Django REST framework

Lookup for vulnerabilities affecting packages.

Vulnerability_id VCID-x5ea-hmy6-muar

Summary tlslite-ng off-by-one error on mac checking

Aliases

alias	CVE-2018-1000159

alias	GHSA-cwh5-3cw7-4286

alias	PYSEC-2018-31

Fixed_packages

url pkg:pypi/tlslite-ng@0.7.4

purl pkg:pypi/tlslite-ng@0.7.4

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-51t7-3qr2-hkfc

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/tlslite-ng@0.7.4

Affected_packages

url pkg:pypi/tlslite-ng@0.5.0b1

purl pkg:pypi/tlslite-ng@0.5.0b1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-51t7-3qr2-hkfc

vulnerability	VCID-x5ea-hmy6-muar

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/tlslite-ng@0.5.0b1

url pkg:pypi/tlslite-ng@0.5.0-beta1

purl pkg:pypi/tlslite-ng@0.5.0-beta1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-51t7-3qr2-hkfc

vulnerability	VCID-x5ea-hmy6-muar

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/tlslite-ng@0.5.0-beta1

url pkg:pypi/tlslite-ng@0.5.0b2

purl pkg:pypi/tlslite-ng@0.5.0b2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-51t7-3qr2-hkfc

vulnerability	VCID-x5ea-hmy6-muar

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/tlslite-ng@0.5.0b2

url pkg:pypi/tlslite-ng@0.5.0-beta2

purl pkg:pypi/tlslite-ng@0.5.0-beta2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-51t7-3qr2-hkfc

vulnerability	VCID-x5ea-hmy6-muar

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/tlslite-ng@0.5.0-beta2

url pkg:pypi/tlslite-ng@0.5.0b3

purl pkg:pypi/tlslite-ng@0.5.0b3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-51t7-3qr2-hkfc

vulnerability	VCID-x5ea-hmy6-muar

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/tlslite-ng@0.5.0b3

url pkg:pypi/tlslite-ng@0.5.0-beta3

purl pkg:pypi/tlslite-ng@0.5.0-beta3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-51t7-3qr2-hkfc

vulnerability	VCID-x5ea-hmy6-muar

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/tlslite-ng@0.5.0-beta3

url pkg:pypi/tlslite-ng@0.5.0b4

purl pkg:pypi/tlslite-ng@0.5.0b4

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-51t7-3qr2-hkfc

vulnerability	VCID-x5ea-hmy6-muar

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/tlslite-ng@0.5.0b4

url pkg:pypi/tlslite-ng@0.5.0-beta4

purl pkg:pypi/tlslite-ng@0.5.0-beta4

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-51t7-3qr2-hkfc

vulnerability	VCID-x5ea-hmy6-muar

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/tlslite-ng@0.5.0-beta4

url pkg:pypi/tlslite-ng@0.5.0b5

purl pkg:pypi/tlslite-ng@0.5.0b5

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-51t7-3qr2-hkfc

vulnerability	VCID-x5ea-hmy6-muar

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/tlslite-ng@0.5.0b5

url pkg:pypi/tlslite-ng@0.5.0-beta5

purl pkg:pypi/tlslite-ng@0.5.0-beta5

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-51t7-3qr2-hkfc

vulnerability	VCID-x5ea-hmy6-muar

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/tlslite-ng@0.5.0-beta5

url pkg:pypi/tlslite-ng@0.5.0b6

purl pkg:pypi/tlslite-ng@0.5.0b6

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-51t7-3qr2-hkfc

vulnerability	VCID-x5ea-hmy6-muar

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/tlslite-ng@0.5.0b6

url pkg:pypi/tlslite-ng@0.5.0-beta6

purl pkg:pypi/tlslite-ng@0.5.0-beta6

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-51t7-3qr2-hkfc

vulnerability	VCID-x5ea-hmy6-muar

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/tlslite-ng@0.5.0-beta6

url pkg:pypi/tlslite-ng@0.5.0

purl pkg:pypi/tlslite-ng@0.5.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-51t7-3qr2-hkfc

vulnerability	VCID-x5ea-hmy6-muar

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/tlslite-ng@0.5.0

url pkg:pypi/tlslite-ng@0.5.1

purl pkg:pypi/tlslite-ng@0.5.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-51t7-3qr2-hkfc

