Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:deb/debian/openssl@1.1.1m-1?distro=trixie
Typedeb
Namespacedebian
Nameopenssl
Version1.1.1m-1
Qualifiers
distro trixie
Subpath
Is_vulnerablefalse
Next_non_vulnerable_version1.1.1n-0+deb11u2
Latest_non_vulnerable_version3.6.2-1
Affected_by_vulnerabilities
Fixing_vulnerabilities
0
url VCID-myuq-u3as-g3ah
vulnerability_id VCID-myuq-u3as-g3ah
summary 
Carry Propagation bug
There is a carry propagation bug in the MIPS32 and MIPS64 squaring procedure. Many EC algorithms are affected, including some of the TLS 1.3 default curves. Impact was not analyzed in detail, because the pre-requisites for attack are considered unlikely and include reusing private keys. Analysis suggests that attacks against RSA and DSA as a result of this defect would be very difficult to perform and are not believed likely. Attacks against DH are considered just feasible (although very difficult) because most of the work necessary to deduce information about a private key may be performed offline. The amount of resources required for such an attack would be significant. However, for an attack on TLS to be meaningful, the server would have to share the DH private key among multiple clients, which is no longer an option since CVE-2016-0701.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-4160.json
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-4160.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-4160
reference_id
reference_type
scores
0
value 0.00299
scoring_system epss
scoring_elements 0.53163
published_at 2026-04-01T12:55:00Z
1
value 0.00299
scoring_system epss
scoring_elements 0.53188
published_at 2026-04-02T12:55:00Z
2
value 0.00299
scoring_system epss
scoring_elements 0.53291
published_at 2026-04-18T12:55:00Z
3
value 0.00299
scoring_system epss
scoring_elements 0.53284
published_at 2026-04-16T12:55:00Z
4
value 0.00299
scoring_system epss
scoring_elements 0.53247
published_at 2026-04-13T12:55:00Z
5
value 0.00299
scoring_system epss
scoring_elements 0.53264
published_at 2026-04-12T12:55:00Z
6
value 0.00299
scoring_system epss
scoring_elements 0.53278
published_at 2026-04-11T12:55:00Z
7
value 0.00299
scoring_system epss
scoring_elements 0.53227
published_at 2026-04-09T12:55:00Z
8
value 0.00299
scoring_system epss
scoring_elements 0.53233
published_at 2026-04-08T12:55:00Z
9
value 0.00299
scoring_system epss
scoring_elements 0.53212
published_at 2026-04-04T12:55:00Z
10
value 0.00299
scoring_system epss
scoring_elements 0.5318
published_at 2026-04-07T12:55:00Z
11
value 0.00417
scoring_system epss
scoring_elements 0.61799
published_at 2026-04-21T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-4160
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4160
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4160
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0778
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0778
4
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
5
reference_url https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=3bf7b73ea7123045b8f972badc67ed6878e6c37f
reference_id
reference_type
scores
url https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=3bf7b73ea7123045b8f972badc67ed6878e6c37f
6
reference_url https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=6fc1aaaf303185aa5e483e06bdfae16daa9193a7
reference_id
reference_type
scores
url https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=6fc1aaaf303185aa5e483e06bdfae16daa9193a7
7
reference_url https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=e9e726506cd2a3fd9c0f12daf8cc1fe934c7dddb
reference_id
reference_type
scores
url https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=e9e726506cd2a3fd9c0f12daf8cc1fe934c7dddb
8
reference_url https://www.openssl.org/news/secadv/20220128.txt
reference_id
reference_type
scores
0
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-24T15:29:13Z/
url https://www.openssl.org/news/secadv/20220128.txt
9
