Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:deb/debian/keystone@2:23.0.0-3?distro=trixie
Typedeb
Namespacedebian
Namekeystone
Version2:23.0.0-3
Qualifiers
distro trixie
Subpath
Is_vulnerablefalse
Next_non_vulnerable_version2:28.0.0-2
Latest_non_vulnerable_version2:29.0.1-1
Affected_by_vulnerabilities
Fixing_vulnerabilities
0
url VCID-93vc-hgec-nfe6
vulnerability_id VCID-93vc-hgec-nfe6
summary 
Openstack Keystone Incorrect Authorization vulnerability
A flaw was found in openstack-keystone, only the first 72 characters of an application secret are verified allowing attackers bypass some password complexity which administrators may be counting on. The highest threat from this vulnerability is to data confidentiality and integrity. A [patch](https://opendev.org/openstack/keystone/commit/7859ed26003858ebfd9a5e866b43f1a6a9e83dca) is available.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3563.json
reference_id
reference_type
scores
0
value 7.4
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3563.json
1
reference_url https://access.redhat.com/security/cve/CVE-2021-3563
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/security/cve/CVE-2021-3563
2
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-3563
reference_id
reference_type
scores
0
value 0.00056
scoring_system epss
scoring_elements 0.17584
published_at 2026-04-16T12:55:00Z
1
value 0.00056
scoring_system epss
scoring_elements 0.17628
published_at 2026-04-21T12:55:00Z
2
value 0.00056
scoring_system epss
scoring_elements 0.17689
published_at 2026-04-12T12:55:00Z
3
value 0.00056
scoring_system epss
scoring_elements 0.17735
published_at 2026-04-11T12:55:00Z
4
value 0.00056
scoring_system epss
scoring_elements 0.17717
published_at 2026-04-09T12:55:00Z
5
value 0.00056
scoring_system epss
scoring_elements 0.17656
published_at 2026-04-08T12:55:00Z
6
value 0.00056
scoring_system epss
scoring_elements 0.17566
published_at 2026-04-07T12:55:00Z
7
value 0.00056
scoring_system epss
scoring_elements 0.17866
published_at 2026-04-04T12:55:00Z
8
value 0.00056
scoring_system epss
scoring_elements 0.17812
published_at 2026-04-02T12:55:00Z
9
value 0.00056
scoring_system epss
scoring_elements 0.1765
published_at 2026-04-01T12:55:00Z
10
value 0.00056
scoring_system epss
scoring_elements 0.17593
published_at 2026-04-18T12:55:00Z
11
value 0.00056
scoring_system epss
scoring_elements 0.17638
published_at 2026-04-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-3563
3
reference_url https://bugs.launchpad.net/ossa/+bug/1901891
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://bugs.launchpad.net/ossa/+bug/1901891
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1962908
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://bugzilla.redhat.com/show_bug.cgi?id=1962908
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3563
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3563
6
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
7
reference_url https://lists.debian.org/debian-lts-announce/2024/01/msg00007.html
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://lists.debian.org/debian-lts-announce/2024/01/msg00007.html
8
reference_url https://nvd.nist.gov/vuln/detail/CVE-2021-3563
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2021-3563
9
reference_url https://opendev.org/openstack/keystone
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://opendev.org/openstack/keystone
10
reference_url https://opendev.org/openstack/keystone/commit/7859ed26003858ebfd9a5e866b43f1a6a9e83dca
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://opendev.org/openstack/keystone/commit/7859ed26003858ebfd9a5e866b43f1a6a9e83dca
11
reference_url https://review.opendev.org/c/openstack/keystone/+/803641
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://review.opendev.org/c/openstack/keystone/+/803641
12
reference_url https://review.opendev.org/c/openstack/keystone/+/828595
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://review.opendev.org/c/openstack/keystone/+/828595
13
reference_url https://review.opendev.org/c/openstack/keystone/+/856489
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://review.opendev.org/c/openstack/keystone/+/856489
14
reference_url https://security-tracker.debian.org/tracker/CVE-2021-3563
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://security-tracker.debian.org/tracker/CVE-2021-3563
15
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=989998
reference_id 989998
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=989998
16
reference_url https://security.archlinux.org/AVG-1979
reference_id AVG-1979
reference_type
scores
0
value Medium
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-1979
17
reference_url https://github.com/advisories/GHSA-cc99-whm5-mmq3
reference_id GHSA-cc99-whm5-mmq3
reference_type
scores
0
value CRITICAL
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-cc99-whm5-mmq3
18
reference_url https://usn.ubuntu.com/7926-1/
reference_id USN-7926-1
reference_type
scores
url https://usn.ubuntu.com/7926-1/
fixed_packages
0
url pkg:deb/debian/keystone@2:23.0.0-3?distro=trixie
purl pkg:deb/debian/keystone@2:23.0.0-3?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/keystone@2:23.0.0-3%3Fdistro=trixie
1
url pkg:deb/debian/keystone@2:27.0.0-3%2Bdeb13u1?distro=trixie
purl pkg:deb/debian/keystone@2:27.0.0-3%2Bdeb13u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-6wj2-abbb-xqf6
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/keystone@2:27.0.0-3%252Bdeb13u1%3Fdistro=trixie
2
url pkg:deb/debian/keystone@2:29.0.0-1?distro=trixie
purl pkg:deb/debian/keystone@2:29.0.0-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/keystone@2:29.0.0-1%3Fdistro=trixie
3
url pkg:deb/debian/keystone@2:29.0.0-2?distro=trixie
purl pkg:deb/debian/keystone@2:29.0.0-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/keystone@2:29.0.0-2%3Fdistro=trixie
4
url pkg:deb/debian/keystone@2:29.0.0-3?distro=trixie
purl pkg:deb/debian/keystone@2:29.0.0-3?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/keystone@2:29.0.0-3%3Fdistro=trixie
5
url pkg:deb/debian/keystone@2:29.0.1-1?distro=trixie
purl pkg:deb/debian/keystone@2:29.0.1-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/keystone@2:29.0.1-1%3Fdistro=trixie
aliases CVE-2021-3563, GHSA-cc99-whm5-mmq3
risk_score 4.5
exploitability 0.5
weighted_severity 9.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-93vc-hgec-nfe6
Risk_scorenull
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:deb/debian/keystone@2:23.0.0-3%3Fdistro=trixie