Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:rpm/redhat/fence-agents@4.10.0-62?arch=el9
Typerpm
Namespaceredhat
Namefence-agents
Version4.10.0-62
Qualifiers
arch el9
Subpath
Is_vulnerabletrue
Next_non_vulnerable_versionnull
Latest_non_vulnerable_versionnull
Affected_by_vulnerabilities
0
url VCID-4evk-srqq-fuef
vulnerability_id VCID-4evk-srqq-fuef
summary urllib3 is a user-friendly HTTP client library for Python. urllib3 previously wouldn't remove the HTTP request body when an HTTP redirect response using status 301, 302, or 303 after the request had its method changed from one that could accept a request body (like `POST`) to `GET` as is required by HTTP RFCs. Although this behavior is not specified in the section for redirects, it can be inferred by piecing together information from different sections and we have observed the behavior in other major HTTP client implementations like curl and web browsers. Because the vulnerability requires a previously trusted service to become compromised in order to have an impact on confidentiality we believe the exploitability of this vulnerability is low. Additionally, many users aren't putting sensitive data in HTTP request bodies, if this is the case then this vulnerability isn't exploitable. Both of the following conditions must be true to be affected by this vulnerability: 1. Using urllib3 and submitting sensitive information in the HTTP request body (such as form data or JSON) and 2. The origin service is compromised and starts redirecting using 301, 302, or 303 to a malicious peer or the redirected-to service becomes compromised. This issue has been addressed in versions 1.26.18 and 2.0.7 and users are advised to update to resolve this issue. Users unable to update should disable redirects for services that aren't expecting to respond with redirects with `redirects=False` and disable automatic redirects with `redirects=False` and handle 301, 302, and 303 redirects manually by stripping the HTTP request body.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-45803.json
reference_id
reference_type
scores
0
value 4.2
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:A/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-45803.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2023-45803
reference_id
reference_type
scores
0
value 0.00051
scoring_system epss
scoring_elements 0.158
published_at 2026-04-21T12:55:00Z
1
value 0.00051
scoring_system epss
scoring_elements 0.15757
published_at 2026-04-18T12:55:00Z
2
value 0.00051
scoring_system epss
scoring_elements 0.15944
published_at 2026-04-02T12:55:00Z
3
value 0.00051
scoring_system epss
scoring_elements 0.15748
published_at 2026-04-16T12:55:00Z
4
value 0.00051
scoring_system epss
scoring_elements 0.15824
published_at 2026-04-13T12:55:00Z
5
value 0.00051
scoring_system epss
scoring_elements 0.15931
published_at 2026-04-11T12:55:00Z
6
value 0.00051
scoring_system epss
scoring_elements 0.15954
published_at 2026-04-09T12:55:00Z
7
value 0.00051
scoring_system epss
scoring_elements 0.15893
published_at 2026-04-12T12:55:00Z
8
value 0.00051
scoring_system epss
scoring_elements 0.16009
published_at 2026-04-04T12:55:00Z
9
value 0.00051
scoring_system epss
scoring_elements 0.15807
published_at 2026-04-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2023-45803
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45803
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45803
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 4.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:A/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/urllib3/PYSEC-2023-212.yaml
reference_id
reference_type
scores
0
value 4.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:A/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N
1
value 5.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:A/AC:L/AT:P/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/urllib3/PYSEC-2023-212.yaml
5
reference_url https://github.com/urllib3/urllib3
reference_id
reference_type
scores
0
value 4.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:A/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N
1
value 5.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:A/AC:L/AT:P/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/urllib3/urllib3
6
reference_url https://github.com/urllib3/urllib3/commit/4e50fbc5db74e32cabd5ccc1ab81fc103adfe0b3
reference_id
reference_type
scores
0
value 4.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:A/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N
1
value 5.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:A/AC:L/AT:P/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/urllib3/urllib3/commit/4e50fbc5db74e32cabd5ccc1ab81fc103adfe0b3
7
reference_url https://github.com/urllib3/urllib3/commit/4e98d57809dacab1cbe625fddeec1a290c478ea9
reference_id
reference_type
scores
0
value 4.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:A/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N
1
value 5.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:A/AC:L/AT:P/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-13T15:56:19Z/
url https://github.com/urllib3/urllib3/commit/4e98d57809dacab1cbe625fddeec1a290c478ea9
