Django REST framework

Vulnerability Instance

Lookup for vulnerabilities affecting packages.

Vulnerability_idVCID-jhx8-7x7y-z7cv
Summary
Improper Handling of Exceptional Conditions
simplesamlphp before 1.6.3 (squeeze) and before 1.8.2 (sid) incorrectly handles XML encryption which could allow remote attackers to decrypt or forge messages.
Aliases
0
alias CVE-2011-4625
1
alias GHSA-5fj7-f8x3-q2mc
Fixed_packages
0
url pkg:deb/debian/simplesamlphp@1.8.1-1?distro=sid
purl pkg:deb/debian/simplesamlphp@1.8.1-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/simplesamlphp@1.8.1-1%3Fdistro=sid
1
url pkg:deb/debian/simplesamlphp@1.9.2-1
purl pkg:deb/debian/simplesamlphp@1.9.2-1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-139j-7afy-wyf1
1
vulnerability VCID-2cd3-p3xz-k3hx
2
vulnerability VCID-4gux-4jrc-w7ce
3
vulnerability VCID-6c55-4pyx-ckbx
4
vulnerability VCID-8b8r-g7e2-qfb2
5
vulnerability VCID-amz8-zhqx-p3c5
6
vulnerability VCID-b3fn-bnh5-qyg4
7
vulnerability VCID-d1d1-jng1-4fe6
8
vulnerability VCID-dggq-bf45-aqga
9
vulnerability VCID-dgs2-3xbu-c3ff
10
vulnerability VCID-dvwj-zd42-nbhe
11
vulnerability VCID-gwtm-bdae-3ufj
12
vulnerability VCID-jv7n-m3cf-jfex
13
vulnerability VCID-k5d6-k216-8ub8
14
vulnerability VCID-ma9b-k5br-ffhd
15
vulnerability VCID-mfwu-mfhq-fkh8
16
vulnerability VCID-pskx-9d46-bfdt
17
vulnerability VCID-ucwf-xdma-h7fc
18
vulnerability VCID-va8h-3qxg-uqh2
19
vulnerability VCID-wbt9-snjj-uuea
20
vulnerability VCID-xx6m-pvgs-puga
21
vulnerability VCID-yn8q-d76k-q3h2
22
vulnerability VCID-ywuy-my3f-x7cd
23
vulnerability VCID-zemd-kbb3-s3cr
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/simplesamlphp@1.9.2-1
2
url pkg:deb/debian/simplesamlphp@1.19.0-1?distro=sid
purl pkg:deb/debian/simplesamlphp@1.19.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/simplesamlphp@1.19.0-1%3Fdistro=sid
3
url pkg:deb/debian/simplesamlphp@1.19.7-1%2Bdeb12u2?distro=sid
purl pkg:deb/debian/simplesamlphp@1.19.7-1%2Bdeb12u2?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/simplesamlphp@1.19.7-1%252Bdeb12u2%3Fdistro=sid
4
url pkg:deb/debian/simplesamlphp@1.19.7-2?distro=sid
purl pkg:deb/debian/simplesamlphp@1.19.7-2?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/simplesamlphp@1.19.7-2%3Fdistro=sid
Affected_packages
0
url pkg:deb/debian/simplesamlphp@1.6.3-3
purl pkg:deb/debian/simplesamlphp@1.6.3-3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-139j-7afy-wyf1
1
vulnerability VCID-2cd3-p3xz-k3hx
2
vulnerability VCID-4gux-4jrc-w7ce
3
vulnerability VCID-6c55-4pyx-ckbx
4
vulnerability VCID-8b8r-g7e2-qfb2
5
vulnerability VCID-amz8-zhqx-p3c5
6
vulnerability VCID-b3fn-bnh5-qyg4
7
vulnerability VCID-d1d1-jng1-4fe6
8
vulnerability VCID-dggq-bf45-aqga
9
vulnerability VCID-dgs2-3xbu-c3ff
10
vulnerability VCID-dvwj-zd42-nbhe
11
vulnerability VCID-ew79-5kez-abdt
12
vulnerability VCID-gwtm-bdae-3ufj
13
vulnerability VCID-jhx8-7x7y-z7cv
14
vulnerability VCID-jv7n-m3cf-jfex
15
vulnerability VCID-k5d6-k216-8ub8
16
vulnerability VCID-ma9b-k5br-ffhd
17
vulnerability VCID-mfwu-mfhq-fkh8
18
vulnerability VCID-pskx-9d46-bfdt
19
vulnerability VCID-ucwf-xdma-h7fc
20
vulnerability VCID-va8h-3qxg-uqh2
21
