Django REST framework

Vulnerability Instance

Lookup for vulnerabilities affecting packages.

Vulnerability_idVCID-n34c-71wq-s3e4
Summary
x/crypto/ssh vulnerable to panic via malformed packets
The x/crypto/ssh package before 0.0.0-20211202192323-5770296d904e of golang.org/x/crypto allows an unauthenticated attacker to panic an SSH server. When using AES-GCM or ChaCha20Poly1305, consuming a malformed packet which contains an empty plaintext causes a panic.
Aliases
0
alias CVE-2021-43565
1
alias GHSA-gwc9-m7rh-j2ww
Fixed_packages
0
url pkg:deb/debian/golang-go.crypto@1:0.0~git20211202.5770296-1?distro=trixie
purl pkg:deb/debian/golang-go.crypto@1:0.0~git20211202.5770296-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-go.crypto@1:0.0~git20211202.5770296-1%3Fdistro=trixie
1
url pkg:deb/debian/golang-go.crypto@1:0.4.0-1?distro=trixie
purl pkg:deb/debian/golang-go.crypto@1:0.4.0-1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-cmts-6kz4-zkh8
1
vulnerability VCID-hu5a-ewvg-6ya7
2
vulnerability VCID-jwxs-gteb-kfg5
3
vulnerability VCID-jzn6-bzzf-nugp
4
vulnerability VCID-mn45-w3s3-syej
5
vulnerability VCID-sty6-gwh1-hbcy
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-go.crypto@1:0.4.0-1%3Fdistro=trixie
2
url pkg:deb/debian/golang-go.crypto@1:0.4.0-1
purl pkg:deb/debian/golang-go.crypto@1:0.4.0-1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-cmts-6kz4-zkh8
1
vulnerability VCID-hu5a-ewvg-6ya7
2
vulnerability VCID-jwxs-gteb-kfg5
3
vulnerability VCID-jzn6-bzzf-nugp
4
vulnerability VCID-mn45-w3s3-syej
5
vulnerability VCID-sty6-gwh1-hbcy
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-go.crypto@1:0.4.0-1
3
url pkg:deb/debian/golang-go.crypto@1:0.25.0-1?distro=trixie
purl pkg:deb/debian/golang-go.crypto@1:0.25.0-1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-cmts-6kz4-zkh8
1
vulnerability VCID-hu5a-ewvg-6ya7
2
vulnerability VCID-jwxs-gteb-kfg5
3
vulnerability VCID-mn45-w3s3-syej
4
vulnerability VCID-sty6-gwh1-hbcy
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-go.crypto@1:0.25.0-1%3Fdistro=trixie
4
url pkg:deb/debian/golang-go.crypto@1:0.47.0-1?distro=trixie
purl pkg:deb/debian/golang-go.crypto@1:0.47.0-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-go.crypto@1:0.47.0-1%3Fdistro=trixie
Affected_packages
0
url pkg:deb/debian/golang-go.crypto@1:0.0~git20201221.eec23a3-1
purl pkg:deb/debian/golang-go.crypto@1:0.0~git20201221.eec23a3-1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1n1h-e2p4-9yhs
1
vulnerability VCID-cmts-6kz4-zkh8
2
vulnerability VCID-et4d-ak3r-1bfa
3
vulnerability VCID-hu5a-ewvg-6ya7
4
vulnerability VCID-jwxs-gteb-kfg5
5
vulnerability VCID-jzn6-bzzf-nugp
6
vulnerability VCID-mn45-w3s3-syej
7
vulnerability VCID-n34c-71wq-s3e4
8
vulnerability VCID-sty6-gwh1-hbcy
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-go.crypto@1:0.0~git20201221.eec23a3-1
1
url pkg:deb/debian/golang-go.crypto@1:0.0~git20201221.eec23a3-1?distro=trixie
purl pkg:deb/debian/golang-go.crypto@1:0.0~git20201221.eec23a3-1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1n1h-e2p4-9yhs
1
vulnerability VCID-cmts-6kz4-zkh8
2
vulnerability VCID-et4d-ak3r-1bfa
3
vulnerability VCID-hu5a-ewvg-6ya7
4
vulnerability VCID-jwxs-gteb-kfg5
5
vulnerability VCID-jzn6-bzzf-nugp
6
vulnerability VCID-mn45-w3s3-syej
7
vulnerability VCID-n34c-71wq-s3e4
8
vulnerability VCID-sty6-gwh1-hbcy
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-go.crypto@1:0.0~git20201221.eec23a3-1%3Fdistro=trixie
2
url pkg:rpm/redhat/cri-o@1.24.1-11.rhaos4.11.gitb0d2ef3?arch=el8
purl pkg:rpm/redhat/cri-o@1.24.1-11.rhaos4.11.gitb0d2ef3?arch=el8
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1n1h-e2p4-9yhs
1
vulnerability VCID-n34c-71wq-s3e4
2
vulnerability VCID-ps89-8u5a-kfc8
resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/cri-o@1.24.1-11.rhaos4.11.gitb0d2ef3%3Farch=el8
3
url pkg:rpm/redhat/kiali@1.24.7.redhat1-1?arch=el8
purl pkg:rpm/redhat/kiali@1.24.7.redhat1-1?arch=el8
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-63v8-dt23-9ue7
1
vulnerability VCID-n34c-71wq-s3e4
2
vulnerability VCID-n89f-3nkb-ebg3
3
vulnerability VCID-p2h1-hg14-3ke9
resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/kiali@1.24.7.redhat1-1%3Farch=el8
4
url pkg:rpm/redhat/mcg@5.10.0-72?arch=el8
purl pkg:rpm/redhat/mcg@5.10.0-72?arch=el8
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2zj9-xmsh-xbcn
1
vulnerability VCID-n34c-71wq-s3e4
2
vulnerability VCID-qn4v-xah4-fya7
3
vulnerability VCID-w53f-uad6-gqdn
resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/mcg@5.10.0-72%3Farch=el8
5
url pkg:rpm/redhat/openshift@4.11.0-202207082037.p0.g9546431.assembly.stream?arch=el8
purl pkg:rpm/redhat/openshift@4.11.0-202207082037.p0.g9546431.assembly.stream?arch=el8
