Django REST framework

Lookup for vulnerabilities affecting packages.

Vulnerability_id VCID-rfpm-yp1s-y3ft

Summary When encrypting with a block cipher, if a call to NSC_EncryptUpdate was made with data smaller than the block size, a small out of bounds write could occur. This could have caused heap corruption and a potentially exploitable crash.

Aliases

alias	CVE-2019-11745

Fixed_packages

url pkg:alpm/archlinux/firefox@71.0-1

purl pkg:alpm/archlinux/firefox@71.0-1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-7bpy-jqqd-akej

vulnerability	VCID-9hh5-pzwd-g3bc

vulnerability	VCID-bw2w-68hs-3bcd

vulnerability	VCID-dng7-9qkz-fbar

vulnerability	VCID-nw5y-qanq-xfes

vulnerability	VCID-sp2m-d2rd-nfb6

vulnerability	VCID-wqzh-h6mn-f3b8

resource_url http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/firefox@71.0-1

url	pkg:alpm/archlinux/thunderbird@68.3.0-1
purl	pkg:alpm/archlinux/thunderbird@68.3.0-1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/thunderbird@68.3.0-1

url pkg:deb/debian/nss@2:3.42.1-1%2Bdeb10u5

purl pkg:deb/debian/nss@2:3.42.1-1%2Bdeb10u5

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1btz-x11h-wbe3

vulnerability	VCID-9wkp-gr2p-kuda

vulnerability	VCID-bw2w-68hs-3bcd

vulnerability	VCID-kzju-7twc-fya8

vulnerability	VCID-m314-1d92-fke4

vulnerability	VCID-phzc-3ex9-4bf7

vulnerability	VCID-qpmv-44r5-tqby

vulnerability	VCID-rc8a-n1r3-v7a1

vulnerability	VCID-rfpm-yp1s-y3ft

vulnerability	VCID-xavu-ygkk-u3fn

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.42.1-1%252Bdeb10u5

url	pkg:deb/debian/nss@2:3.47.1-1?distro=trixie
purl	pkg:deb/debian/nss@2:3.47.1-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.47.1-1%3Fdistro=trixie

url pkg:deb/debian/nss@2:3.61-1%2Bdeb11u3

purl pkg:deb/debian/nss@2:3.61-1%2Bdeb11u3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-je5a-edxm-rybv

vulnerability	VCID-ybek-h33z-v7dr

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.61-1%252Bdeb11u3

url pkg:deb/debian/nss@2:3.61-1%2Bdeb11u3?distro=trixie

purl pkg:deb/debian/nss@2:3.61-1%2Bdeb11u3?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-e9n9-xud9-dkgv

vulnerability	VCID-je5a-edxm-rybv

vulnerability	VCID-wjka-dkr1-m7eu

vulnerability	VCID-yasd-f1n9-sbew

vulnerability	VCID-ybek-h33z-v7dr

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.61-1%252Bdeb11u3%3Fdistro=trixie

url pkg:deb/debian/nss@2:3.87.1-1%2Bdeb12u2?distro=trixie

purl pkg:deb/debian/nss@2:3.87.1-1%2Bdeb12u2?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-ckmw-656v-byhx

vulnerability	VCID-e9n9-xud9-dkgv

vulnerability	VCID-je5a-edxm-rybv

vulnerability	VCID-wjka-dkr1-m7eu

vulnerability	VCID-yasd-f1n9-sbew

vulnerability	VCID-ybek-h33z-v7dr

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.87.1-1%252Bdeb12u2%3Fdistro=trixie

url	pkg:deb/debian/nss@2:3.110-1%2Bdeb13u1?distro=trixie
purl	pkg:deb/debian/nss@2:3.110-1%2Bdeb13u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.110-1%252Bdeb13u1%3Fdistro=trixie

url	pkg:deb/debian/nss@2:3.124-1?distro=trixie
purl	pkg:deb/debian/nss@2:3.124-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.124-1%3Fdistro=trixie

url	pkg:ebuild/mail-client/thunderbird@68.6.0
purl	pkg:ebuild/mail-client/thunderbird@68.6.0
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird@68.6.0

url	pkg:ebuild/mail-client/thunderbird-bin@68.6.0
purl	pkg:ebuild/mail-client/thunderbird-bin@68.6.0
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@68.6.0

url	pkg:ebuild/www-client/firefox@68.6.0
purl	pkg:ebuild/www-client/firefox@68.6.0
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@68.6.0

url	pkg:ebuild/www-client/firefox-bin@68.6.0
purl	pkg:ebuild/www-client/firefox-bin@68.6.0
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox-bin@68.6.0

