Django REST framework

Vulnerability Instance

Lookup for vulnerabilities affecting packages.

Vulnerability_idVCID-zn42-jhqr-tfbe
Summaryprivate key recovery
Aliases
0
alias CVE-2020-16150
Fixed_packages
0
url pkg:alpm/archlinux/mbedtls@2.25.0-1
purl pkg:alpm/archlinux/mbedtls@2.25.0-1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-c7t5-rbve-6bgt
resource_url http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/mbedtls@2.25.0-1
1
url pkg:deb/debian/mbedtls@2.16.9-0.1
purl pkg:deb/debian/mbedtls@2.16.9-0.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-7655-p24c-v7ak
1
vulnerability VCID-q3se-s58t-6bdv
2
vulnerability VCID-v9te-tafp-pqg8
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/mbedtls@2.16.9-0.1
2
url pkg:deb/debian/mbedtls@2.16.9-0.1?distro=trixie
purl pkg:deb/debian/mbedtls@2.16.9-0.1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-265v-f4ma-4ybd
1
vulnerability VCID-392b-r35g-3qhw
2
vulnerability VCID-3jvp-8g4k-f3c2
3
vulnerability VCID-4tsc-je5d-hyf2
4
vulnerability VCID-6dg1-nr43-fbbv
5
vulnerability VCID-75te-t4yb-ebdg
6
vulnerability VCID-7655-p24c-v7ak
7
vulnerability VCID-eehk-bs4w-zkdg
8
vulnerability VCID-jk8q-h7dr-hyfp
9
vulnerability VCID-mftc-t2nk-buez
10
vulnerability VCID-q3se-s58t-6bdv
11
vulnerability VCID-v9te-tafp-pqg8
12
vulnerability VCID-vuk1-r6ye-efe2
13
vulnerability VCID-w25y-8pgg-xya1
14
vulnerability VCID-zx4b-1akw-pkdr
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/mbedtls@2.16.9-0.1%3Fdistro=trixie
3
url pkg:deb/debian/mbedtls@2.28.3-1?distro=trixie
purl pkg:deb/debian/mbedtls@2.28.3-1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-265v-f4ma-4ybd
1
vulnerability VCID-2knz-4np2-zqgt
2
vulnerability VCID-334y-58us-d7cg
3
vulnerability VCID-392b-r35g-3qhw
4
vulnerability VCID-3jvp-8g4k-f3c2
5
vulnerability VCID-4tsc-je5d-hyf2
6
vulnerability VCID-6dg1-nr43-fbbv
7
vulnerability VCID-75te-t4yb-ebdg
8
vulnerability VCID-7655-p24c-v7ak
9
vulnerability VCID-a267-c94c-y7e3
10
vulnerability VCID-ar63-j56b-23hq
11
vulnerability VCID-aubj-ve16-3qet
12
vulnerability VCID-cv4h-5b8j-buau
13
vulnerability VCID-eehk-bs4w-zkdg
14
vulnerability VCID-emw2-7ad4-9bcm
15
vulnerability VCID-jk8q-h7dr-hyfp
16
vulnerability VCID-mbwm-x4td-5uha
17
vulnerability VCID-q3se-s58t-6bdv
18
vulnerability VCID-smuy-m4tp-7ud2
19
vulnerability VCID-v9te-tafp-pqg8
20
vulnerability VCID-vuk1-r6ye-efe2
21
vulnerability VCID-w25y-8pgg-xya1
22
vulnerability VCID-zx4b-1akw-pkdr
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/mbedtls@2.28.3-1%3Fdistro=trixie
4
url pkg:deb/debian/mbedtls@3.6.5-0.1~deb13u1?distro=trixie
purl pkg:deb/debian/mbedtls@3.6.5-0.1~deb13u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-392b-r35g-3qhw
1
vulnerability VCID-4tsc-je5d-hyf2
2
vulnerability VCID-7655-p24c-v7ak
3
vulnerability VCID-77m6-wyh3-rbe3
4
vulnerability VCID-ar63-j56b-23hq
5
vulnerability VCID-aubj-ve16-3qet
6
vulnerability VCID-mbwm-x4td-5uha
7
vulnerability VCID-q3se-s58t-6bdv
8
vulnerability VCID-w25y-8pgg-xya1
9
vulnerability VCID-zx4b-1akw-pkdr
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/mbedtls@3.6.5-0.1~deb13u1%3Fdistro=trixie
5
url pkg:deb/debian/mbedtls@3.6.6-0.1?distro=trixie
purl pkg:deb/debian/mbedtls@3.6.6-0.1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/mbedtls@3.6.6-0.1%3Fdistro=trixie
6
url pkg:ebuild/net-libs/mbedtls@2.28.1
purl pkg:ebuild/net-libs/mbedtls@2.28.1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/net-libs/mbedtls@2.28.1
Affected_packages
0
url pkg:alpm/archlinux/mbedtls@2.16.7-1
purl pkg:alpm/archlinux/mbedtls@2.16.7-1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-zn42-jhqr-tfbe
resource_url http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/mbedtls@2.16.7-1