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2048651
reference_id 2048651
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2048651
10
reference_url https://nvd.nist.gov/vuln/detail/CVE-2021-4160
reference_id CVE-2021-4160
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2021-4160
11
reference_url https://security.gentoo.org/glsa/202210-02
reference_id GLSA-202210-02
reference_type
scores
0
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-24T15:29:13Z/
url https://security.gentoo.org/glsa/202210-02
12
reference_url https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=3bf7b73ea7123045b8f972badc67ed6878e6c37f
reference_id ?p=openssl.git%3Ba=commitdiff%3Bh=3bf7b73ea7123045b8f972badc67ed6878e6c37f
reference_type
scores
0
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-24T15:29:13Z/
url https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=3bf7b73ea7123045b8f972badc67ed6878e6c37f
13
reference_url https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=6fc1aaaf303185aa5e483e06bdfae16daa9193a7
reference_id ?p=openssl.git%3Ba=commitdiff%3Bh=6fc1aaaf303185aa5e483e06bdfae16daa9193a7
reference_type
scores
0
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-24T15:29:13Z/
url https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=6fc1aaaf303185aa5e483e06bdfae16daa9193a7
14
reference_url https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=e9e726506cd2a3fd9c0f12daf8cc1fe934c7dddb
reference_id ?p=openssl.git%3Ba=commitdiff%3Bh=e9e726506cd2a3fd9c0f12daf8cc1fe934c7dddb
reference_type
scores
0
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-24T15:29:13Z/
url https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=e9e726506cd2a3fd9c0f12daf8cc1fe934c7dddb
fixed_packages
0
url pkg:deb/debian/openssl@1.1.1k-1%2Bdeb11u2?distro=trixie
purl pkg:deb/debian/openssl@1.1.1k-1%2Bdeb11u2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.1k-1%252Bdeb11u2%3Fdistro=trixie
1
url pkg:deb/debian/openssl@1.1.1m-1?distro=trixie
purl pkg:deb/debian/openssl@1.1.1m-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.1m-1%3Fdistro=trixie
2
url pkg:deb/debian/openssl@1.1.1w-0%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/openssl@1.1.1w-0%2Bdeb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-87vs-4p6w-xbgq
1
vulnerability VCID-8gde-1md7-5yak
2
vulnerability VCID-cef8-2p5t-bff7
3
vulnerability VCID-f2na-rtsu-ffad
4
vulnerability VCID-hgvf-vxhr-cye8
5
vulnerability VCID-wuwm-ksb1-6qd5
6
vulnerability VCID-zkc9-huk8-27bc
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.1w-0%252Bdeb11u1%3Fdistro=trixie
3
url pkg:deb/debian/openssl@3.0.18-1~deb12u1?distro=trixie
purl pkg:deb/debian/openssl@3.0.18-1~deb12u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-8gde-1md7-5yak
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.18-1~deb12u1%3Fdistro=trixie
4
url pkg:deb/debian/openssl@3.5.5-1~deb13u1?distro=trixie
purl pkg:deb/debian/openssl@3.5.5-1~deb13u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-7f9q-mhsr-8bfq
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.5.5-1~deb13u1%3Fdistro=trixie
5
url pkg:deb/debian/openssl@3.6.1-3?distro=trixie
purl pkg:deb/debian/openssl@3.6.1-3?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-74wu-sup9-cybb
1
vulnerability VCID-7f9q-mhsr-8bfq
2
vulnerability VCID-87vs-4p6w-xbgq
3
vulnerability VCID-cef8-2p5t-bff7
4
vulnerability VCID-f2na-rtsu-ffad
5
vulnerability VCID-hgvf-vxhr-cye8
6
vulnerability VCID-wuwm-ksb1-6qd5
7
vulnerability VCID-zkc9-huk8-27bc
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.6.1-3%3Fdistro=trixie
6
url pkg:deb/debian/openssl@3.6.2-1?distro=trixie
purl pkg:deb/debian/openssl@3.6.2-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.6.2-1%3Fdistro=trixie
aliases CVE-2021-4160
risk_score 2.6
exploitability 0.5
weighted_severity 5.3
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-myuq-u3as-g3ah
Risk_scorenull
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.1m-1%3Fdistro=trixie