Django REST framework

Lookup for vulnerabilities affecting packages.

Vulnerability_id VCID-mxn3-8deq-t3a1

Summary An issue was discovered in Mbed TLS 3.x before 3.6.1. With TLS 1.3, when a server enables optional authentication of the client, if the client-provided certificate does not have appropriate values in if keyUsage or extKeyUsage extensions, then the return value of mbedtls_ssl_get_verify_result() would incorrectly have the MBEDTLS_X509_BADCERT_KEY_USAGE and MBEDTLS_X509_BADCERT_KEY_USAGE bits clear. As a result, an attacker that had a certificate valid for uses other than TLS client authentication would nonetheless be able to use it for TLS client authentication. Only TLS 1.3 servers were affected, and only with optional authentication (with required authentication, the handshake would be aborted with a fatal alert).

Aliases

alias	CVE-2024-45159

Fixed_packages

url	pkg:apk/alpine/mbedtls@3.6.1-r0?arch=s390x&distroversion=v3.21&reponame=main
purl	pkg:apk/alpine/mbedtls@3.6.1-r0?arch=s390x&distroversion=v3.21&reponame=main
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/mbedtls@3.6.1-r0%3Farch=s390x&distroversion=v3.21&reponame=main

url	pkg:apk/alpine/mbedtls@3.6.1-r0?arch=armhf&distroversion=edge&reponame=main
purl	pkg:apk/alpine/mbedtls@3.6.1-r0?arch=armhf&distroversion=edge&reponame=main
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/mbedtls@3.6.1-r0%3Farch=armhf&distroversion=edge&reponame=main

url	pkg:apk/alpine/mbedtls@3.6.1-r0?arch=x86_64&distroversion=edge&reponame=main
purl	pkg:apk/alpine/mbedtls@3.6.1-r0?arch=x86_64&distroversion=edge&reponame=main
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/mbedtls@3.6.1-r0%3Farch=x86_64&distroversion=edge&reponame=main

url	pkg:apk/alpine/mbedtls@3.6.1-r0?arch=ppc64le&distroversion=v3.22&reponame=main
purl	pkg:apk/alpine/mbedtls@3.6.1-r0?arch=ppc64le&distroversion=v3.22&reponame=main
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/mbedtls@3.6.1-r0%3Farch=ppc64le&distroversion=v3.22&reponame=main

url	pkg:apk/alpine/mbedtls@3.6.1-r0?arch=x86&distroversion=v3.21&reponame=main
purl	pkg:apk/alpine/mbedtls@3.6.1-r0?arch=x86&distroversion=v3.21&reponame=main
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/mbedtls@3.6.1-r0%3Farch=x86&distroversion=v3.21&reponame=main

url	pkg:apk/alpine/mbedtls@3.6.1-r0?arch=loongarch64&distroversion=v3.21&reponame=main
purl	pkg:apk/alpine/mbedtls@3.6.1-r0?arch=loongarch64&distroversion=v3.21&reponame=main
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/mbedtls@3.6.1-r0%3Farch=loongarch64&distroversion=v3.21&reponame=main

url	pkg:apk/alpine/mbedtls@3.6.1-r0?arch=s390x&distroversion=edge&reponame=main
purl	pkg:apk/alpine/mbedtls@3.6.1-r0?arch=s390x&distroversion=edge&reponame=main
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/mbedtls@3.6.1-r0%3Farch=s390x&distroversion=edge&reponame=main

url	pkg:apk/alpine/mbedtls@3.6.1-r0?arch=aarch64&distroversion=v3.21&reponame=main
purl	pkg:apk/alpine/mbedtls@3.6.1-r0?arch=aarch64&distroversion=v3.21&reponame=main
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/mbedtls@3.6.1-r0%3Farch=aarch64&distroversion=v3.21&reponame=main

url	pkg:apk/alpine/mbedtls@3.6.1-r0?arch=armv7&distroversion=v3.21&reponame=main
purl	pkg:apk/alpine/mbedtls@3.6.1-r0?arch=armv7&distroversion=v3.21&reponame=main
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/mbedtls@3.6.1-r0%3Farch=armv7&distroversion=v3.21&reponame=main

url	pkg:apk/alpine/mbedtls@3.6.1-r0?arch=ppc64le&distroversion=v3.21&reponame=main
purl	pkg:apk/alpine/mbedtls@3.6.1-r0?arch=ppc64le&distroversion=v3.21&reponame=main
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/mbedtls@3.6.1-r0%3Farch=ppc64le&distroversion=v3.21&reponame=main