Affected_packages

url pkg:alpm/archlinux/firefox@70.0.1-3

purl pkg:alpm/archlinux/firefox@70.0.1-3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-3819-3qjj-zuh4

vulnerability	VCID-7xpb-r1ud-bfe9

vulnerability	VCID-b3cr-fa8q-m7bw

vulnerability	VCID-bpz1-86sf-5ygu

vulnerability	VCID-d82e-qy3k-uuaa

vulnerability	VCID-esk6-m4j8-3yf9

vulnerability	VCID-rfpm-yp1s-y3ft

vulnerability	VCID-t2ga-r9t5-1yd4

vulnerability	VCID-xp1u-g98v-dkcn

vulnerability	VCID-yz9c-hahm-fubj

resource_url http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/firefox@70.0.1-3

url pkg:alpm/archlinux/thunderbird@68.2.2-2

purl pkg:alpm/archlinux/thunderbird@68.2.2-2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-3819-3qjj-zuh4

vulnerability	VCID-7xpb-r1ud-bfe9

vulnerability	VCID-b3cr-fa8q-m7bw

vulnerability	VCID-bpz1-86sf-5ygu

vulnerability	VCID-d82e-qy3k-uuaa

vulnerability	VCID-rfpm-yp1s-y3ft

resource_url http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/thunderbird@68.2.2-2