8
reference_url https://github.com/urllib3/urllib3/commit/b594c5ceaca38e1ac215f916538fb128e3526a36
reference_id
reference_type
scores
0
value 4.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:A/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N
1
value 5.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:A/AC:L/AT:P/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/urllib3/urllib3/commit/b594c5ceaca38e1ac215f916538fb128e3526a36
9
reference_url https://github.com/urllib3/urllib3/releases/tag/1.26.18
reference_id
reference_type
scores
0
value 4.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:A/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N
1
value 5.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:A/AC:L/AT:P/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/urllib3/urllib3/releases/tag/1.26.18
10
reference_url https://github.com/urllib3/urllib3/releases/tag/2.0.7
reference_id
reference_type
scores
0
value 4.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:A/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N
1
value 5.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:A/AC:L/AT:P/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/urllib3/urllib3/releases/tag/2.0.7
11
reference_url https://github.com/urllib3/urllib3/security/advisories/GHSA-g4mx-q9vg-27p4
reference_id
reference_type
scores
0
value 4.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:A/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
2
value 5.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:A/AC:L/AT:P/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
3
value MODERATE
scoring_system generic_textual
scoring_elements
4
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-13T15:56:19Z/
url https://github.com/urllib3/urllib3/security/advisories/GHSA-g4mx-q9vg-27p4
12
reference_url https://lists.debian.org/debian-lts-announce/2024/12/msg00020.html
reference_id
reference_type
scores
0
value 4.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:A/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N
1
value 5.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:A/AC:L/AT:P/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.debian.org/debian-lts-announce/2024/12/msg00020.html
13
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4R2Y5XK3WALSR3FNAGN7JBYV2B343ZKB
reference_id
reference_type
scores
0
value 4.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:A/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N
1
value 5.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:A/AC:L/AT:P/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4R2Y5XK3WALSR3FNAGN7JBYV2B343ZKB
14
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5F5CUBAN5XMEBVBZPHFITBLMJV5FIJJ5
reference_id
reference_type
scores
0
value 4.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:A/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N
1
value 5.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:A/AC:L/AT:P/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5F5CUBAN5XMEBVBZPHFITBLMJV5FIJJ5
15
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PPDPLM6UUMN55ESPQWJFLLIZY4ZKCNRX
reference_id
reference_type
scores
0
value 4.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:A/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N
1
value 5.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:A/AC:L/AT:P/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PPDPLM6UUMN55ESPQWJFLLIZY4ZKCNRX
16
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PPDPLM6UUMN55ESPQWJFLLIZY4ZKCNRX/
reference_id
reference_type
scores
0
value 4.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:A/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-13T15:56:19Z/
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PPDPLM6UUMN55ESPQWJFLLIZY4ZKCNRX/
17
reference_url https://www.rfc-editor.org/rfc/rfc9110.html#name-get
reference_id
reference_type
scores
0
value 4.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:A/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N
1
value 5.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:A/AC:L/AT:P/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-13T15:56:19Z/
url https://www.rfc-editor.org/rfc/rfc9110.html#name-get
18
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1054226
reference_id 1054226
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1054226
19
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2246840
reference_id 2246840
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2246840
20
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4R2Y5XK3WALSR3FNAGN7JBYV2B343ZKB/
reference_id 4R2Y5XK3WALSR3FNAGN7JBYV2B343ZKB
reference_type
scores
0
value 4.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:A/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-13T15:56:19Z/
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4R2Y5XK3WALSR3FNAGN7JBYV2B343ZKB/
21
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5F5CUBAN5XMEBVBZPHFITBLMJV5FIJJ5/
reference_id 5F5CUBAN5XMEBVBZPHFITBLMJV5FIJJ5
reference_type
scores
0
value 4.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:A/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-13T15:56:19Z/
