Django REST framework

Lookup for vulnerabilities affecting packages.

Vulnerability_id VCID-cgcf-st57-tkd1

Summary Eventlet is a concurrent networking library for Python. A websocket peer may exhaust memory on Eventlet side by sending very large websocket frames. Malicious peer may exhaust memory on Eventlet side by sending highly compressed data frame. A patch in version 0.31.0 restricts websocket frame to reasonable limits. As a workaround, restricting memory usage via OS limits would help against overall machine exhaustion, but there is no workaround to protect Eventlet process.

Aliases

alias	CVE-2021-21419

alias	GHSA-9p9m-jm8w-94p2

alias	PYSEC-2021-12

Fixed_packages

url	pkg:alpm/archlinux/python-eventlet@0.31.0-1
purl	pkg:alpm/archlinux/python-eventlet@0.31.0-1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/python-eventlet@0.31.0-1

url	pkg:deb/debian/python-eventlet@0.26.1-7?distro=trixie
purl	pkg:deb/debian/python-eventlet@0.26.1-7?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/python-eventlet@0.26.1-7%3Fdistro=trixie

url pkg:deb/debian/python-eventlet@0.26.1-7%2Bdeb11u1

purl pkg:deb/debian/python-eventlet@0.26.1-7%2Bdeb11u1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-bnye-3p23-zyc9

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/python-eventlet@0.26.1-7%252Bdeb11u1

url	pkg:deb/debian/python-eventlet@0.26.1-7%2Bdeb11u1?distro=trixie
purl	pkg:deb/debian/python-eventlet@0.26.1-7%2Bdeb11u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/python-eventlet@0.26.1-7%252Bdeb11u1%3Fdistro=trixie

url pkg:deb/debian/python-eventlet@0.33.1-4?distro=trixie

purl pkg:deb/debian/python-eventlet@0.33.1-4?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-bnye-3p23-zyc9

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/python-eventlet@0.33.1-4%3Fdistro=trixie

url	pkg:deb/debian/python-eventlet@0.39.1-2%2Bdeb13u1?distro=trixie
purl	pkg:deb/debian/python-eventlet@0.39.1-2%2Bdeb13u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/python-eventlet@0.39.1-2%252Bdeb13u1%3Fdistro=trixie

url	pkg:deb/debian/python-eventlet@0.40.4-1?distro=trixie
purl	pkg:deb/debian/python-eventlet@0.40.4-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/python-eventlet@0.40.4-1%3Fdistro=trixie

url pkg:pypi/eventlet@0.31.0

purl pkg:pypi/eventlet@0.31.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-7493-kzzq-27dw

vulnerability	VCID-bnye-3p23-zyc9

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/eventlet@0.31.0

Affected_packages

url pkg:alpm/archlinux/python-eventlet@0.30.2-1

purl pkg:alpm/archlinux/python-eventlet@0.30.2-1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-cgcf-st57-tkd1

resource_url http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/python-eventlet@0.30.2-1

url pkg:deb/debian/python-eventlet@0.9.16-3

purl pkg:deb/debian/python-eventlet@0.9.16-3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-bnye-3p23-zyc9

vulnerability	VCID-cgcf-st57-tkd1

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/python-eventlet@0.9.16-3

url pkg:deb/debian/python-eventlet@0.13.0-2

purl pkg:deb/debian/python-eventlet@0.13.0-2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-bnye-3p23-zyc9

vulnerability	VCID-cgcf-st57-tkd1

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/python-eventlet@0.13.0-2

url pkg:deb/debian/python-eventlet@0.19.0-6~bpo8%2B1

purl pkg:deb/debian/python-eventlet@0.19.0-6~bpo8%2B1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-bnye-3p23-zyc9

vulnerability	VCID-cgcf-st57-tkd1

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/python-eventlet@0.19.0-6~bpo8%252B1