1
url pkg:conan/mbedtls@2.8.0
purl pkg:conan/mbedtls@2.8.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-zn42-jhqr-tfbe
resource_url http://public2.vulnerablecode.io/packages/pkg:conan/mbedtls@2.8.0
2
url pkg:conan/mbedtls@2.17.0
purl pkg:conan/mbedtls@2.17.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-zn42-jhqr-tfbe
resource_url http://public2.vulnerablecode.io/packages/pkg:conan/mbedtls@2.17.0
3
url pkg:deb/debian/mbedtls@2.4.2-1%2Bdeb9u1~bpo8%2B1
purl pkg:deb/debian/mbedtls@2.4.2-1%2Bdeb9u1~bpo8%2B1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-p162-tw8z-yfdx
1
vulnerability VCID-q4fa-4qre-mbam
2
vulnerability VCID-wx8q-caff-8ud1
3
vulnerability VCID-xbug-nn1y-sygc
4
vulnerability VCID-zn42-jhqr-tfbe
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/mbedtls@2.4.2-1%252Bdeb9u1~bpo8%252B1
4
url pkg:deb/debian/mbedtls@2.4.2-1%2Bdeb9u3
purl pkg:deb/debian/mbedtls@2.4.2-1%2Bdeb9u3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-p162-tw8z-yfdx
1
vulnerability VCID-q4fa-4qre-mbam
2
vulnerability VCID-wx8q-caff-8ud1
3
vulnerability VCID-xbug-nn1y-sygc
4
vulnerability VCID-zn42-jhqr-tfbe
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/mbedtls@2.4.2-1%252Bdeb9u3
5
url pkg:deb/debian/mbedtls@2.16.0-1
purl pkg:deb/debian/mbedtls@2.16.0-1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-wx8q-caff-8ud1
1
vulnerability VCID-zn42-jhqr-tfbe
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/mbedtls@2.16.0-1
References
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-16150
reference_id
reference_type
scores
0
value 0.00077
scoring_system epss
scoring_elements 0.23004
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-16150
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16150
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16150
2
reference_url https://tls.mbed.org/tech-updates/security-advisories/mbedtls-security-advisory-2020-09-1
reference_id
reference_type
scores
url https://tls.mbed.org/tech-updates/security-advisories/mbedtls-security-advisory-2020-09-1
3
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=972806
reference_id 972806
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=972806
4
reference_url https://security.archlinux.org/ASA-202101-7
reference_id ASA-202101-7
reference_type
scores
url https://security.archlinux.org/ASA-202101-7
5
reference_url https://security.archlinux.org/AVG-1386
reference_id AVG-1386
reference_type
scores
0
value High
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-1386
6
reference_url https://nvd.nist.gov/vuln/detail/CVE-2020-16150
reference_id CVE-2020-16150
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2020-16150
7
reference_url https://security.gentoo.org/glsa/202301-08
reference_id GLSA-202301-08
reference_type
scores
url https://security.gentoo.org/glsa/202301-08
Weaknesses
0
cwe_id 1035
name OWASP Top Ten 2017 Category A9 - Using Components with Known Vulnerabilities
description Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2017.
1
cwe_id 203
name Observable Discrepancy
description The product behaves differently or sends different responses under different circumstances in a way that is observable to an unauthorized actor, which exposes security-relevant information about the state of the product, such as whether a particular operation was successful or not.
2
cwe_id 937
name OWASP Top Ten 2013 Category A9 - Using Components with Known Vulnerabilities
description Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2013.
Exploits
Severity_range_score7.0 - 8.9
Exploitability0.5
Weighted_severity8.0
Risk_score4.0
Resource_urlhttp://public2.vulnerablecode.io/vulnerabilities/VCID-zn42-jhqr-tfbe