url pkg:deb/debian/nss@3.12.3.1-0lenny7

purl pkg:deb/debian/nss@3.12.3.1-0lenny7

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1btz-x11h-wbe3

vulnerability	VCID-2amq-1dpv-r7ce

vulnerability	VCID-4gzd-m5g6-rbgm

vulnerability	VCID-7gkv-pu79-43hx

vulnerability	VCID-81zk-xrsj-cufe

vulnerability	VCID-9pxb-dcy9-gybh

vulnerability	VCID-9wc3-cjef-3ucq

vulnerability	VCID-9wkp-gr2p-kuda

vulnerability	VCID-aabg-akur-cyf3

vulnerability	VCID-atus-ryef-17h1

vulnerability	VCID-bw2w-68hs-3bcd

vulnerability	VCID-bzab-cse9-uudk

vulnerability	VCID-c2jb-u1sf-xkgr

vulnerability	VCID-c6v9-maak-dyde

vulnerability	VCID-ca9j-qrnm-eqc3

vulnerability	VCID-cjnx-d8j7-zqg3

vulnerability	VCID-dj1s-kgfe-f7cm

vulnerability	VCID-dvah-yevw-quhe

vulnerability	VCID-ekh8-4kg9-mubw

vulnerability	VCID-fam8-n44k-2qh7

vulnerability	VCID-jj5f-y1h9-skcp

vulnerability	VCID-jwzp-ucfg-wycd

vulnerability	VCID-kn9n-dpkn-d7bu

vulnerability	VCID-kzju-7twc-fya8

vulnerability	VCID-m314-1d92-fke4

vulnerability	VCID-mg1g-83ha-ekgc

vulnerability	VCID-mq7v-8uvq-5yeq

vulnerability	VCID-nmpw-53d9-cqaj

vulnerability	VCID-pa6e-373h-6ybr

vulnerability	VCID-phzc-3ex9-4bf7

vulnerability	VCID-qpmv-44r5-tqby

vulnerability	VCID-rc8a-n1r3-v7a1

vulnerability	VCID-rfpm-yp1s-y3ft

vulnerability	VCID-s692-wjkg-xkfr

vulnerability	VCID-vct8-ur1y-63db

vulnerability	VCID-wfu5-qgs8-13ht

vulnerability	VCID-wh5f-gkuv-q3ep

vulnerability	VCID-x4x5-44xh-6uat

vulnerability	VCID-xavu-ygkk-u3fn

vulnerability	VCID-xg2b-zzbj-juds

vulnerability	VCID-yjyn-kpq2-qkb7

vulnerability	VCID-znh3-rqwe-8ke3

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@3.12.3.1-0lenny7

url pkg:deb/debian/nss@3.12.8-1%2Bsqueeze7

purl pkg:deb/debian/nss@3.12.8-1%2Bsqueeze7

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1btz-x11h-wbe3

vulnerability	VCID-2amq-1dpv-r7ce

vulnerability	VCID-4gzd-m5g6-rbgm

vulnerability	VCID-7gkv-pu79-43hx

vulnerability	VCID-81zk-xrsj-cufe

vulnerability	VCID-9pxb-dcy9-gybh

vulnerability	VCID-9wc3-cjef-3ucq

vulnerability	VCID-9wkp-gr2p-kuda

vulnerability	VCID-aabg-akur-cyf3

vulnerability	VCID-bw2w-68hs-3bcd

vulnerability	VCID-bzab-cse9-uudk

vulnerability	VCID-c6v9-maak-dyde

vulnerability	VCID-ca9j-qrnm-eqc3

vulnerability	VCID-cjnx-d8j7-zqg3

vulnerability	VCID-dj1s-kgfe-f7cm

vulnerability	VCID-dvah-yevw-quhe

vulnerability	VCID-ekh8-4kg9-mubw

vulnerability	VCID-fam8-n44k-2qh7

vulnerability	VCID-jj5f-y1h9-skcp

vulnerability	VCID-jwzp-ucfg-wycd

vulnerability	VCID-kn9n-dpkn-d7bu

vulnerability	VCID-kzju-7twc-fya8

vulnerability	VCID-m314-1d92-fke4

vulnerability	VCID-mq7v-8uvq-5yeq

vulnerability	VCID-nmpw-53d9-cqaj

vulnerability	VCID-pa6e-373h-6ybr

vulnerability	VCID-phzc-3ex9-4bf7

vulnerability	VCID-qpmv-44r5-tqby

vulnerability	VCID-rc8a-n1r3-v7a1

vulnerability	VCID-rfpm-yp1s-y3ft

vulnerability	VCID-s692-wjkg-xkfr

vulnerability	VCID-vct8-ur1y-63db

vulnerability	VCID-wfu5-qgs8-13ht

vulnerability	VCID-wh5f-gkuv-q3ep

vulnerability	VCID-x4x5-44xh-6uat

vulnerability	VCID-xavu-ygkk-u3fn

vulnerability	VCID-xg2b-zzbj-juds

vulnerability	VCID-yjyn-kpq2-qkb7

vulnerability	VCID-znh3-rqwe-8ke3

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@3.12.8-1%252Bsqueeze7

url pkg:deb/debian/nss@3.12.8-1%2Bsqueeze14

purl pkg:deb/debian/nss@3.12.8-1%2Bsqueeze14

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1btz-x11h-wbe3

vulnerability	VCID-2amq-1dpv-r7ce

vulnerability	VCID-4gzd-m5g6-rbgm

vulnerability	VCID-7gkv-pu79-43hx

vulnerability	VCID-81zk-xrsj-cufe

vulnerability	VCID-9pxb-dcy9-gybh

vulnerability	VCID-9wc3-cjef-3ucq

vulnerability	VCID-9wkp-gr2p-kuda

vulnerability	VCID-aabg-akur-cyf3

vulnerability	VCID-bw2w-68hs-3bcd

vulnerability	VCID-bzab-cse9-uudk

vulnerability	VCID-c6v9-maak-dyde