vulnerability VCID-wbt9-snjj-uuea
22
vulnerability VCID-xhg6-p2ka-nfe9
23
vulnerability VCID-xx6m-pvgs-puga
24
vulnerability VCID-yn8q-d76k-q3h2
25
vulnerability VCID-ywuy-my3f-x7cd
26
vulnerability VCID-zemd-kbb3-s3cr
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/simplesamlphp@1.6.3-3
References
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2011-4625
reference_id
reference_type
scores
0
value 0.00274
scoring_system epss
scoring_elements 0.50957
published_at 2026-06-08T12:55:00Z
1
value 0.00274
scoring_system epss
scoring_elements 0.50987
published_at 2026-06-07T12:55:00Z
2
value 0.00274
scoring_system epss
scoring_elements 0.50941
published_at 2026-06-04T12:55:00Z
3
value 0.00274
scoring_system epss
scoring_elements 0.51008
published_at 2026-06-06T12:55:00Z
4
value 0.00274
scoring_system epss
scoring_elements 0.51002
published_at 2026-06-05T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2011-4625
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4625
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4625
2
reference_url https://github.com/simplesamlphp/simplesamlphp
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/simplesamlphp/simplesamlphp
3
reference_url https://github.com/simplesamlphp/simplesamlphp/blob/b3059c51a915910c6631fb2ee597c0fb6ad9162b/docs/simplesamlphp-changelog-1.x.md?plain=1#L1624
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/simplesamlphp/simplesamlphp/blob/b3059c51a915910c6631fb2ee597c0fb6ad9162b/docs/simplesamlphp-changelog-1.x.md?plain=1#L1624
4
reference_url https://secure1.securityspace.com/smysecure/catid.html?in=DSA%202330-1
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://secure1.securityspace.com/smysecure/catid.html?in=DSA%202330-1
5
reference_url https://www.mageni.net/vulnerability/debian-security-advisory-dsa-2330-1-simplesamlphp-70545
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.mageni.net/vulnerability/debian-security-advisory-dsa-2330-1-simplesamlphp-70545
6
reference_url https://nvd.nist.gov/vuln/detail/CVE-2011-4625
reference_id CVE-2011-4625
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2011-4625
7
reference_url https://security-tracker.debian.org/tracker/CVE-2011-4625
reference_id CVE-2011-4625
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://security-tracker.debian.org/tracker/CVE-2011-4625
8
reference_url https://github.com/advisories/GHSA-5fj7-f8x3-q2mc
reference_id GHSA-5fj7-f8x3-q2mc
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-5fj7-f8x3-q2mc
Weaknesses
0
cwe_id 1035
name OWASP Top Ten 2017 Category A9 - Using Components with Known Vulnerabilities
description Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2017.
1
cwe_id 755
name Improper Handling of Exceptional Conditions
description The product does not handle or incorrectly handles an exceptional condition.
2
cwe_id 937
name OWASP Top Ten 2013 Category A9 - Using Components with Known Vulnerabilities
description Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2013.
Exploits
Severity_range_score7.0 - 8.9
Exploitability0.5
Weighted_severity8.0
Risk_score4.0
Resource_urlhttp://public2.vulnerablecode.io/vulnerabilities/VCID-jhx8-7x7y-z7cv