url	pkg:apk/alpine/mbedtls@3.6.1-r0?arch=riscv64&distroversion=v3.21&reponame=main
purl	pkg:apk/alpine/mbedtls@3.6.1-r0?arch=riscv64&distroversion=v3.21&reponame=main
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/mbedtls@3.6.1-r0%3Farch=riscv64&distroversion=v3.21&reponame=main

url	pkg:apk/alpine/mbedtls@3.6.1-r0?arch=x86_64&distroversion=v3.21&reponame=main
purl	pkg:apk/alpine/mbedtls@3.6.1-r0?arch=x86_64&distroversion=v3.21&reponame=main
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/mbedtls@3.6.1-r0%3Farch=x86_64&distroversion=v3.21&reponame=main

url	pkg:apk/alpine/mbedtls@3.6.1-r0?arch=aarch64&distroversion=v3.20&reponame=main
purl	pkg:apk/alpine/mbedtls@3.6.1-r0?arch=aarch64&distroversion=v3.20&reponame=main
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/mbedtls@3.6.1-r0%3Farch=aarch64&distroversion=v3.20&reponame=main

url	pkg:apk/alpine/mbedtls@3.6.1-r0?arch=armhf&distroversion=v3.20&reponame=main
purl	pkg:apk/alpine/mbedtls@3.6.1-r0?arch=armhf&distroversion=v3.20&reponame=main
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/mbedtls@3.6.1-r0%3Farch=armhf&distroversion=v3.20&reponame=main

url	pkg:apk/alpine/mbedtls@3.6.1-r0?arch=armv7&distroversion=v3.20&reponame=main
purl	pkg:apk/alpine/mbedtls@3.6.1-r0?arch=armv7&distroversion=v3.20&reponame=main
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/mbedtls@3.6.1-r0%3Farch=armv7&distroversion=v3.20&reponame=main

url	pkg:apk/alpine/mbedtls@3.6.1-r0?arch=ppc64le&distroversion=v3.20&reponame=main
purl	pkg:apk/alpine/mbedtls@3.6.1-r0?arch=ppc64le&distroversion=v3.20&reponame=main
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/mbedtls@3.6.1-r0%3Farch=ppc64le&distroversion=v3.20&reponame=main

url	pkg:apk/alpine/mbedtls@3.6.1-r0?arch=riscv64&distroversion=v3.20&reponame=main
purl	pkg:apk/alpine/mbedtls@3.6.1-r0?arch=riscv64&distroversion=v3.20&reponame=main
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/mbedtls@3.6.1-r0%3Farch=riscv64&distroversion=v3.20&reponame=main

url	pkg:apk/alpine/mbedtls@3.6.1-r0?arch=x86&distroversion=v3.20&reponame=main
purl	pkg:apk/alpine/mbedtls@3.6.1-r0?arch=x86&distroversion=v3.20&reponame=main
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/mbedtls@3.6.1-r0%3Farch=x86&distroversion=v3.20&reponame=main

url	pkg:apk/alpine/mbedtls@3.6.1-r0?arch=x86_64&distroversion=v3.20&reponame=main
purl	pkg:apk/alpine/mbedtls@3.6.1-r0?arch=x86_64&distroversion=v3.20&reponame=main
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/mbedtls@3.6.1-r0%3Farch=x86_64&distroversion=v3.20&reponame=main

url	pkg:apk/alpine/mbedtls@3.6.1-r0?arch=aarch64&distroversion=v3.23&reponame=main
purl	pkg:apk/alpine/mbedtls@3.6.1-r0?arch=aarch64&distroversion=v3.23&reponame=main
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/mbedtls@3.6.1-r0%3Farch=aarch64&distroversion=v3.23&reponame=main

url	pkg:apk/alpine/mbedtls@3.6.1-r0?arch=armhf&distroversion=v3.23&reponame=main
purl	pkg:apk/alpine/mbedtls@3.6.1-r0?arch=armhf&distroversion=v3.23&reponame=main
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/mbedtls@3.6.1-r0%3Farch=armhf&distroversion=v3.23&reponame=main