vulnerability	VCID-ca9j-qrnm-eqc3

vulnerability	VCID-cjnx-d8j7-zqg3

vulnerability	VCID-dj1s-kgfe-f7cm

vulnerability	VCID-dvah-yevw-quhe

vulnerability	VCID-ekh8-4kg9-mubw

vulnerability	VCID-fam8-n44k-2qh7

vulnerability	VCID-jj5f-y1h9-skcp

vulnerability	VCID-jwzp-ucfg-wycd

vulnerability	VCID-kn9n-dpkn-d7bu

vulnerability	VCID-kzju-7twc-fya8

vulnerability	VCID-m314-1d92-fke4

vulnerability	VCID-mq7v-8uvq-5yeq

vulnerability	VCID-nmpw-53d9-cqaj

vulnerability	VCID-pa6e-373h-6ybr

vulnerability	VCID-phzc-3ex9-4bf7

vulnerability	VCID-qpmv-44r5-tqby

vulnerability	VCID-rc8a-n1r3-v7a1

vulnerability	VCID-rfpm-yp1s-y3ft

vulnerability	VCID-s692-wjkg-xkfr

vulnerability	VCID-vct8-ur1y-63db

vulnerability	VCID-wfu5-qgs8-13ht

vulnerability	VCID-wh5f-gkuv-q3ep

vulnerability	VCID-x4x5-44xh-6uat

vulnerability	VCID-xavu-ygkk-u3fn

vulnerability	VCID-xg2b-zzbj-juds

vulnerability	VCID-yjyn-kpq2-qkb7

vulnerability	VCID-znh3-rqwe-8ke3

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@3.12.8-1%252Bsqueeze14

url pkg:deb/debian/nss@2:3.14.5-1%2Bdeb7u5

purl pkg:deb/debian/nss@2:3.14.5-1%2Bdeb7u5

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1btz-x11h-wbe3

vulnerability	VCID-2amq-1dpv-r7ce

vulnerability	VCID-7gkv-pu79-43hx

vulnerability	VCID-81zk-xrsj-cufe

vulnerability	VCID-9pxb-dcy9-gybh

vulnerability	VCID-9wc3-cjef-3ucq

vulnerability	VCID-9wkp-gr2p-kuda

vulnerability	VCID-aabg-akur-cyf3

vulnerability	VCID-bw2w-68hs-3bcd

vulnerability	VCID-bzab-cse9-uudk

vulnerability	VCID-c6v9-maak-dyde

vulnerability	VCID-ca9j-qrnm-eqc3

vulnerability	VCID-cjnx-d8j7-zqg3

vulnerability	VCID-dj1s-kgfe-f7cm

vulnerability	VCID-dvah-yevw-quhe

vulnerability	VCID-fam8-n44k-2qh7

vulnerability	VCID-jj5f-y1h9-skcp

vulnerability	VCID-jwzp-ucfg-wycd

vulnerability	VCID-kn9n-dpkn-d7bu

vulnerability	VCID-kzju-7twc-fya8

vulnerability	VCID-m314-1d92-fke4

vulnerability	VCID-mq7v-8uvq-5yeq

vulnerability	VCID-nmpw-53d9-cqaj

vulnerability	VCID-pa6e-373h-6ybr

vulnerability	VCID-phzc-3ex9-4bf7

vulnerability	VCID-qpmv-44r5-tqby

vulnerability	VCID-rc8a-n1r3-v7a1

vulnerability	VCID-rfpm-yp1s-y3ft

vulnerability	VCID-s692-wjkg-xkfr

vulnerability	VCID-vct8-ur1y-63db

vulnerability	VCID-wfu5-qgs8-13ht

vulnerability	VCID-x4x5-44xh-6uat

vulnerability	VCID-xavu-ygkk-u3fn

vulnerability	VCID-xg2b-zzbj-juds

vulnerability	VCID-yjyn-kpq2-qkb7

vulnerability	VCID-znh3-rqwe-8ke3

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.14.5-1%252Bdeb7u5

url pkg:deb/debian/nss@2:3.17.2-1.1

purl pkg:deb/debian/nss@2:3.17.2-1.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1btz-x11h-wbe3

vulnerability	VCID-7gkv-pu79-43hx

vulnerability	VCID-81zk-xrsj-cufe

vulnerability	VCID-9pxb-dcy9-gybh

vulnerability	VCID-9wc3-cjef-3ucq

vulnerability	VCID-9wkp-gr2p-kuda

vulnerability	VCID-aabg-akur-cyf3

vulnerability	VCID-bw2w-68hs-3bcd

vulnerability	VCID-cjnx-d8j7-zqg3

vulnerability	VCID-dj1s-kgfe-f7cm

vulnerability	VCID-fam8-n44k-2qh7

vulnerability	VCID-jj5f-y1h9-skcp

vulnerability	VCID-jwzp-ucfg-wycd

vulnerability	VCID-kzju-7twc-fya8

vulnerability	VCID-m314-1d92-fke4

vulnerability	VCID-mq7v-8uvq-5yeq

vulnerability	VCID-pa6e-373h-6ybr

vulnerability	VCID-phzc-3ex9-4bf7

vulnerability	VCID-qpmv-44r5-tqby

vulnerability	VCID-rc8a-n1r3-v7a1

vulnerability	VCID-rfpm-yp1s-y3ft

vulnerability	VCID-s692-wjkg-xkfr

vulnerability	VCID-vct8-ur1y-63db

vulnerability	VCID-wfu5-qgs8-13ht

vulnerability	VCID-x4x5-44xh-6uat

vulnerability	VCID-xavu-ygkk-u3fn

vulnerability	VCID-yjyn-kpq2-qkb7

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.17.2-1.1

url pkg:deb/debian/nss@2:3.26-1%2Bdebu8u3

purl pkg:deb/debian/nss@2:3.26-1%2Bdebu8u3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1btz-x11h-wbe3