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5F5CUBAN5XMEBVBZPHFITBLMJV5FIJJ5/
22
reference_url https://nvd.nist.gov/vuln/detail/CVE-2023-45803
reference_id CVE-2023-45803
reference_type
scores
0
value 4.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:A/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N
1
value 5.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:A/AC:L/AT:P/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2023-45803
23
reference_url https://github.com/advisories/GHSA-g4mx-q9vg-27p4
reference_id GHSA-g4mx-q9vg-27p4
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-g4mx-q9vg-27p4
24
reference_url https://access.redhat.com/errata/RHSA-2023:7851
reference_id RHSA-2023:7851
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:7851
25
reference_url https://access.redhat.com/errata/RHSA-2024:0116
reference_id RHSA-2024:0116
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:0116
26
reference_url https://access.redhat.com/errata/RHSA-2024:0300
reference_id RHSA-2024:0300
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:0300
27
reference_url https://access.redhat.com/errata/RHSA-2024:0464
reference_id RHSA-2024:0464
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:0464
28
reference_url https://access.redhat.com/errata/RHSA-2024:0588
reference_id RHSA-2024:0588
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:0588
29
reference_url https://access.redhat.com/errata/RHSA-2024:11189
reference_id RHSA-2024:11189
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:11189
30
reference_url https://access.redhat.com/errata/RHSA-2024:11238
reference_id RHSA-2024:11238
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:11238
31
reference_url https://access.redhat.com/errata/RHSA-2024:1155
reference_id RHSA-2024:1155
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:1155
32
reference_url https://access.redhat.com/errata/RHSA-2024:1383
reference_id RHSA-2024:1383
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:1383
33
reference_url https://access.redhat.com/errata/RHSA-2024:2132
reference_id RHSA-2024:2132
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:2132
34
reference_url https://access.redhat.com/errata/RHSA-2024:2734
reference_id RHSA-2024:2734
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:2734
35
reference_url https://access.redhat.com/errata/RHSA-2024:2952
reference_id RHSA-2024:2952
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:2952
36
reference_url https://access.redhat.com/errata/RHSA-2024:2968
reference_id RHSA-2024:2968
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:2968
37
reference_url https://access.redhat.com/errata/RHSA-2024:2988
reference_id RHSA-2024:2988
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:2988
38
reference_url https://access.redhat.com/errata/RHSA-2025:0078
reference_id RHSA-2025:0078
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:0078
39
reference_url https://access.redhat.com/errata/RHSA-2025:1793
reference_id RHSA-2025:1793
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:1793
40
reference_url https://access.redhat.com/errata/RHSA-2025:1813
reference_id RHSA-2025:1813
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:1813
41
reference_url https://usn.ubuntu.com/6473-1/
reference_id USN-6473-1
reference_type
scores
url https://usn.ubuntu.com/6473-1/
42
reference_url https://usn.ubuntu.com/6473-2/
reference_id USN-6473-2
reference_type
scores
url https://usn.ubuntu.com/6473-2/
43
reference_url https://usn.ubuntu.com/7762-1/
reference_id USN-7762-1
reference_type
scores
url https://usn.ubuntu.com/7762-1/
fixed_packages
aliases CVE-2023-45803, GHSA-g4mx-q9vg-27p4, PYSEC-2023-212
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-4evk-srqq-fuef
1
url VCID-np94-ghhk-nug4
vulnerability_id VCID-np94-ghhk-nug4
summary 
Jinja vulnerable to HTML attribute injection when passing user input as keys to xmlattr filter
The `xmlattr` filter in affected versions of Jinja accepts keys containing spaces. XML/HTML attributes cannot contain spaces, as each would then be interpreted as a separate attribute. If an application accepts keys (as opposed to only values) as user input, and renders these in pages that other users see as well, an attacker could use this to inject other attributes and perform XSS. Note that accepting keys as user input is not common or a particularly intended use case of the `xmlattr` filter, and an application doing so should already be verifying what keys are provided regardless of this fix.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-22195.json
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-22195.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2024-22195
reference_id
reference_type
scores
0
value 0.00151
scoring_system epss
scoring_elements 0.3566
published_at 2026-04-21T12:55:00Z
1
value 0.00151
scoring_system epss
scoring_elements 0.3571
published_at 2026-04-18T12:55:00Z
2
value 0.00151
scoring_system epss
scoring_elements 0.35722
published_at 2026-04-16T12:55:00Z
3
value 0.00151
scoring_system epss
scoring_elements 0.35681
published_at 2026-04-13T12:55:00Z
4
value 0.00151
scoring_system epss
scoring_elements 0.35704
published_at 2026-04-12T12:55:00Z
5
value 0.00151
scoring_system epss
