Django REST framework

Vulnerability Instance

Lookup for vulnerabilities affecting packages.

Vulnerability_idVCID-hhrm-r6gt-zugj
SummaryA vulnerability exists where it possible to force Network Security Services (NSS) to sign CertificateVerify with PKCS#1 v1.5 signatures when those are the only ones advertised by server in CertificateRequest in TLS 1.3. PKCS#1 v1.5 signatures should not be used for TLS 1.3 messages.
Aliases
0
alias CVE-2019-11727
Fixed_packages
0
url pkg:alpm/archlinux/firefox@68.0-1
purl pkg:alpm/archlinux/firefox@68.0-1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/firefox@68.0-1
1
url pkg:deb/debian/firefox@68.0-1?distro=sid
purl pkg:deb/debian/firefox@68.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@68.0-1%3Fdistro=sid
2
url pkg:deb/debian/firefox@151.0.2-1?distro=sid
purl pkg:deb/debian/firefox@151.0.2-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@151.0.2-1%3Fdistro=sid
3
url pkg:deb/debian/nss@2:3.45-1?distro=trixie
purl pkg:deb/debian/nss@2:3.45-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.45-1%3Fdistro=trixie
4
url pkg:deb/debian/nss@2:3.61-1%2Bdeb11u3?distro=trixie
purl pkg:deb/debian/nss@2:3.61-1%2Bdeb11u3?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2tdh-tupa-23en
1
vulnerability VCID-5dqq-xwr4-pbfv
2
vulnerability VCID-gxau-xxpj-fufj
3
vulnerability VCID-jd6h-m6sm-xqbt
4
vulnerability VCID-mg3r-rr93-zuen
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.61-1%252Bdeb11u3%3Fdistro=trixie
5
url pkg:deb/debian/nss@2:3.87.1-1%2Bdeb12u2?distro=trixie
purl pkg:deb/debian/nss@2:3.87.1-1%2Bdeb12u2?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2tdh-tupa-23en
1
vulnerability VCID-5dqq-xwr4-pbfv
2
vulnerability VCID-7vub-2tme-ffbs
3
vulnerability VCID-gxau-xxpj-fufj
4
vulnerability VCID-jd6h-m6sm-xqbt
5
vulnerability VCID-mg3r-rr93-zuen
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.87.1-1%252Bdeb12u2%3Fdistro=trixie
6
url pkg:deb/debian/nss@2:3.110-1%2Bdeb13u1?distro=trixie
purl pkg:deb/debian/nss@2:3.110-1%2Bdeb13u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.110-1%252Bdeb13u1%3Fdistro=trixie
7
url pkg:deb/debian/nss@2:3.123.1-1?distro=trixie
purl pkg:deb/debian/nss@2:3.123.1-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.123.1-1%3Fdistro=trixie
8
url pkg:deb/debian/nss@2:3.124-1?distro=trixie
purl pkg:deb/debian/nss@2:3.124-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.124-1%3Fdistro=trixie
9
url pkg:ebuild/www-client/firefox@60.8.0
purl pkg:ebuild/www-client/firefox@60.8.0
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@60.8.0
10
url pkg:ebuild/www-client/firefox-bin@60.8.0
purl pkg:ebuild/www-client/firefox-bin@60.8.0
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox-bin@60.8.0
Affected_packages
0
url pkg:alpm/archlinux/firefox@67.0.4-2
purl pkg:alpm/archlinux/firefox@67.0.4-2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2ukg-dcym-fqcz
1
vulnerability VCID-335d-bwjj-bkaq
2
vulnerability VCID-3c4a-9z8y-vbec
3
vulnerability VCID-3fsn-p2ze-8yau
4
vulnerability VCID-7nf5-8wtc-d3dw
5
vulnerability VCID-7qdp-s55r-xqhh
6
vulnerability VCID-83s9-q9tu-zbev
7
vulnerability VCID-86ck-yafa-nqce
8
vulnerability VCID-9huc-jz99-tyhv
9
vulnerability VCID-b8j8-hkam-cufq
10
vulnerability VCID-cew5-pkgx-jyd7
11
vulnerability VCID-hc51-zt1x-gfh8
12
vulnerability VCID-hhrm-r6gt-zugj
13
vulnerability VCID-j2yc-nq59-qkaw
14
vulnerability VCID-n9eh-w55f-nycr
15
vulnerability VCID-pqa8-n8aw-c3d6
16
vulnerability VCID-pvyj-ht1j-5uh2
17
vulnerability VCID-t467-6rc5-dfcs
18
vulnerability VCID-vvhk-611b-xuf5
19
vulnerability VCID-wfqw-j9cj-4yhd
20
vulnerability VCID-xwb6-quwq-7qhs
resource_url http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/firefox@67.0.4-2
1
url pkg:rpm/redhat/nspr@4.21.0-2?arch=el8_0
purl pkg:rpm/redhat/nspr@4.21.0-2?arch=el8_0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-13wx-hrvm-ubf7
1
vulnerability VCID-3c4a-9z8y-vbec
2
vulnerability VCID-7qdp-s55r-xqhh
3
vulnerability VCID-hhrm-r6gt-zugj
4
vulnerability VCID-nfx7-2cb9-6yhh
resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/nspr@4.21.0-2%3Farch=el8_0
2
url pkg:rpm/redhat/nspr@4.25.0-2?arch=el7_9
purl pkg:rpm/redhat/nspr@4.25.0-2?arch=el7_9
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2ypw-vkgz-77e5
1
vulnerability VCID-3c4a-9z8y-vbec
2
vulnerability VCID-4caa-ax3x-gqc1
3
vulnerability VCID-bnkf-cbew-aqcj
4
vulnerability VCID-e6yt-xzqm-8qds
5
vulnerability VCID-ebcw-tanv-sba9
6
vulnerability VCID-hhrm-r6gt-zugj
7
vulnerability VCID-nmfg-j5e8-qqa5
8
vulnerability VCID-xjrf-7rjd-zyh8
9
vulnerability VCID-zafx-6fyq-pbc3
resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/nspr@4.25.0-2%3Farch=el7_9
3
url pkg:rpm/redhat/nss@3.44.0-7?arch=el8_0