vulnerability	VCID-x5ea-hmy6-muar

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/tlslite-ng@0.5.1

url pkg:pypi/tlslite-ng@0.5.2

purl pkg:pypi/tlslite-ng@0.5.2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-51t7-3qr2-hkfc

vulnerability	VCID-x5ea-hmy6-muar

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/tlslite-ng@0.5.2

url pkg:pypi/tlslite-ng@0.6.0-alpha1

purl pkg:pypi/tlslite-ng@0.6.0-alpha1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-51t7-3qr2-hkfc

vulnerability	VCID-x5ea-hmy6-muar

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/tlslite-ng@0.6.0-alpha1

url pkg:pypi/tlslite-ng@0.6.0a1

purl pkg:pypi/tlslite-ng@0.6.0a1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-51t7-3qr2-hkfc

vulnerability	VCID-x5ea-hmy6-muar

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/tlslite-ng@0.6.0a1

url pkg:pypi/tlslite-ng@0.6.0a2

purl pkg:pypi/tlslite-ng@0.6.0a2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-51t7-3qr2-hkfc

vulnerability	VCID-x5ea-hmy6-muar

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/tlslite-ng@0.6.0a2

url pkg:pypi/tlslite-ng@0.6.0-alpha2

purl pkg:pypi/tlslite-ng@0.6.0-alpha2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-51t7-3qr2-hkfc

vulnerability	VCID-x5ea-hmy6-muar

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/tlslite-ng@0.6.0-alpha2

url pkg:pypi/tlslite-ng@0.6.0a3

purl pkg:pypi/tlslite-ng@0.6.0a3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-51t7-3qr2-hkfc

vulnerability	VCID-x5ea-hmy6-muar

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/tlslite-ng@0.6.0a3

url pkg:pypi/tlslite-ng@0.6.0-alpha3

purl pkg:pypi/tlslite-ng@0.6.0-alpha3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-51t7-3qr2-hkfc

vulnerability	VCID-x5ea-hmy6-muar

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/tlslite-ng@0.6.0-alpha3

url pkg:pypi/tlslite-ng@0.6.0a4

purl pkg:pypi/tlslite-ng@0.6.0a4

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-51t7-3qr2-hkfc

vulnerability	VCID-x5ea-hmy6-muar

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/tlslite-ng@0.6.0a4

url pkg:pypi/tlslite-ng@0.6.0-alpha4

purl pkg:pypi/tlslite-ng@0.6.0-alpha4

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-51t7-3qr2-hkfc

vulnerability	VCID-x5ea-hmy6-muar

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/tlslite-ng@0.6.0-alpha4

url pkg:pypi/tlslite-ng@0.6.0a5

purl pkg:pypi/tlslite-ng@0.6.0a5

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-51t7-3qr2-hkfc

vulnerability	VCID-x5ea-hmy6-muar

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/tlslite-ng@0.6.0a5

url pkg:pypi/tlslite-ng@0.6.0-alpha5

purl pkg:pypi/tlslite-ng@0.6.0-alpha5

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-51t7-3qr2-hkfc

vulnerability	VCID-x5ea-hmy6-muar

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/tlslite-ng@0.6.0-alpha5

url pkg:pypi/tlslite-ng@0.6.0b1

purl pkg:pypi/tlslite-ng@0.6.0b1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-51t7-3qr2-hkfc

vulnerability	VCID-x5ea-hmy6-muar

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/tlslite-ng@0.6.0b1

url pkg:pypi/tlslite-ng@0.6.0-beta1

purl pkg:pypi/tlslite-ng@0.6.0-beta1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-51t7-3qr2-hkfc

vulnerability	VCID-x5ea-hmy6-muar

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/tlslite-ng@0.6.0-beta1

url pkg:pypi/tlslite-ng@0.6.0

purl pkg:pypi/tlslite-ng@0.6.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-51t7-3qr2-hkfc

vulnerability	VCID-x5ea-hmy6-muar

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/tlslite-ng@0.6.0

url pkg:pypi/tlslite-ng@0.7.0a1

purl pkg:pypi/tlslite-ng@0.7.0a1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-51t7-3qr2-hkfc

vulnerability	VCID-x5ea-hmy6-muar

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/tlslite-ng@0.7.0a1

url pkg:pypi/tlslite-ng@0.7.0-alpha1

purl pkg:pypi/tlslite-ng@0.7.0-alpha1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-51t7-3qr2-hkfc

