Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:deb/debian/php-phpseclib@2.0.47-1?distro=trixie
Typedeb
Namespacedebian
Namephp-phpseclib
Version2.0.47-1
Qualifiers
distro trixie
Subpath
Is_vulnerablefalse
Next_non_vulnerable_version2.0.48-3+deb13u1
Latest_non_vulnerable_version2.0.53-1
Affected_by_vulnerabilities
Fixing_vulnerabilities
0
url VCID-6xjw-f9xu-fkg8
vulnerability_id VCID-6xjw-f9xu-fkg8
summary 
phpseclib a large prime can cause a denial of service
An issue was discovered in phpseclib 1.x before 1.0.23, 2.x before 2.0.47, and 3.x before 3.0.36. An attacker can construct a malformed certificate containing an extremely large prime to cause a denial of service (CPU consumption for an isPrime primality check). NOTE: this issue was introduced when attempting to fix CVE-2023-27560.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2024-27354
reference_id
reference_type
scores
0
value 0.00204
scoring_system epss
scoring_elements 0.42569
published_at 2026-04-08T12:55:00Z
1
value 0.00204
scoring_system epss
scoring_elements 0.4255
published_at 2026-04-02T12:55:00Z
2
value 0.00204
scoring_system epss
scoring_elements 0.42578
published_at 2026-04-09T12:55:00Z
3
value 0.00204
scoring_system epss
scoring_elements 0.42517
published_at 2026-04-07T12:55:00Z
4
value 0.00204
scoring_system epss
scoring_elements 0.42512
published_at 2026-04-21T12:55:00Z
5
value 0.00204
scoring_system epss
scoring_elements 0.4258
published_at 2026-04-18T12:55:00Z
6
value 0.00204
scoring_system epss
scoring_elements 0.42595
published_at 2026-04-16T12:55:00Z
7
value 0.00204
scoring_system epss
scoring_elements 0.42535
published_at 2026-04-13T12:55:00Z
8
value 0.00204
scoring_system epss
scoring_elements 0.42564
published_at 2026-04-12T12:55:00Z
9
value 0.00204
scoring_system epss
scoring_elements 0.426
published_at 2026-04-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2024-27354
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-27354
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-27354
2
reference_url https://gist.github.com/katzj/ee72f3c2a00590812b2ea3c0c8890e0b
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-03-06T15:59:46Z/
url https://gist.github.com/katzj/ee72f3c2a00590812b2ea3c0c8890e0b
3
reference_url https://github.com/advisories/GHSA-hg35-mp25-qf6h
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
2
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
3
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/advisories/GHSA-hg35-mp25-qf6h
4
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/phpseclib/phpseclib/CVE-2024-27354.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/phpseclib/phpseclib/CVE-2024-27354.yaml
5
reference_url https://github.com/phpseclib/phpseclib
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/phpseclib/phpseclib
6
reference_url https://github.com/phpseclib/phpseclib/blob/master/phpseclib/Math/PrimeField.php#L49
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-03-06T15:59:46Z/
url https://github.com/phpseclib/phpseclib/blob/master/phpseclib/Math/PrimeField.php#L49
7
reference_url https://github.com/phpseclib/phpseclib/commit/2870c8fab3f132d2ed40a66c97a36fe5ab625698
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/phpseclib/phpseclib/commit/2870c8fab3f132d2ed40a66c97a36fe5ab625698