purl pkg:rpm/redhat/nss@3.44.0-7?arch=el8_0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-13wx-hrvm-ubf7
1
vulnerability VCID-3c4a-9z8y-vbec
2
vulnerability VCID-7qdp-s55r-xqhh
3
vulnerability VCID-hhrm-r6gt-zugj
4
vulnerability VCID-nfx7-2cb9-6yhh
resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/nss@3.44.0-7%3Farch=el8_0
4
url pkg:rpm/redhat/nss@3.53.1-3?arch=el7_9
purl pkg:rpm/redhat/nss@3.53.1-3?arch=el7_9
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2ypw-vkgz-77e5
1
vulnerability VCID-3c4a-9z8y-vbec
2
vulnerability VCID-4caa-ax3x-gqc1
3
vulnerability VCID-bnkf-cbew-aqcj
4
vulnerability VCID-e6yt-xzqm-8qds
5
vulnerability VCID-ebcw-tanv-sba9
6
vulnerability VCID-hhrm-r6gt-zugj
7
vulnerability VCID-nmfg-j5e8-qqa5
8
vulnerability VCID-xjrf-7rjd-zyh8
9
vulnerability VCID-zafx-6fyq-pbc3
resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/nss@3.53.1-3%3Farch=el7_9
5
url pkg:rpm/redhat/nss-softokn@3.53.1-6?arch=el7_9
purl pkg:rpm/redhat/nss-softokn@3.53.1-6?arch=el7_9
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2ypw-vkgz-77e5
1
vulnerability VCID-3c4a-9z8y-vbec
2
vulnerability VCID-4caa-ax3x-gqc1
3
vulnerability VCID-bnkf-cbew-aqcj
4
vulnerability VCID-e6yt-xzqm-8qds
5
vulnerability VCID-ebcw-tanv-sba9
6
vulnerability VCID-hhrm-r6gt-zugj
7
vulnerability VCID-nmfg-j5e8-qqa5
8
vulnerability VCID-xjrf-7rjd-zyh8
9
vulnerability VCID-zafx-6fyq-pbc3
resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/nss-softokn@3.53.1-6%3Farch=el7_9
6
url pkg:rpm/redhat/nss-util@3.53.1-1?arch=el7_9
purl pkg:rpm/redhat/nss-util@3.53.1-1?arch=el7_9
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2ypw-vkgz-77e5
1
vulnerability VCID-3c4a-9z8y-vbec
2
vulnerability VCID-4caa-ax3x-gqc1
3
vulnerability VCID-bnkf-cbew-aqcj
4
vulnerability VCID-e6yt-xzqm-8qds
5
vulnerability VCID-ebcw-tanv-sba9
6
vulnerability VCID-hhrm-r6gt-zugj
7
vulnerability VCID-nmfg-j5e8-qqa5
8
vulnerability VCID-xjrf-7rjd-zyh8
9
vulnerability VCID-zafx-6fyq-pbc3
resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/nss-util@3.53.1-1%3Farch=el7_9
References
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-11727.json
reference_id
reference_type
scores
0
value 3.4
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-11727.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2019-11727
reference_id
reference_type
scores
0
value 0.00244
scoring_system epss
scoring_elements 0.47768
published_at 2026-05-29T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2019-11727
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11727
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11727
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1730988
reference_id 1730988
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1730988
5
reference_url https://security.archlinux.org/ASA-201907-4
reference_id ASA-201907-4
reference_type
scores
url https://security.archlinux.org/ASA-201907-4
6
reference_url https://security.archlinux.org/AVG-1002
reference_id AVG-1002
reference_type
scores
0
value Critical
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-1002
7
reference_url https://security.gentoo.org/glsa/201908-12
reference_id GLSA-201908-12
reference_type
scores
url https://security.gentoo.org/glsa/201908-12
8
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2019-21
reference_id mfsa2019-21
reference_type
scores
0
value critical
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2019-21
9
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2019-28
reference_id mfsa2019-28
reference_type
scores
0
value critical
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2019-28
10
reference_url https://access.redhat.com/errata/RHSA-2019:1951
reference_id RHSA-2019:1951
reference_type
scores
url https://access.redhat.com/errata/RHSA-2019:1951
11
reference_url https://access.redhat.com/errata/RHSA-2020:4076
reference_id RHSA-2020:4076
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:4076
12
reference_url https://access.redhat.com/errata/RHSA-2021:0949
reference_id RHSA-2021:0949
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:0949
13
reference_url https://usn.ubuntu.com/4054-1/
reference_id USN-4054-1
reference_type
scores
url https://usn.ubuntu.com/4054-1/
14
reference_url https://usn.ubuntu.com/4060-1/
reference_id USN-4060-1
reference_type
scores
url https://usn.ubuntu.com/4060-1/
Weaknesses
0
cwe_id 327
name Use of a Broken or Risky Cryptographic Algorithm
description The product uses a broken or risky cryptographic algorithm or protocol.
Exploits
Severity_range_score3.4 - 10.0
Exploitabilitynull
Weighted_severitynull
Risk_scorenull
Resource_urlhttp://public2.vulnerablecode.io/vulnerabilities/VCID-hhrm-r6gt-zugj