url	pkg:apk/alpine/mbedtls@3.6.1-r0?arch=armv7&distroversion=v3.23&reponame=main
purl	pkg:apk/alpine/mbedtls@3.6.1-r0?arch=armv7&distroversion=v3.23&reponame=main
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/mbedtls@3.6.1-r0%3Farch=armv7&distroversion=v3.23&reponame=main

url	pkg:apk/alpine/mbedtls@3.6.1-r0?arch=loongarch64&distroversion=v3.23&reponame=main
purl	pkg:apk/alpine/mbedtls@3.6.1-r0?arch=loongarch64&distroversion=v3.23&reponame=main
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/mbedtls@3.6.1-r0%3Farch=loongarch64&distroversion=v3.23&reponame=main

url	pkg:apk/alpine/mbedtls@3.6.1-r0?arch=ppc64le&distroversion=v3.23&reponame=main
purl	pkg:apk/alpine/mbedtls@3.6.1-r0?arch=ppc64le&distroversion=v3.23&reponame=main
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/mbedtls@3.6.1-r0%3Farch=ppc64le&distroversion=v3.23&reponame=main

url	pkg:apk/alpine/mbedtls@3.6.1-r0?arch=riscv64&distroversion=v3.23&reponame=main
purl	pkg:apk/alpine/mbedtls@3.6.1-r0?arch=riscv64&distroversion=v3.23&reponame=main
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/mbedtls@3.6.1-r0%3Farch=riscv64&distroversion=v3.23&reponame=main

url	pkg:apk/alpine/mbedtls@3.6.1-r0?arch=s390x&distroversion=v3.23&reponame=main
purl	pkg:apk/alpine/mbedtls@3.6.1-r0?arch=s390x&distroversion=v3.23&reponame=main
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/mbedtls@3.6.1-r0%3Farch=s390x&distroversion=v3.23&reponame=main

url	pkg:apk/alpine/mbedtls@3.6.1-r0?arch=x86&distroversion=v3.23&reponame=main
purl	pkg:apk/alpine/mbedtls@3.6.1-r0?arch=x86&distroversion=v3.23&reponame=main
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/mbedtls@3.6.1-r0%3Farch=x86&distroversion=v3.23&reponame=main

url	pkg:apk/alpine/mbedtls@3.6.1-r0?arch=x86_64&distroversion=v3.23&reponame=main
purl	pkg:apk/alpine/mbedtls@3.6.1-r0?arch=x86_64&distroversion=v3.23&reponame=main
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/mbedtls@3.6.1-r0%3Farch=x86_64&distroversion=v3.23&reponame=main

url	pkg:apk/alpine/mbedtls@3.6.1-r0?arch=aarch64&distroversion=edge&reponame=main
purl	pkg:apk/alpine/mbedtls@3.6.1-r0?arch=aarch64&distroversion=edge&reponame=main
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/mbedtls@3.6.1-r0%3Farch=aarch64&distroversion=edge&reponame=main

url	pkg:apk/alpine/mbedtls@3.6.1-r0?arch=armv7&distroversion=edge&reponame=main
purl	pkg:apk/alpine/mbedtls@3.6.1-r0?arch=armv7&distroversion=edge&reponame=main
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/mbedtls@3.6.1-r0%3Farch=armv7&distroversion=edge&reponame=main

url	pkg:apk/alpine/mbedtls@3.6.1-r0?arch=loongarch64&distroversion=edge&reponame=main
purl	pkg:apk/alpine/mbedtls@3.6.1-r0?arch=loongarch64&distroversion=edge&reponame=main
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/mbedtls@3.6.1-r0%3Farch=loongarch64&distroversion=edge&reponame=main

url	pkg:apk/alpine/mbedtls@3.6.1-r0?arch=ppc64le&distroversion=edge&reponame=main
purl	pkg:apk/alpine/mbedtls@3.6.1-r0?arch=ppc64le&distroversion=edge&reponame=main
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/mbedtls@3.6.1-r0%3Farch=ppc64le&distroversion=edge&reponame=main

url	pkg:apk/alpine/mbedtls@3.6.1-r0?arch=riscv64&distroversion=edge&reponame=main
purl	pkg:apk/alpine/mbedtls@3.6.1-r0?arch=riscv64&distroversion=edge&reponame=main
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/mbedtls@3.6.1-r0%3Farch=riscv64&distroversion=edge&reponame=main

url	pkg:apk/alpine/mbedtls@3.6.1-r0?arch=x86&distroversion=edge&reponame=main
purl	pkg:apk/alpine/mbedtls@3.6.1-r0?arch=x86&distroversion=edge&reponame=main
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/mbedtls@3.6.1-r0%3Farch=x86&distroversion=edge&reponame=main