scoring_elements 0.35749
published_at 2026-04-11T12:55:00Z
6
value 0.00151
scoring_system epss
scoring_elements 0.3574
published_at 2026-04-09T12:55:00Z
7
value 0.00151
scoring_system epss
scoring_elements 0.35717
published_at 2026-04-08T12:55:00Z
8
value 0.00151
scoring_system epss
scoring_elements 0.35671
published_at 2026-04-07T12:55:00Z
9
value 0.00151
scoring_system epss
scoring_elements 0.35791
published_at 2026-04-04T12:55:00Z
10
value 0.00151
scoring_system epss
scoring_elements 0.35765
published_at 2026-04-02T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2024-22195
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-22195
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-22195
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://github.com/pallets/jinja
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/pallets/jinja
5
reference_url https://github.com/pallets/jinja/commit/716795349a41d4983a9a4771f7d883c96ea17be7
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/pallets/jinja/commit/716795349a41d4983a9a4771f7d883c96ea17be7
6
reference_url https://github.com/pallets/jinja/releases/tag/3.1.3
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-01-11T19:50:04Z/
url https://github.com/pallets/jinja/releases/tag/3.1.3
7
reference_url https://github.com/pallets/jinja/security/advisories/GHSA-h5c8-rqwp-cp95
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N
1
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-01-11T19:50:04Z/
url https://github.com/pallets/jinja/security/advisories/GHSA-h5c8-rqwp-cp95
8
reference_url https://lists.debian.org/debian-lts-announce/2024/01/msg00010.html
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-01-11T19:50:04Z/
url https://lists.debian.org/debian-lts-announce/2024/01/msg00010.html
9
reference_url https://lists.debian.org/debian-lts-announce/2024/12/msg00009.html
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.debian.org/debian-lts-announce/2024/12/msg00009.html
10
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5XCWZD464AJJJUBOO7CMPXQ4ROBC6JX2
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5XCWZD464AJJJUBOO7CMPXQ4ROBC6JX2
11
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DELCVUUYX75I5K4Q5WMJG4MUZJA6VAIP
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DELCVUUYX75I5K4Q5WMJG4MUZJA6VAIP
12
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/O7YWRBX6JQCWC2XXCTZ55C7DPMGICCN3
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/O7YWRBX6JQCWC2XXCTZ55C7DPMGICCN3
13
reference_url https://nvd.nist.gov/vuln/detail/CVE-2024-22195
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2024-22195
14
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1060748
reference_id 1060748
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1060748
15
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2257854
reference_id 2257854
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2257854
16
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5XCWZD464AJJJUBOO7CMPXQ4ROBC6JX2/
reference_id 5XCWZD464AJJJUBOO7CMPXQ4ROBC6JX2
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-01-11T19:50:04Z/
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5XCWZD464AJJJUBOO7CMPXQ4ROBC6JX2/
17
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DELCVUUYX75I5K4Q5WMJG4MUZJA6VAIP/
reference_id DELCVUUYX75I5K4Q5WMJG4MUZJA6VAIP
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-01-11T19:50:04Z/
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DELCVUUYX75I5K4Q5WMJG4MUZJA6VAIP/
18
reference_url https://github.com/advisories/GHSA-h5c8-rqwp-cp95
reference_id GHSA-h5c8-rqwp-cp95
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-h5c8-rqwp-cp95
19
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/O7YWRBX6JQCWC2XXCTZ55C7DPMGICCN3/
reference_id O7YWRBX6JQCWC2XXCTZ55C7DPMGICCN3
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-01-11T19:50:04Z/
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/O7YWRBX6JQCWC2XXCTZ55C7DPMGICCN3/
20
reference_url https://access.redhat.com/errata/RHSA-2024:1057
reference_id RHSA-2024:1057
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:1057
21
reference_url https://access.redhat.com/errata/RHSA-2024:1155
reference_id RHSA-2024:1155
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:1155
22
reference_url https://access.redhat.com/errata/RHSA-2024:1878
reference_id RHSA-2024:1878
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:1878
23
reference_url https://access.redhat.com/errata/RHSA-2024:2132
reference_id RHSA-2024:2132
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:2132
24
reference_url https://access.redhat.com/errata/RHSA-2024:2348
reference_id RHSA-2024:2348
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:2348
25
reference_url https://access.redhat.com/errata/RHSA-2024:2733
reference_id RHSA-2024:2733
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:2733
26
reference_url https://access.redhat.com/errata/RHSA-2024:2968
reference_id RHSA-2024:2968
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:2968
27
reference_url https://access.redhat.com/errata/RHSA-2024:2987
reference_id RHSA-2024:2987
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:2987
28
reference_url https://access.redhat.com/errata/RHSA-2024:3102
