
scoring_system epss
scoring_elements 0.05303
published_at 2026-04-02T12:55:00Z
7
value 0.0002
scoring_system epss
scoring_elements 0.05334
published_at 2026-04-04T12:55:00Z
8
value 0.0002
scoring_system epss
scoring_elements 0.05356
published_at 2026-04-07T12:55:00Z
9
value 0.0002
scoring_system epss
scoring_elements 0.0539
published_at 2026-04-08T12:55:00Z
10
value 0.0002
scoring_system epss
scoring_elements 0.05412
published_at 2026-04-09T12:55:00Z
11
value 0.0002
scoring_system epss
scoring_elements 0.05381
published_at 2026-04-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-54764
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-54764
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-54764
2
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1118750
reference_id 1118750
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1118750
3
reference_url https://mbed-tls.readthedocs.io/en/latest/security-advisories/mbedtls-security-advisory-2025-10-ssbleed-mstep/
reference_id mbedtls-security-advisory-2025-10-ssbleed-mstep
reference_type
scores
0
value 6.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-21T13:52:18Z/
url https://mbed-tls.readthedocs.io/en/latest/security-advisories/mbedtls-security-advisory-2025-10-ssbleed-mstep/
4
reference_url https://mbed-tls.readthedocs.io/en/latest/tech-updates/security-advisories/
reference_id security-advisories
reference_type
scores
0
value 6.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-21T13:52:18Z/
url https://mbed-tls.readthedocs.io/en/latest/tech-updates/security-advisories/
fixed_packages
0
url pkg:apk/alpine/mbedtls@3.6.5-r0?arch=aarch64&distroversion=v3.23&reponame=main
purl pkg:apk/alpine/mbedtls@3.6.5-r0?arch=aarch64&distroversion=v3.23&reponame=main
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/mbedtls@3.6.5-r0%3Farch=aarch64&distroversion=v3.23&reponame=main
aliases CVE-2025-54764
risk_score 1.6
exploitability 0.5
weighted_severity 3.1
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-pj6w-rufw-nqgd
1
url VCID-vp4q-81cq-33cw
vulnerability_id VCID-vp4q-81cq-33cw
summary Mbed TLS through 3.6.4 has an Observable Timing Discrepancy.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-59438
reference_id
reference_type
scores
0
value 0.00033
scoring_system epss
scoring_elements 0.0944
published_at 2026-04-13T12:55:00Z
1
value 0.00033
scoring_system epss
scoring_elements 0.09457
published_at 2026-04-12T12:55:00Z
2
value 0.00042
scoring_system epss
scoring_elements 0.12938
published_at 2026-04-24T12:55:00Z
3
value 0.00042
scoring_system epss
scoring_elements 0.13047
published_at 2026-04-02T12:55:00Z
4
value 0.00042
scoring_system epss
scoring_elements 0.13032
published_at 2026-04-09T12:55:00Z
5
value 0.00042
scoring_system epss
scoring_elements 0.12994
published_at 2026-04-11T12:55:00Z
6
value 0.00042
scoring_system epss
scoring_elements 0.12812
published_at 2026-04-16T12:55:00Z
7
value 0.00042
scoring_system epss
scoring_elements 0.12815
published_at 2026-04-18T12:55:00Z
8
value 0.00042
scoring_system epss
scoring_elements 0.12913
published_at 2026-04-21T12:55:00Z
9
value 0.00042
scoring_system epss
scoring_elements 0.13099
published_at 2026-04-04T12:55:00Z
10
value 0.00042
scoring_system epss
scoring_elements 0.12902
published_at 2026-04-07T12:55:00Z
11
value 0.00042
scoring_system epss
scoring_elements 0.12981
published_at 2026-04-08T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-59438
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-59438
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-59438
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1118752
reference_id 1118752
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1118752
4
reference_url https://mbed-tls.readthedocs.io/en/latest/security-advisories/mbedtls-security-advisory-2025-10-invalid-padding-error/
reference_id mbedtls-security-advisory-2025-10-invalid-padding-error
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-21T16:06:28Z/
url https://mbed-tls.readthedocs.io/en/latest/security-advisories/mbedtls-security-advisory-2025-10-invalid-padding-error/
5
reference_url https://mbed-tls.readthedocs.io/en/latest/tech-updates/security-advisories/
reference_id security-advisories
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-21T16:06:28Z/
url https://mbed-tls.readthedocs.io/en/latest/tech-updates/security-advisories/
fixed_packages
0
url pkg:apk/alpine/mbedtls@3.6.5-r0?arch=aarch64&distroversion=v3.23&reponame=main
purl pkg:apk/alpine/mbedtls@3.6.5-r0?arch=aarch64&distroversion=v3.23&reponame=main
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/mbedtls@3.6.5-r0%3Farch=aarch64&distroversion=v3.23&reponame=main
aliases CVE-2025-59438
risk_score 1.4
exploitability 0.5
weighted_severity 2.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-vp4q-81cq-33cw
Risk_scorenull
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:apk/alpine/mbedtls@3.6.5-r0%3Farch=aarch64&distroversion=v3.23&reponame=main