url	pkg:apk/alpine/mbedtls@3.6.1-r0?arch=aarch64&distroversion=v3.22&reponame=main
purl	pkg:apk/alpine/mbedtls@3.6.1-r0?arch=aarch64&distroversion=v3.22&reponame=main
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/mbedtls@3.6.1-r0%3Farch=aarch64&distroversion=v3.22&reponame=main

url	pkg:apk/alpine/mbedtls@3.6.1-r0?arch=armhf&distroversion=v3.22&reponame=main
purl	pkg:apk/alpine/mbedtls@3.6.1-r0?arch=armhf&distroversion=v3.22&reponame=main
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/mbedtls@3.6.1-r0%3Farch=armhf&distroversion=v3.22&reponame=main

url	pkg:apk/alpine/mbedtls@3.6.1-r0?arch=armv7&distroversion=v3.22&reponame=main
purl	pkg:apk/alpine/mbedtls@3.6.1-r0?arch=armv7&distroversion=v3.22&reponame=main
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/mbedtls@3.6.1-r0%3Farch=armv7&distroversion=v3.22&reponame=main

url	pkg:apk/alpine/mbedtls@3.6.1-r0?arch=loongarch64&distroversion=v3.22&reponame=main
purl	pkg:apk/alpine/mbedtls@3.6.1-r0?arch=loongarch64&distroversion=v3.22&reponame=main
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/mbedtls@3.6.1-r0%3Farch=loongarch64&distroversion=v3.22&reponame=main

url	pkg:apk/alpine/mbedtls@3.6.1-r0?arch=riscv64&distroversion=v3.22&reponame=main
purl	pkg:apk/alpine/mbedtls@3.6.1-r0?arch=riscv64&distroversion=v3.22&reponame=main
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/mbedtls@3.6.1-r0%3Farch=riscv64&distroversion=v3.22&reponame=main

url	pkg:apk/alpine/mbedtls@3.6.1-r0?arch=s390x&distroversion=v3.22&reponame=main
purl	pkg:apk/alpine/mbedtls@3.6.1-r0?arch=s390x&distroversion=v3.22&reponame=main
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/mbedtls@3.6.1-r0%3Farch=s390x&distroversion=v3.22&reponame=main

url	pkg:apk/alpine/mbedtls@3.6.1-r0?arch=x86&distroversion=v3.22&reponame=main
purl	pkg:apk/alpine/mbedtls@3.6.1-r0?arch=x86&distroversion=v3.22&reponame=main
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/mbedtls@3.6.1-r0%3Farch=x86&distroversion=v3.22&reponame=main

url	pkg:apk/alpine/mbedtls@3.6.1-r0?arch=x86_64&distroversion=v3.22&reponame=main
purl	pkg:apk/alpine/mbedtls@3.6.1-r0?arch=x86_64&distroversion=v3.22&reponame=main
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/mbedtls@3.6.1-r0%3Farch=x86_64&distroversion=v3.22&reponame=main

url	pkg:apk/alpine/mbedtls@3.6.1-r0?arch=armhf&distroversion=v3.21&reponame=main
purl	pkg:apk/alpine/mbedtls@3.6.1-r0?arch=armhf&distroversion=v3.21&reponame=main
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/mbedtls@3.6.1-r0%3Farch=armhf&distroversion=v3.21&reponame=main

url	pkg:apk/alpine/mbedtls@3.6.1-r0?arch=s390x&distroversion=v3.20&reponame=main
purl	pkg:apk/alpine/mbedtls@3.6.1-r0?arch=s390x&distroversion=v3.20&reponame=main
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/mbedtls@3.6.1-r0%3Farch=s390x&distroversion=v3.20&reponame=main

url	pkg:deb/debian/mbedtls@0?distro=trixie
purl	pkg:deb/debian/mbedtls@0?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/mbedtls@0%3Fdistro=trixie

url pkg:deb/debian/mbedtls@2.16.9-0.1?distro=trixie

purl pkg:deb/debian/mbedtls@2.16.9-0.1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5bxk-rknm-zfhc