vulnerability	VCID-x5ea-hmy6-muar

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/tlslite-ng@0.7.0-alpha1

url pkg:pypi/tlslite-ng@0.7.0a2

purl pkg:pypi/tlslite-ng@0.7.0a2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-51t7-3qr2-hkfc

vulnerability	VCID-x5ea-hmy6-muar

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/tlslite-ng@0.7.0a2

url pkg:pypi/tlslite-ng@0.7.0-alpha2

purl pkg:pypi/tlslite-ng@0.7.0-alpha2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-51t7-3qr2-hkfc

vulnerability	VCID-x5ea-hmy6-muar

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/tlslite-ng@0.7.0-alpha2

url pkg:pypi/tlslite-ng@0.7.0a3

purl pkg:pypi/tlslite-ng@0.7.0a3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-51t7-3qr2-hkfc

vulnerability	VCID-x5ea-hmy6-muar

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/tlslite-ng@0.7.0a3

url pkg:pypi/tlslite-ng@0.7.0-alpha3

purl pkg:pypi/tlslite-ng@0.7.0-alpha3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-51t7-3qr2-hkfc

vulnerability	VCID-x5ea-hmy6-muar

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/tlslite-ng@0.7.0-alpha3

url pkg:pypi/tlslite-ng@0.7.0a4

purl pkg:pypi/tlslite-ng@0.7.0a4

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-51t7-3qr2-hkfc

vulnerability	VCID-x5ea-hmy6-muar

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/tlslite-ng@0.7.0a4

url pkg:pypi/tlslite-ng@0.7.0-alpha4

purl pkg:pypi/tlslite-ng@0.7.0-alpha4

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-51t7-3qr2-hkfc

vulnerability	VCID-x5ea-hmy6-muar

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/tlslite-ng@0.7.0-alpha4

url pkg:pypi/tlslite-ng@0.7.0a5

purl pkg:pypi/tlslite-ng@0.7.0a5

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-51t7-3qr2-hkfc

vulnerability	VCID-x5ea-hmy6-muar

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/tlslite-ng@0.7.0a5

url pkg:pypi/tlslite-ng@0.7.0-alpha5

purl pkg:pypi/tlslite-ng@0.7.0-alpha5

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-51t7-3qr2-hkfc

vulnerability	VCID-x5ea-hmy6-muar

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/tlslite-ng@0.7.0-alpha5

url pkg:pypi/tlslite-ng@0.7.0a6

purl pkg:pypi/tlslite-ng@0.7.0a6

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-51t7-3qr2-hkfc

vulnerability	VCID-x5ea-hmy6-muar

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/tlslite-ng@0.7.0a6

url pkg:pypi/tlslite-ng@0.7.0-alpha6

purl pkg:pypi/tlslite-ng@0.7.0-alpha6

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-51t7-3qr2-hkfc

vulnerability	VCID-x5ea-hmy6-muar

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/tlslite-ng@0.7.0-alpha6

url pkg:pypi/tlslite-ng@0.7.0a7

purl pkg:pypi/tlslite-ng@0.7.0a7

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-51t7-3qr2-hkfc

vulnerability	VCID-x5ea-hmy6-muar

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/tlslite-ng@0.7.0a7

url pkg:pypi/tlslite-ng@0.7.0-alpha7

purl pkg:pypi/tlslite-ng@0.7.0-alpha7

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-51t7-3qr2-hkfc

vulnerability	VCID-x5ea-hmy6-muar

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/tlslite-ng@0.7.0-alpha7

url pkg:pypi/tlslite-ng@0.7.0a8

purl pkg:pypi/tlslite-ng@0.7.0a8

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-51t7-3qr2-hkfc

vulnerability	VCID-x5ea-hmy6-muar

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/tlslite-ng@0.7.0a8

url pkg:pypi/tlslite-ng@0.7.0-alpha8

purl pkg:pypi/tlslite-ng@0.7.0-alpha8

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-51t7-3qr2-hkfc

vulnerability	VCID-x5ea-hmy6-muar

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/tlslite-ng@0.7.0-alpha8

url pkg:pypi/tlslite-ng@0.7.0a9

purl pkg:pypi/tlslite-ng@0.7.0a9

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-51t7-3qr2-hkfc

vulnerability	VCID-x5ea-hmy6-muar

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/tlslite-ng@0.7.0a9

url pkg:pypi/tlslite-ng@0.7.0-alpha9

purl pkg:pypi/tlslite-ng@0.7.0-alpha9

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-51t7-3qr2-hkfc

vulnerability	VCID-x5ea-hmy6-muar

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/tlslite-ng@0.7.0-alpha9

url pkg:pypi/tlslite-ng@0.7.0b1

purl pkg:pypi/tlslite-ng@0.7.0b1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-51t7-3qr2-hkfc

