Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:maven/org.bouncycastle/bcprov-ext-jdk18on@1.74
Typemaven
Namespaceorg.bouncycastle
Namebcprov-ext-jdk18on
Version1.74
Qualifiers
Subpath
Is_vulnerablefalse
Next_non_vulnerable_versionnull
Latest_non_vulnerable_versionnull
Affected_by_vulnerabilities
Fixing_vulnerabilities
0
url VCID-s4tz-g6jv-7ub4
vulnerability_id VCID-s4tz-g6jv-7ub4
summary 
Improper Certificate Validation
Bouncy Castle For Java before 1.74 is affected by an LDAP injection vulnerability. The vulnerability only affects applications that use an LDAP CertStore from Bouncy Castle to validate X.509 certificates. During the certificate validation process, Bouncy Castle inserts the certificate's Subject Name into an LDAP search filter without any escaping, which leads to an LDAP injection vulnerability.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-33201.json
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-33201.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2023-33201
reference_id
reference_type
scores
0
value 0.00326
scoring_system epss
scoring_elements 0.55885
published_at 2026-06-05T12:55:00Z
1
value 0.00326
scoring_system epss
scoring_elements 0.55862
published_at 2026-06-08T12:55:00Z
2
value 0.00326
scoring_system epss
scoring_elements 0.55879
published_at 2026-06-07T12:55:00Z
3
value 0.00326
scoring_system epss
scoring_elements 0.55892
published_at 2026-06-06T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2023-33201
2
reference_url https://bouncycastle.org
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-12-04T15:47:56Z/
url https://bouncycastle.org
3
reference_url https://bouncycastle.org/releasenotes.html#r1rv74
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://bouncycastle.org/releasenotes.html#r1rv74
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-33201
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-33201
5
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
6
reference_url https://github.com/bcgit/bc-java
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/bcgit/bc-java
7
reference_url https://github.com/bcgit/bc-java/commit/ccf93ca736b89250ff4ce079a5aa56f5cbf0ebbd
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/bcgit/bc-java/commit/ccf93ca736b89250ff4ce079a5aa56f5cbf0ebbd
8
reference_url https://github.com/bcgit/bc-java/commit/e8c409a8389c815ea3fda5e8b94c92fdfe583bcc
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-12-04T15:47:56Z/
url https://github.com/bcgit/bc-java/commit/e8c409a8389c815ea3fda5e8b94c92fdfe583bcc
9
reference_url https://github.com/bcgit/bc-java/commits/main/prov/src/main/java/org/bouncycastle/jce/provider/X509LDAPCertStoreSpi.java
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/bcgit/bc-java/commits/main/prov/src/main/java/org/bouncycastle/jce/provider/X509LDAPCertStoreSpi.java
10
reference_url https://lists.debian.org/debian-lts-announce/2023/08/msg00000.html
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-12-04T15:47:56Z/
url https://lists.debian.org/debian-lts-announce/2023/08/msg00000.html
11
reference_url https://security.netapp.com/advisory/ntap-20230824-0008
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://security.netapp.com/advisory/ntap-20230824-0008
12
reference_url https://security.netapp.com/advisory/ntap-20230824-0008/
reference_id
reference_type
scores
0
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-12-04T15:47:56Z/
url https://security.netapp.com/advisory/ntap-20230824-0008/
13
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1040050
reference_id 1040050
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1040050
14
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2215465
reference_id 2215465
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2215465
15
reference_url https://github.com/bcgit/bc-java/wiki/CVE-2023-33201
reference_id CVE-2023-33201
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-12-04T15:47:56Z/
url https://github.com/bcgit/bc-java/wiki/CVE-2023-33201
16
reference_url https://nvd.nist.gov/vuln/detail/CVE-2023-33201
reference_id CVE-2023-33201
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2023-33201
17
reference_url https://github.com/advisories/GHSA-hr8g-6v94-x4m9
reference_id GHSA-hr8g-6v94-x4m9
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-hr8g-6v94-x4m9
18
reference_url https://access.redhat.com/errata/RHSA-2023:5147
reference_id RHSA-2023:5147
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:5147
19
reference_url https://access.redhat.com/errata/RHSA-2023:5165
reference_id RHSA-2023:5165
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:5165
20
reference_url https://access.redhat.com/errata/RHSA-2023:7482
reference_id RHSA-2023:7482
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:7482
21
reference_url https://access.redhat.com/errata/RHSA-2023:7483
reference_id RHSA-2023:7483
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:7483
22
reference_url https://access.redhat.com/errata/RHSA-2023:7484
reference_id RHSA-2023:7484
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:7484
23
reference_url https://access.redhat.com/errata/RHSA-2023:7486
reference_id RHSA-2023:7486
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:7486
24
reference_url https://access.redhat.com/errata/RHSA-2023:7488
reference_id RHSA-2023:7488
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:7488
25
reference_url https://access.redhat.com/errata/RHSA-2023:7669
reference_id RHSA-2023:7669
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:7669
26
reference_url https://access.redhat.com/errata/RHSA-2023:7678
reference_id RHSA-2023:7678
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:7678
27
reference_url https://access.redhat.com/errata/RHSA-2024:0278
reference_id RHSA-2024:0278
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:0278
28
reference_url https://usn.ubuntu.com/8108-1/
reference_id USN-8108-1
reference_type
scores
url https://usn.ubuntu.com/8108-1/
fixed_packages
0
url pkg:maven/org.bouncycastle/bcprov-ext-jdk18on@1.74
purl pkg:maven/org.bouncycastle/bcprov-ext-jdk18on@1.74
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.bouncycastle/bcprov-ext-jdk18on@1.74
aliases CVE-2023-33201, GHSA-hr8g-6v94-x4m9
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-s4tz-g6jv-7ub4
Risk_scorenull
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:maven/org.bouncycastle/bcprov-ext-jdk18on@1.74