Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:rpm/redhat/python-twisted@23.10.0-1?arch=el9ap
Typerpm
Namespaceredhat
Namepython-twisted
Version23.10.0-1
Qualifiers
arch el9ap
Subpath
Is_vulnerabletrue
Next_non_vulnerable_versionnull
Latest_non_vulnerable_versionnull
Affected_by_vulnerabilities
0
url VCID-y7f5-9nmg-w7b3
vulnerability_id VCID-y7f5-9nmg-w7b3
summary Twisted is an event-based framework for internet applications. Prior to version 23.10.0rc1, when sending multiple HTTP requests in one TCP packet, twisted.web will process the requests asynchronously without guaranteeing the response order. If one of the endpoints is controlled by an attacker, the attacker can delay the response on purpose to manipulate the response of the second request when a victim launched two requests using HTTP pipeline. Version 23.10.0rc1 contains a patch for this issue.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-46137.json
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-46137.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2023-46137
reference_id
reference_type
scores
0
value 0.00594
scoring_system epss
scoring_elements 0.69261
published_at 2026-04-04T12:55:00Z
1
value 0.00594
scoring_system epss
scoring_elements 0.69242
published_at 2026-04-02T12:55:00Z
2
value 0.00666
scoring_system epss
scoring_elements 0.71262
published_at 2026-04-21T12:55:00Z
3
value 0.00666
scoring_system epss
scoring_elements 0.71184
published_at 2026-04-07T12:55:00Z
4
value 0.00666
scoring_system epss
scoring_elements 0.71226
published_at 2026-04-08T12:55:00Z
5
value 0.00666
scoring_system epss
scoring_elements 0.71241
published_at 2026-04-09T12:55:00Z
6
value 0.00666
scoring_system epss
scoring_elements 0.71263
published_at 2026-04-11T12:55:00Z
7
value 0.00666
scoring_system epss
scoring_elements 0.71249
published_at 2026-04-12T12:55:00Z
8
value 0.00666
scoring_system epss
scoring_elements 0.71233
published_at 2026-04-13T12:55:00Z
9
value 0.00666
scoring_system epss
scoring_elements 0.71279
published_at 2026-04-16T12:55:00Z
10
value 0.00666
scoring_system epss
scoring_elements 0.71286
published_at 2026-04-18T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2023-46137
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-46137
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-46137
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/twisted/PYSEC-2023-224.yaml
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/twisted/PYSEC-2023-224.yaml
5
reference_url https://github.com/twisted/twisted
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/twisted/twisted
6
reference_url https://github.com/twisted/twisted/security/advisories/GHSA-xc8x-vp79-p3wm
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
1
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
2
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N
3
value MODERATE
scoring_system generic_textual
scoring_elements
4
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-09-10T13:57:52Z/
url https://github.com/twisted/twisted/security/advisories/GHSA-xc8x-vp79-p3wm
7
reference_url https://lists.debian.org/debian-lts-announce/2024/11/msg00028.html
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.debian.org/debian-lts-announce/2024/11/msg00028.html
8
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1054913
reference_id 1054913
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1054913
9
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2246264
reference_id 2246264
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2246264
10
reference_url https://nvd.nist.gov/vuln/detail/CVE-2023-46137
reference_id CVE-2023-46137
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2023-46137
11
reference_url https://github.com/advisories/GHSA-xc8x-vp79-p3wm
reference_id GHSA-xc8x-vp79-p3wm
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-xc8x-vp79-p3wm
12
reference_url https://access.redhat.com/errata/RHSA-2024:0322
reference_id RHSA-2024:0322
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:0322
13
reference_url https://access.redhat.com/errata/RHSA-2024:1516
reference_id RHSA-2024:1516
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:1516
14
reference_url https://access.redhat.com/errata/RHSA-2024:1518
reference_id RHSA-2024:1518
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:1518
15
reference_url https://usn.ubuntu.com/6575-1/
reference_id USN-6575-1
reference_type
scores
url https://usn.ubuntu.com/6575-1/
fixed_packages
aliases CVE-2023-46137, GHSA-xc8x-vp79-p3wm, PYSEC-2023-224
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-y7f5-9nmg-w7b3
Fixing_vulnerabilities
Risk_score3.1
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:rpm/redhat/python-twisted@23.10.0-1%3Farch=el9ap