vulnerability	VCID-x5ea-hmy6-muar

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/tlslite-ng@0.7.0b1

url pkg:pypi/tlslite-ng@0.7.0-beta1

purl pkg:pypi/tlslite-ng@0.7.0-beta1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-51t7-3qr2-hkfc

vulnerability	VCID-x5ea-hmy6-muar

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/tlslite-ng@0.7.0-beta1

url pkg:pypi/tlslite-ng@0.7.0

purl pkg:pypi/tlslite-ng@0.7.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-51t7-3qr2-hkfc

vulnerability	VCID-x5ea-hmy6-muar

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/tlslite-ng@0.7.0

url pkg:pypi/tlslite-ng@0.7.1

purl pkg:pypi/tlslite-ng@0.7.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-51t7-3qr2-hkfc

vulnerability	VCID-x5ea-hmy6-muar

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/tlslite-ng@0.7.1

url pkg:pypi/tlslite-ng@0.7.2

purl pkg:pypi/tlslite-ng@0.7.2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-51t7-3qr2-hkfc

vulnerability	VCID-x5ea-hmy6-muar

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/tlslite-ng@0.7.2

url pkg:pypi/tlslite-ng@0.7.3

purl pkg:pypi/tlslite-ng@0.7.3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-51t7-3qr2-hkfc

vulnerability	VCID-x5ea-hmy6-muar

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/tlslite-ng@0.7.3

References

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2018-1000159

reference_id

reference_type

scores

value	0.00161
scoring_system	epss
scoring_elements	0.36989
published_at	2026-06-12T12:55:00Z

value	0.00161
scoring_system	epss
scoring_elements	0.36811
published_at	2026-06-11T12:55:00Z

value	0.00161
scoring_system	epss
scoring_elements	0.37003
published_at	2026-06-14T12:55:00Z

value	0.00161
scoring_system	epss
scoring_elements	0.37017
published_at	2026-06-13T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2018-1000159

reference_url

https://github.com/pypa/advisory-database/tree/main/vulns/tlslite-ng/PYSEC-2018-31.yaml

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

value	8.2
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/pypa/advisory-database/tree/main/vulns/tlslite-ng/PYSEC-2018-31.yaml

reference_url

https://github.com/tlsfuzzer/tlslite-ng/commit/d7b288316bca7bcdd082e6ccff5491e241305233

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

value	8.2
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/tlsfuzzer/tlslite-ng/commit/d7b288316bca7bcdd082e6ccff5491e241305233

reference_url

https://github.com/tlsfuzzer/tlslite-ng/pull/234/commits/3674815d1b0f7484454995e2737a352e0a6a93d8

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

value	8.2
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/tlsfuzzer/tlslite-ng/pull/234/commits/3674815d1b0f7484454995e2737a352e0a6a93d8

reference_url

https://github.com/tomato42/tlslite-ng

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

value	8.2
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/tomato42/tlslite-ng

reference_url

https://github.com/tomato42/tlslite-ng/pull/234

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

value	8.2
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/tomato42/tlslite-ng/pull/234

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2018-1000159

reference_id

CVE-2018-1000159

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

value	8.2
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2018-1000159

reference_url

https://github.com/advisories/GHSA-cwh5-3cw7-4286

reference_id

GHSA-cwh5-3cw7-4286

reference_type

scores

value	HIGH
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-cwh5-3cw7-4286

Weaknesses

cwe_id	354
name	Improper Validation of Integrity Check Value
description	The product does not validate or incorrectly validates the integrity check values or checksums of a message. This may prevent it from detecting if the data has been modified or corrupted in transmission.

cwe_id	937
name	OWASP Top Ten 2013 Category A9 - Using Components with Known Vulnerabilities
description	Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2013.

cwe_id	1035
name	OWASP Top Ten 2017 Category A9 - Using Components with Known Vulnerabilities
description	Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2017.

Exploits

Severity_range_score 5.9 - 8.9

Exploitability 0.5

Weighted_severity 8.0

Risk_score 4.0

Resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-x5ea-hmy6-muar

Vulnerability Instance