reference_id RHSA-2024:3102
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:3102
29
reference_url https://access.redhat.com/errata/RHSA-2024:3927
reference_id RHSA-2024:3927
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:3927
30
reference_url https://usn.ubuntu.com/6599-1/
reference_id USN-6599-1
reference_type
scores
url https://usn.ubuntu.com/6599-1/
fixed_packages
aliases CVE-2024-22195, GHSA-h5c8-rqwp-cp95
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-np94-ghhk-nug4
2
url VCID-xyku-dd6j-u3ex
vulnerability_id VCID-xyku-dd6j-u3ex
summary PyCryptodome and pycryptodomex before 3.19.1 allow side-channel leakage for OAEP decryption, exploitable for a Manger attack.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-52323.json
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-52323.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2023-52323
reference_id
reference_type
scores
0
value 0.00074
scoring_system epss
scoring_elements 0.22385
published_at 2026-04-21T12:55:00Z
1
value 0.00074
scoring_system epss
scoring_elements 0.22436
published_at 2026-04-18T12:55:00Z
2
value 0.00074
scoring_system epss
scoring_elements 0.22439
published_at 2026-04-16T12:55:00Z
3
value 0.00074
scoring_system epss
scoring_elements 0.22421
published_at 2026-04-13T12:55:00Z
4
value 0.00074
scoring_system epss
scoring_elements 0.22476
published_at 2026-04-12T12:55:00Z
5
value 0.00074
scoring_system epss
scoring_elements 0.22517
published_at 2026-04-11T12:55:00Z
6
value 0.00074
scoring_system epss
scoring_elements 0.22498
published_at 2026-04-09T12:55:00Z
7
value 0.00074
scoring_system epss
scoring_elements 0.22443
published_at 2026-04-08T12:55:00Z
8
value 0.00074
scoring_system epss
scoring_elements 0.22362
published_at 2026-04-07T12:55:00Z
9
value 0.00074
scoring_system epss
scoring_elements 0.22531
published_at 2026-04-02T12:55:00Z
10
value 0.00074
scoring_system epss
scoring_elements 0.22573
published_at 2026-04-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2023-52323
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-52323
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-52323
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://github.com/Legrandin/pycryptodome
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/Legrandin/pycryptodome
5
reference_url https://github.com/Legrandin/pycryptodome/blob/master/Changelog.rst
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
2
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
3
value HIGH
scoring_system generic_textual
scoring_elements
4
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:36:55Z/
url https://github.com/Legrandin/pycryptodome/blob/master/Changelog.rst
6
reference_url https://github.com/Legrandin/pycryptodome/commit/0deea1bfe1489e8c80d2053bbb06a1aa0b181ebd
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/Legrandin/pycryptodome/commit/0deea1bfe1489e8c80d2053bbb06a1aa0b181ebd
7
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/pycryptodomex/PYSEC-2024-3.yaml
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/pycryptodomex/PYSEC-2024-3.yaml
8
reference_url https://nvd.nist.gov/vuln/detail/CVE-2023-52323
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2023-52323
9
reference_url https://pypi.org/project/pycryptodomex/#history
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
2
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
3
value HIGH
scoring_system generic_textual
scoring_elements
4
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:36:55Z/
url https://pypi.org/project/pycryptodomex/#history
10
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1060059
reference_id 1060059
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1060059
11
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2257028
reference_id 2257028
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2257028
12
reference_url https://github.com/advisories/GHSA-j225-cvw7-qrx7
reference_id GHSA-j225-cvw7-qrx7
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-j225-cvw7-qrx7
13
reference_url https://access.redhat.com/errata/RHSA-2024:1057
reference_id RHSA-2024:1057
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:1057
14
reference_url https://access.redhat.com/errata/RHSA-2024:1155
reference_id RHSA-2024:1155
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:1155
15
reference_url https://access.redhat.com/errata/RHSA-2024:2132
reference_id RHSA-2024:2132
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:2132
16
reference_url https://access.redhat.com/errata/RHSA-2024:2952
reference_id RHSA-2024:2952
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:2952
17
reference_url https://access.redhat.com/errata/RHSA-2024:2968
reference_id RHSA-2024:2968
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:2968
18
reference_url https://usn.ubuntu.com/6595-1/
reference_id USN-6595-1
reference_type
scores
url https://usn.ubuntu.com/6595-1/
fixed_packages
aliases CVE-2023-52323, GHSA-j225-cvw7-qrx7, PYSEC-2024-3
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-xyku-dd6j-u3ex
Fixing_vulnerabilities
Risk_score4.0
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:rpm/redhat/fence-agents@4.10.0-62%3Farch=el9