Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:apk/alpine/botan@2.19.5-r0?arch=x86&distroversion=v3.21&reponame=main
Typeapk
Namespacealpine
Namebotan
Version2.19.5-r0
Qualifiers
arch x86
distroversion v3.21
reponame main
Subpath
Is_vulnerablefalse
Next_non_vulnerable_versionnull
Latest_non_vulnerable_versionnull
Affected_by_vulnerabilities
Fixing_vulnerabilities
0
url VCID-9kx4-w9uw-vybp
vulnerability_id VCID-9kx4-w9uw-vybp
summary Botan is a C++ cryptography library. X.509 certificates can identify elliptic curves using either an object identifier or using explicit encoding of the parameters. A bug in the parsing of name constraint extensions in X.509 certificates meant that if the extension included both permitted subtrees and excluded subtrees, only the permitted subtree would be checked. If a certificate included a name which was permitted by the permitted subtree but also excluded by excluded subtree, it would be accepted. Fixed in versions 3.5.0 and 2.19.5.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2024-39312
reference_id
reference_type
scores
0
value 0.00281
scoring_system epss
scoring_elements 0.51454
published_at 2026-04-13T12:55:00Z
1
value 0.00281
scoring_system epss
scoring_elements 0.51445
published_at 2026-04-09T12:55:00Z
2
value 0.00281
scoring_system epss
scoring_elements 0.51488
published_at 2026-04-11T12:55:00Z
3
value 0.00281
scoring_system epss
scoring_elements 0.51467
published_at 2026-04-12T12:55:00Z
4
value 0.00281
scoring_system epss
scoring_elements 0.51408
published_at 2026-04-02T12:55:00Z
5
value 0.00281
scoring_system epss
scoring_elements 0.51435
published_at 2026-04-04T12:55:00Z
6
value 0.00281
scoring_system epss
scoring_elements 0.51394
published_at 2026-04-07T12:55:00Z
7
value 0.00281
scoring_system epss
scoring_elements 0.51447
published_at 2026-04-08T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2024-39312
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-39312
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-39312
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://github.com/randombit/botan/security/advisories/GHSA-jp24-56jm-gg86
reference_id GHSA-jp24-56jm-gg86
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-07-08T19:57:15Z/
url https://github.com/randombit/botan/security/advisories/GHSA-jp24-56jm-gg86
4
reference_url https://usn.ubuntu.com/7586-1/
reference_id USN-7586-1
reference_type
scores
url https://usn.ubuntu.com/7586-1/
fixed_packages
0
url pkg:apk/alpine/botan@2.19.5-r0?arch=x86&distroversion=v3.21&reponame=main
purl pkg:apk/alpine/botan@2.19.5-r0?arch=x86&distroversion=v3.21&reponame=main
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/botan@2.19.5-r0%3Farch=x86&distroversion=v3.21&reponame=main
aliases CVE-2024-39312
risk_score 2.4
exploitability 0.5
weighted_severity 4.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-9kx4-w9uw-vybp
1
url VCID-sfcs-71wr-wbf4
vulnerability_id VCID-sfcs-71wr-wbf4
summary Botan is a C++ cryptography library. X.509 certificates can identify elliptic curves using either an object identifier or using explicit encoding of the parameters. Prior to 3.5.0 and 2.19.5, checking name constraints in X.509 certificates is quadratic in the number of names and name constraints. An attacker who presented a certificate chain which contained a very large number of names in the SubjectAlternativeName, signed by a CA certificate which contained a large number of name constraints, could cause a denial of service. The problem has been addressed in Botan 3.5.0 and a partial backport has also been applied and is included in Botan 2.19.5.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2024-34702
reference_id
reference_type
scores
0
value 0.00449
scoring_system epss
scoring_elements 0.63551
published_at 2026-04-02T12:55:00Z
1
value 0.00449
scoring_system epss
scoring_elements 0.63611
published_at 2026-04-12T12:55:00Z
2
value 0.00449
scoring_system epss
scoring_elements 0.63627
published_at 2026-04-11T12:55:00Z
3
value 0.00449
scoring_system epss
scoring_elements 0.63612
published_at 2026-04-09T12:55:00Z
4
value 0.00449
scoring_system epss
scoring_elements 0.63595
published_at 2026-04-08T12:55:00Z
5
value 0.00449
scoring_system epss
scoring_elements 0.63544
published_at 2026-04-07T12:55:00Z
6
value 0.00449
scoring_system epss