vulnerability	VCID-9wkp-gr2p-kuda

vulnerability	VCID-aabg-akur-cyf3

vulnerability	VCID-bw2w-68hs-3bcd

vulnerability	VCID-dj1s-kgfe-f7cm

vulnerability	VCID-kzju-7twc-fya8

vulnerability	VCID-m314-1d92-fke4

vulnerability	VCID-pa6e-373h-6ybr

vulnerability	VCID-phzc-3ex9-4bf7

vulnerability	VCID-qpmv-44r5-tqby

vulnerability	VCID-rc8a-n1r3-v7a1

vulnerability	VCID-rfpm-yp1s-y3ft

vulnerability	VCID-wfu5-qgs8-13ht

vulnerability	VCID-x4x5-44xh-6uat

vulnerability	VCID-xavu-ygkk-u3fn

vulnerability	VCID-yjyn-kpq2-qkb7

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.26-1%252Bdebu8u3

url pkg:deb/debian/nss@2:3.26.2-1.1%2Bdeb9u1

purl pkg:deb/debian/nss@2:3.26.2-1.1%2Bdeb9u1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1btz-x11h-wbe3

vulnerability	VCID-9wkp-gr2p-kuda

vulnerability	VCID-aabg-akur-cyf3

vulnerability	VCID-bw2w-68hs-3bcd

vulnerability	VCID-kzju-7twc-fya8

vulnerability	VCID-m314-1d92-fke4

vulnerability	VCID-phzc-3ex9-4bf7

vulnerability	VCID-qpmv-44r5-tqby

vulnerability	VCID-rc8a-n1r3-v7a1

vulnerability	VCID-rfpm-yp1s-y3ft

vulnerability	VCID-wfu5-qgs8-13ht

vulnerability	VCID-xavu-ygkk-u3fn

vulnerability	VCID-yjyn-kpq2-qkb7

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.26.2-1.1%252Bdeb9u1

url pkg:deb/debian/nss@2:3.42.1-1%2Bdeb10u5

purl pkg:deb/debian/nss@2:3.42.1-1%2Bdeb10u5

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1btz-x11h-wbe3

vulnerability	VCID-9wkp-gr2p-kuda

vulnerability	VCID-bw2w-68hs-3bcd

vulnerability	VCID-kzju-7twc-fya8

vulnerability	VCID-m314-1d92-fke4

vulnerability	VCID-phzc-3ex9-4bf7

vulnerability	VCID-qpmv-44r5-tqby

vulnerability	VCID-rc8a-n1r3-v7a1

vulnerability	VCID-rfpm-yp1s-y3ft

vulnerability	VCID-xavu-ygkk-u3fn

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.42.1-1%252Bdeb10u5

url pkg:rpm/redhat/nss@3.44.0-7?arch=el7_7

purl pkg:rpm/redhat/nss@3.44.0-7?arch=el7_7

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1btz-x11h-wbe3

vulnerability	VCID-rfpm-yp1s-y3ft

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/nss@3.44.0-7%3Farch=el7_7

url pkg:rpm/redhat/nss@3.44.0-8?arch=el8_0

purl pkg:rpm/redhat/nss@3.44.0-8?arch=el8_0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-rfpm-yp1s-y3ft

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/nss@3.44.0-8%3Farch=el8_0

url pkg:rpm/redhat/nss@3.44.0-9?arch=el8_1

purl pkg:rpm/redhat/nss@3.44.0-9?arch=el8_1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-rfpm-yp1s-y3ft

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/nss@3.44.0-9%3Farch=el8_1

url pkg:rpm/redhat/nss-softokn@3.14.3-23?arch=el6_6

purl pkg:rpm/redhat/nss-softokn@3.14.3-23?arch=el6_6

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-rfpm-yp1s-y3ft

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/nss-softokn@3.14.3-23%3Farch=el6_6

url pkg:rpm/redhat/nss-softokn@3.28.3-9?arch=el7_4

purl pkg:rpm/redhat/nss-softokn@3.28.3-9?arch=el7_4

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-bbv3-sh4v-2yd3

vulnerability	VCID-rfpm-yp1s-y3ft

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/nss-softokn@3.28.3-9%3Farch=el7_4