8
reference_url https://github.com/phpseclib/phpseclib/commit/ad5dbdf2129f5e0fb644637770b7f33de8ca8575
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/phpseclib/phpseclib/commit/ad5dbdf2129f5e0fb644637770b7f33de8ca8575
9
reference_url https://github.com/phpseclib/phpseclib/commit/c55b75199ec8d12cec6eadf6da99da4a3712fe56
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/phpseclib/phpseclib/commit/c55b75199ec8d12cec6eadf6da99da4a3712fe56
10
reference_url https://lists.debian.org/debian-lts-announce/2024/03/msg00002.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-03-06T15:59:46Z/
url https://lists.debian.org/debian-lts-announce/2024/03/msg00002.html
11
reference_url https://lists.debian.org/debian-lts-announce/2024/03/msg00003.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-03-06T15:59:46Z/
url https://lists.debian.org/debian-lts-announce/2024/03/msg00003.html
12
reference_url https://nvd.nist.gov/vuln/detail/CVE-2024-27354
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2024-27354
13
reference_url https://usn.ubuntu.com/7404-1/
reference_id USN-7404-1
reference_type
scores
url https://usn.ubuntu.com/7404-1/
fixed_packages
0
url pkg:deb/debian/php-phpseclib@2.0.30-2%2Bdeb11u2?distro=trixie
purl pkg:deb/debian/php-phpseclib@2.0.30-2%2Bdeb11u2?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-8h2u-szq5-13ar
1
vulnerability VCID-hnn9-wcwe-ffa5
2
vulnerability VCID-ku5e-5j7s-qyc9
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/php-phpseclib@2.0.30-2%252Bdeb11u2%3Fdistro=trixie
1
url pkg:deb/debian/php-phpseclib@2.0.42-1%2Bdeb12u2?distro=trixie
purl pkg:deb/debian/php-phpseclib@2.0.42-1%2Bdeb12u2?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-hnn9-wcwe-ffa5
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/php-phpseclib@2.0.42-1%252Bdeb12u2%3Fdistro=trixie
2
url pkg:deb/debian/php-phpseclib@2.0.47-1?distro=trixie
purl pkg:deb/debian/php-phpseclib@2.0.47-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/php-phpseclib@2.0.47-1%3Fdistro=trixie
3
url pkg:deb/debian/php-phpseclib@2.0.48-3?distro=trixie
purl pkg:deb/debian/php-phpseclib@2.0.48-3?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-hnn9-wcwe-ffa5
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/php-phpseclib@2.0.48-3%3Fdistro=trixie
4
url pkg:deb/debian/php-phpseclib@2.0.52-1?distro=trixie
purl pkg:deb/debian/php-phpseclib@2.0.52-1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-hnn9-wcwe-ffa5
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/php-phpseclib@2.0.52-1%3Fdistro=trixie
5
url pkg:deb/debian/php-phpseclib@2.0.53-1?distro=trixie
purl pkg:deb/debian/php-phpseclib@2.0.53-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/php-phpseclib@2.0.53-1%3Fdistro=trixie
aliases CVE-2024-27354, GHSA-hg35-mp25-qf6h
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-6xjw-f9xu-fkg8
1
url VCID-ars3-xpyv-jbf1
vulnerability_id VCID-ars3-xpyv-jbf1
summary 
phpseclib does not properly limit the ASN1 OID length
An issue was discovered in phpseclib 1.x before 1.0.23, 2.x before 2.0.47, and 3.x before 3.0.36. When processing the ASN.1 object identifier of a certificate, a sub identifier may be provided that leads to a denial of service (CPU consumption for decodeOID).