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-n34c-71wq-s3e4
1
vulnerability VCID-ps89-8u5a-kfc8
resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/openshift@4.11.0-202207082037.p0.g9546431.assembly.stream%3Farch=el8
6
url pkg:rpm/redhat/podman@2:4.0.2-6.rhaos4.11?arch=el8
purl pkg:rpm/redhat/podman@2:4.0.2-6.rhaos4.11?arch=el8
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-4pue-fbre-zfcf
1
vulnerability VCID-n34c-71wq-s3e4
2
vulnerability VCID-ps89-8u5a-kfc8
3
vulnerability VCID-z5x6-xqtc-q3at
resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/podman@2:4.0.2-6.rhaos4.11%3Farch=el8
References
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-43565.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-43565.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-43565
reference_id
reference_type
scores
0
value 0.00015
scoring_system epss
scoring_elements 0.03272
published_at 2026-04-21T12:55:00Z
1
value 0.00015
scoring_system epss
scoring_elements 0.03161
published_at 2026-04-01T12:55:00Z
2
value 0.00015
scoring_system epss
scoring_elements 0.03218
published_at 2026-04-11T12:55:00Z
3
value 0.00015
scoring_system epss
scoring_elements 0.03227
published_at 2026-04-04T12:55:00Z
4
value 0.00015
scoring_system epss
scoring_elements 0.03233
published_at 2026-04-07T12:55:00Z
5
value 0.00015
scoring_system epss
scoring_elements 0.0324
published_at 2026-04-08T12:55:00Z
6
value 0.00015
scoring_system epss
scoring_elements 0.03261
published_at 2026-04-09T12:55:00Z
7
value 0.00015
scoring_system epss
scoring_elements 0.03191
published_at 2026-04-12T12:55:00Z
8
value 0.00015
scoring_system epss
scoring_elements 0.0317
published_at 2026-04-13T12:55:00Z
9
value 0.00015
scoring_system epss
scoring_elements 0.03142
published_at 2026-04-16T12:55:00Z
10
value 0.00015
scoring_system epss
scoring_elements 0.03153
published_at 2026-04-18T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-43565
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43565
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43565
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://go.dev/cl/368814
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://go.dev/cl/368814
5
reference_url https://go.dev/issues/49932
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://go.dev/issues/49932
6
reference_url https://groups.google.com/forum/#!forum/golang-announce
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://groups.google.com/forum/#!forum/golang-announce
7
reference_url https://groups.google.com/g/golang-announce/c/2AR1sKiM-Qs
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://groups.google.com/g/golang-announce/c/2AR1sKiM-Qs
8
reference_url https://nvd.nist.gov/vuln/detail/CVE-2021-43565
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2021-43565
9
reference_url https://pkg.go.dev/vuln/GO-2022-0968
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://pkg.go.dev/vuln/GO-2022-0968
10
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2030787
reference_id 2030787
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2030787
11
reference_url https://access.redhat.com/errata/RHSA-2022:1276
reference_id RHSA-2022:1276
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:1276
12
reference_url https://access.redhat.com/errata/RHSA-2022:1361
reference_id RHSA-2022:1361
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:1361
13
reference_url https://access.redhat.com/errata/RHSA-2022:1372
reference_id RHSA-2022:1372
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:1372
14
reference_url https://access.redhat.com/errata/RHSA-2022:5068
reference_id RHSA-2022:5068
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:5068
15
reference_url https://access.redhat.com/errata/RHSA-2022:5069
reference_id RHSA-2022:5069
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:5069
16
reference_url https://access.redhat.com/errata/RHSA-2022:5188
reference_id RHSA-2022:5188
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:5188
17
reference_url https://access.redhat.com/errata/RHSA-2022:5673
reference_id RHSA-2022:5673
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:5673
18
reference_url https://access.redhat.com/errata/RHSA-2022:8938
reference_id RHSA-2022:8938
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:8938
19
reference_url https://access.redhat.com/errata/RHSA-2024:2944
reference_id RHSA-2024:2944
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:2944
Weaknesses
0
cwe_id 20
name Improper Input Validation
description The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.
Exploits
Severity_range_score7.0 - 8.9
Exploitability0.5
Weighted_severity8.0
Risk_score4.0
Resource_urlhttp://public2.vulnerablecode.io/vulnerabilities/VCID-n34c-71wq-s3e4