url pkg:rpm/redhat/nss-softokn@3.36.0-6?arch=el7_5

purl pkg:rpm/redhat/nss-softokn@3.36.0-6?arch=el7_5

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-bbv3-sh4v-2yd3

vulnerability	VCID-rfpm-yp1s-y3ft

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/nss-softokn@3.36.0-6%3Farch=el7_5

url pkg:rpm/redhat/nss-softokn@3.36.0-6?arch=el7_6

purl pkg:rpm/redhat/nss-softokn@3.36.0-6?arch=el7_6

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-bbv3-sh4v-2yd3

vulnerability	VCID-rfpm-yp1s-y3ft

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/nss-softokn@3.36.0-6%3Farch=el7_6

url pkg:rpm/redhat/nss-softokn@3.44.0-6?arch=el6_10

purl pkg:rpm/redhat/nss-softokn@3.44.0-6?arch=el6_10

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-rfpm-yp1s-y3ft

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/nss-softokn@3.44.0-6%3Farch=el6_10

url pkg:rpm/redhat/nss-softokn@3.44.0-8?arch=el7_7

purl pkg:rpm/redhat/nss-softokn@3.44.0-8?arch=el7_7

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1btz-x11h-wbe3

vulnerability	VCID-rfpm-yp1s-y3ft

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/nss-softokn@3.44.0-8%3Farch=el7_7

url pkg:rpm/redhat/nss-util@3.44.0-4?arch=el7_7

purl pkg:rpm/redhat/nss-util@3.44.0-4?arch=el7_7

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1btz-x11h-wbe3

vulnerability	VCID-rfpm-yp1s-y3ft

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/nss-util@3.44.0-4%3Farch=el7_7

References

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-11745.json

reference_id

reference_type

scores

value	8.1
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-11745.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2019-11745

reference_id

reference_type

scores

value	0.00939
scoring_system	epss
scoring_elements	0.76586
published_at	2026-06-04T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2019-11745

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11745
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11745

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17007
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17007

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1774831
reference_id	1774831
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1774831

reference_url	https://security.archlinux.org/ASA-201912-1
reference_id	ASA-201912-1
reference_type
scores
url	https://security.archlinux.org/ASA-201912-1

reference_url	https://security.archlinux.org/ASA-201912-2
reference_id	ASA-201912-2
reference_type
scores
url	https://security.archlinux.org/ASA-201912-2

reference_url

https://security.archlinux.org/AVG-1071

reference_id

AVG-1071

reference_type

scores

value	Critical
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-1071

reference_url

https://security.archlinux.org/AVG-1072

reference_id

AVG-1072

reference_type

scores

value	Critical
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-1072

reference_url	https://security.gentoo.org/glsa/202003-02
reference_id	GLSA-202003-02
reference_type
scores
url	https://security.gentoo.org/glsa/202003-02

reference_url	https://security.gentoo.org/glsa/202003-10
reference_id	GLSA-202003-10
reference_type
scores
url	https://security.gentoo.org/glsa/202003-10

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2019-36

reference_id

mfsa2019-36

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2019-36

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2019-37

reference_id

mfsa2019-37

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2019-37

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2019-38

reference_id

mfsa2019-38

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2019-38

reference_url	https://access.redhat.com/errata/RHSA-2019:4114
reference_id	RHSA-2019:4114
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2019:4114

reference_url	https://access.redhat.com/errata/RHSA-2019:4152
reference_id	RHSA-2019:4152
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2019:4152

reference_url	https://access.redhat.com/errata/RHSA-2019:4190
reference_id	RHSA-2019:4190
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2019:4190

reference_url	https://access.redhat.com/errata/RHSA-2020:0243
reference_id	RHSA-2020:0243
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:0243

reference_url	https://access.redhat.com/errata/RHSA-2020:0466
reference_id	RHSA-2020:0466
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:0466

reference_url	https://access.redhat.com/errata/RHSA-2020:1267
reference_id	RHSA-2020:1267
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:1267

reference_url	https://access.redhat.com/errata/RHSA-2020:1345
reference_id	RHSA-2020:1345
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:1345

reference_url	https://access.redhat.com/errata/RHSA-2020:1461
reference_id	RHSA-2020:1461
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:1461

Weaknesses

cwe_id	787
name	Out-of-bounds Write
description	The product writes data past the end, or before the beginning, of the intended buffer.

Exploits

Severity_range_score 7.0 - 10.0

Exploitability 0.5

Weighted_severity 9.0

Risk_score 4.5

Resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-rfpm-yp1s-y3ft

Vulnerability Instance