scoring_elements 0.63578
published_at 2026-04-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2024-34702
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34702
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34702
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://github.com/randombit/botan/commit/21dccc8fef18c165ba3301d850ac61521f85637e
reference_id 21dccc8fef18c165ba3301d850ac61521f85637e
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-07-08T17:49:00Z/
url https://github.com/randombit/botan/commit/21dccc8fef18c165ba3301d850ac61521f85637e
4
reference_url https://github.com/randombit/botan/commit/39535f13c322f56aa3da2f44b2b6abb8619a82ac
reference_id 39535f13c322f56aa3da2f44b2b6abb8619a82ac
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-07-08T17:49:00Z/
url https://github.com/randombit/botan/commit/39535f13c322f56aa3da2f44b2b6abb8619a82ac
5
reference_url https://github.com/randombit/botan/pull/4034
reference_id 4034
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-07-08T17:49:00Z/
url https://github.com/randombit/botan/pull/4034
6
reference_url https://github.com/randombit/botan/pull/4045
reference_id 4045
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-07-08T17:49:00Z/
url https://github.com/randombit/botan/pull/4045
7
reference_url https://github.com/randombit/botan/pull/4047
reference_id 4047
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-07-08T17:49:00Z/
url https://github.com/randombit/botan/pull/4047
8
reference_url https://github.com/randombit/botan/pull/4052
reference_id 4052
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-07-08T17:49:00Z/
url https://github.com/randombit/botan/pull/4052
9
reference_url https://github.com/randombit/botan/pull/4186
reference_id 4186
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-07-08T17:49:00Z/
url https://github.com/randombit/botan/pull/4186
10
reference_url https://github.com/randombit/botan/pull/4187
reference_id 4187
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-07-08T17:49:00Z/
url https://github.com/randombit/botan/pull/4187
11
reference_url https://github.com/randombit/botan/commit/477822a2d10f02d8ba46c9d8a5132f25843f5cc1
reference_id 477822a2d10f02d8ba46c9d8a5132f25843f5cc1
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-07-08T17:49:00Z/
url https://github.com/randombit/botan/commit/477822a2d10f02d8ba46c9d8a5132f25843f5cc1
12
reference_url https://github.com/randombit/botan/commit/7606d70d3a2ac7114476ec2651ca0243c4536fdf
reference_id 7606d70d3a2ac7114476ec2651ca0243c4536fdf
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-07-08T17:49:00Z/
url https://github.com/randombit/botan/commit/7606d70d3a2ac7114476ec2651ca0243c4536fdf
13
reference_url https://github.com/randombit/botan/commit/c3264821b9f6286ee4e6e3e06826f6b7177e6d41
reference_id c3264821b9f6286ee4e6e3e06826f6b7177e6d41
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-07-08T17:49:00Z/
url https://github.com/randombit/botan/commit/c3264821b9f6286ee4e6e3e06826f6b7177e6d41
14
reference_url https://github.com/randombit/botan/commit/ff704b12e6fa351aaedd07bffdc91722e84586b8
reference_id ff704b12e6fa351aaedd07bffdc91722e84586b8
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-07-08T17:49:00Z/
url https://github.com/randombit/botan/commit/ff704b12e6fa351aaedd07bffdc91722e84586b8
15
reference_url https://github.com/randombit/botan/security/advisories/GHSA-5gg9-hqpr-r58j
reference_id GHSA-5gg9-hqpr-r58j
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-07-08T17:49:00Z/
url https://github.com/randombit/botan/security/advisories/GHSA-5gg9-hqpr-r58j
16
reference_url https://usn.ubuntu.com/7586-1/
reference_id USN-7586-1
reference_type
scores
url https://usn.ubuntu.com/7586-1/
fixed_packages
0
url pkg:apk/alpine/botan@2.19.5-r0?arch=x86&distroversion=v3.21&reponame=main
purl pkg:apk/alpine/botan@2.19.5-r0?arch=x86&distroversion=v3.21&reponame=main
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/botan@2.19.5-r0%3Farch=x86&distroversion=v3.21&reponame=main
aliases CVE-2024-34702
risk_score 2.4
exploitability 0.5
weighted_severity 4.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-sfcs-71wr-wbf4
Risk_scorenull
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:apk/alpine/botan@2.19.5-r0%3Farch=x86&distroversion=v3.21&reponame=main