vulnerability	VCID-f1fz-b8b6-dfb8

vulnerability	VCID-gvkn-6e2m-dyez

vulnerability	VCID-k8w1-nrjy-wfbe

vulnerability	VCID-kchn-2wez-bbb2

vulnerability	VCID-pj6w-rufw-nqgd

vulnerability	VCID-vp4q-81cq-33cw

vulnerability	VCID-vs6q-c4ug-xfer

vulnerability	VCID-wsvw-6tmk-3kdj

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/mbedtls@2.16.9-0.1%3Fdistro=trixie

url pkg:deb/debian/mbedtls@2.28.3-1?distro=trixie

purl pkg:deb/debian/mbedtls@2.28.3-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-4sbv-dqyv-6baw

vulnerability	VCID-5bxk-rknm-zfhc

vulnerability	VCID-7ppw-f9jy-k7ae

vulnerability	VCID-7v3a-5q44-cucz

vulnerability	VCID-98cg-wuhp-qudq

vulnerability	VCID-f1fz-b8b6-dfb8

vulnerability	VCID-gvkn-6e2m-dyez

vulnerability	VCID-kchn-2wez-bbb2

vulnerability	VCID-pj6w-rufw-nqgd

vulnerability	VCID-vp4q-81cq-33cw

vulnerability	VCID-vs6q-c4ug-xfer

vulnerability	VCID-wsvw-6tmk-3kdj

vulnerability	VCID-zpq1-dwvf-8ka2

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/mbedtls@2.28.3-1%3Fdistro=trixie

url pkg:deb/debian/mbedtls@3.6.5-0.1~deb13u1?distro=trixie

purl pkg:deb/debian/mbedtls@3.6.5-0.1~deb13u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-4sbv-dqyv-6baw

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/mbedtls@3.6.5-0.1~deb13u1%3Fdistro=trixie

url pkg:deb/debian/mbedtls@3.6.5-0.1?distro=trixie

purl pkg:deb/debian/mbedtls@3.6.5-0.1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-4sbv-dqyv-6baw

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/mbedtls@3.6.5-0.1%3Fdistro=trixie

Affected_packages

References

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2024-45159

reference_id

reference_type

scores

value	0.00575
scoring_system	epss
scoring_elements	0.68835
published_at	2026-04-24T12:55:00Z

value	0.00575
scoring_system	epss
scoring_elements	0.68799
published_at	2026-04-11T12:55:00Z

value	0.00575
scoring_system	epss
scoring_elements	0.68785
published_at	2026-04-12T12:55:00Z

value	0.00575
scoring_system	epss
scoring_elements	0.68756
published_at	2026-04-13T12:55:00Z

value	0.00575
scoring_system	epss
scoring_elements	0.68797
published_at	2026-04-16T12:55:00Z

value	0.00575
scoring_system	epss
scoring_elements	0.68808
published_at	2026-04-18T12:55:00Z

value	0.00575
scoring_system	epss
scoring_elements	0.68786
published_at	2026-04-21T12:55:00Z

value	0.00575
scoring_system	epss
scoring_elements	0.68708
published_at	2026-04-02T12:55:00Z

value	0.00575
scoring_system	epss
scoring_elements	0.68727
published_at	2026-04-04T12:55:00Z

value	0.00575
scoring_system	epss
scoring_elements	0.68705
published_at	2026-04-07T12:55:00Z

value	0.00575
scoring_system	epss
scoring_elements	0.68757
published_at	2026-04-08T12:55:00Z

value	0.00575
scoring_system	epss
scoring_elements	0.68776
published_at	2026-04-09T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2024-45159

reference_url

https://mbed-tls.readthedocs.io/en/latest/security-advisories/mbedtls-security-advisory-2024-08-3/

reference_id

mbedtls-security-advisory-2024-08-3

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-02-03T18:17:13Z/

url

https://mbed-tls.readthedocs.io/en/latest/security-advisories/mbedtls-security-advisory-2024-08-3/

reference_url

https://github.com/Mbed-TLS/mbedtls/releases/

reference_id

releases

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-02-03T18:17:13Z/

url

https://github.com/Mbed-TLS/mbedtls/releases/

reference_url

https://mbed-tls.readthedocs.io/en/latest/security-advisories/

reference_id

security-advisories

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-02-03T18:17:13Z/

url

https://mbed-tls.readthedocs.io/en/latest/security-advisories/

Weaknesses

Exploits

Severity_range_score 9.8 - 9.8

Exploitability null

Weighted_severity null

Risk_score null

Resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-mxn3-8deq-t3a1

Vulnerability Instance