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2024-27355
reference_id
reference_type
scores
0
value 0.00204
scoring_system epss
scoring_elements 0.42564
published_at 2026-04-12T12:55:00Z
1
value 0.00204
scoring_system epss
scoring_elements 0.42512
published_at 2026-04-21T12:55:00Z
2
value 0.00204
scoring_system epss
scoring_elements 0.4258
published_at 2026-04-18T12:55:00Z
3
value 0.00204
scoring_system epss
scoring_elements 0.42595
published_at 2026-04-16T12:55:00Z
4
value 0.00204
scoring_system epss
scoring_elements 0.42535
published_at 2026-04-13T12:55:00Z
5
value 0.00204
scoring_system epss
scoring_elements 0.4255
published_at 2026-04-02T12:55:00Z
6
value 0.00204
scoring_system epss
scoring_elements 0.42578
published_at 2026-04-09T12:55:00Z
7
value 0.00204
scoring_system epss
scoring_elements 0.42517
published_at 2026-04-07T12:55:00Z
8
value 0.00204
scoring_system epss
scoring_elements 0.42569
published_at 2026-04-08T12:55:00Z
9
value 0.00204
scoring_system epss
scoring_elements 0.426
published_at 2026-04-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2024-27355
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-27355
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-27355
2
reference_url https://gist.github.com/katzj/ee72f3c2a00590812b2ea3c0c8890e0b
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-08-09T14:10:07Z/
url https://gist.github.com/katzj/ee72f3c2a00590812b2ea3c0c8890e0b
3
reference_url https://github.com/advisories/GHSA-jr22-8qgm-4q87
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/advisories/GHSA-jr22-8qgm-4q87
4
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/phpseclib/phpseclib/CVE-2024-27355.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/phpseclib/phpseclib/CVE-2024-27355.yaml
5
reference_url https://github.com/phpseclib/phpseclib
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/phpseclib/phpseclib
6
reference_url https://github.com/phpseclib/phpseclib/blob/978d081fe50ff92879c50ff143c62a143edb0117/phpseclib/File/ASN1.php#L1129
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-08-09T14:10:07Z/
url https://github.com/phpseclib/phpseclib/blob/978d081fe50ff92879c50ff143c62a143edb0117/phpseclib/File/ASN1.php#L1129
7
reference_url https://github.com/phpseclib/phpseclib/commit/e32531001b4d62c66c3d824ccef54ffad835eb59
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/phpseclib/phpseclib/commit/e32531001b4d62c66c3d824ccef54ffad835eb59
8
reference_url https://lists.debian.org/debian-lts-announce/2024/03/msg00002.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-08-09T14:10:07Z/
url https://lists.debian.org/debian-lts-announce/2024/03/msg00002.html
9
reference_url https://lists.debian.org/debian-lts-announce/2024/03/msg00003.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-08-09T14:10:07Z/
url https://lists.debian.org/debian-lts-announce/2024/03/msg00003.html
10
reference_url https://nvd.nist.gov/vuln/detail/CVE-2024-27355
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2024-27355
11
reference_url https://usn.ubuntu.com/7404-1/
reference_id USN-7404-1
reference_type
scores
url https://usn.ubuntu.com/7404-1/
fixed_packages
0
url pkg:deb/debian/php-phpseclib@2.0.30-2%2Bdeb11u2?distro=trixie
purl pkg:deb/debian/php-phpseclib@2.0.30-2%2Bdeb11u2?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-8h2u-szq5-13ar
1
vulnerability VCID-hnn9-wcwe-ffa5
2
vulnerability VCID-ku5e-5j7s-qyc9
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/php-phpseclib@2.0.30-2%252Bdeb11u2%3Fdistro=trixie
1
url pkg:deb/debian/php-phpseclib@2.0.42-1%2Bdeb12u2?distro=trixie
purl pkg:deb/debian/php-phpseclib@2.0.42-1%2Bdeb12u2?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-hnn9-wcwe-ffa5
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/php-phpseclib@2.0.42-1%252Bdeb12u2%3Fdistro=trixie
2
url pkg:deb/debian/php-phpseclib@2.0.47-1?distro=trixie
purl pkg:deb/debian/php-phpseclib@2.0.47-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/php-phpseclib@2.0.47-1%3Fdistro=trixie
3
url pkg:deb/debian/php-phpseclib@2.0.48-3?distro=trixie
purl pkg:deb/debian/php-phpseclib@2.0.48-3?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-hnn9-wcwe-ffa5
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/php-phpseclib@2.0.48-3%3Fdistro=trixie
4
url pkg:deb/debian/php-phpseclib@2.0.52-1?distro=trixie
purl pkg:deb/debian/php-phpseclib@2.0.52-1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-hnn9-wcwe-ffa5
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/php-phpseclib@2.0.52-1%3Fdistro=trixie
5
url pkg:deb/debian/php-phpseclib@2.0.53-1?distro=trixie
purl pkg:deb/debian/php-phpseclib@2.0.53-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/php-phpseclib@2.0.53-1%3Fdistro=trixie
aliases CVE-2024-27355, GHSA-jr22-8qgm-4q87
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ars3-xpyv-jbf1
Risk_scorenull
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:deb/debian/php-phpseclib@2.0.47-1%3Fdistro=trixie