url pkg:deb/debian/python-eventlet@0.19.0-6

purl pkg:deb/debian/python-eventlet@0.19.0-6

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-bnye-3p23-zyc9

vulnerability	VCID-cgcf-st57-tkd1

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/python-eventlet@0.19.0-6

url pkg:deb/debian/python-eventlet@0.20.0-6

purl pkg:deb/debian/python-eventlet@0.20.0-6

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-bnye-3p23-zyc9

vulnerability	VCID-cgcf-st57-tkd1

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/python-eventlet@0.20.0-6

url pkg:pypi/eventlet@0.10.0

purl pkg:pypi/eventlet@0.10.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-7493-kzzq-27dw

vulnerability	VCID-bnye-3p23-zyc9

vulnerability	VCID-cgcf-st57-tkd1

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/eventlet@0.10.0

url pkg:pypi/eventlet@0.10

purl pkg:pypi/eventlet@0.10

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-cgcf-st57-tkd1

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/eventlet@0.10

url pkg:pypi/eventlet@0.11.0

purl pkg:pypi/eventlet@0.11.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-7493-kzzq-27dw

vulnerability	VCID-bnye-3p23-zyc9

vulnerability	VCID-cgcf-st57-tkd1

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/eventlet@0.11.0

url pkg:pypi/eventlet@0.12.1

purl pkg:pypi/eventlet@0.12.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-7493-kzzq-27dw

vulnerability	VCID-bnye-3p23-zyc9

vulnerability	VCID-cgcf-st57-tkd1

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/eventlet@0.12.1

url pkg:pypi/eventlet@0.13.0

purl pkg:pypi/eventlet@0.13.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-7493-kzzq-27dw

vulnerability	VCID-bnye-3p23-zyc9

vulnerability	VCID-cgcf-st57-tkd1

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/eventlet@0.13.0

url pkg:pypi/eventlet@0.14.0

purl pkg:pypi/eventlet@0.14.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-7493-kzzq-27dw

vulnerability	VCID-bnye-3p23-zyc9

vulnerability	VCID-cgcf-st57-tkd1

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/eventlet@0.14.0

url pkg:pypi/eventlet@0.15.2

purl pkg:pypi/eventlet@0.15.2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-7493-kzzq-27dw

vulnerability	VCID-bnye-3p23-zyc9

vulnerability	VCID-cgcf-st57-tkd1

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/eventlet@0.15.2

url pkg:pypi/eventlet@0.16.1

purl pkg:pypi/eventlet@0.16.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-7493-kzzq-27dw

vulnerability	VCID-bnye-3p23-zyc9

vulnerability	VCID-cgcf-st57-tkd1

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/eventlet@0.16.1

url pkg:pypi/eventlet@0.17.4

purl pkg:pypi/eventlet@0.17.4

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-7493-kzzq-27dw

vulnerability	VCID-bnye-3p23-zyc9

vulnerability	VCID-cgcf-st57-tkd1

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/eventlet@0.17.4

url pkg:pypi/eventlet@0.18.2

purl pkg:pypi/eventlet@0.18.2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-7493-kzzq-27dw

vulnerability	VCID-bnye-3p23-zyc9

vulnerability	VCID-cgcf-st57-tkd1

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/eventlet@0.18.2

url pkg:pypi/eventlet@0.18.3

purl pkg:pypi/eventlet@0.18.3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-7493-kzzq-27dw

vulnerability	VCID-bnye-3p23-zyc9

vulnerability	VCID-cgcf-st57-tkd1

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/eventlet@0.18.3

url pkg:pypi/eventlet@0.18.4

purl pkg:pypi/eventlet@0.18.4

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-7493-kzzq-27dw

vulnerability	VCID-bnye-3p23-zyc9

vulnerability	VCID-cgcf-st57-tkd1

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/eventlet@0.18.4

url pkg:pypi/eventlet@0.19.0

purl pkg:pypi/eventlet@0.19.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-7493-kzzq-27dw

vulnerability	VCID-bnye-3p23-zyc9

vulnerability	VCID-cgcf-st57-tkd1

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/eventlet@0.19.0

url pkg:pypi/eventlet@0.20.0

purl pkg:pypi/eventlet@0.20.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-7493-kzzq-27dw

vulnerability	VCID-bnye-3p23-zyc9

vulnerability	VCID-cgcf-st57-tkd1

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/eventlet@0.20.0

url pkg:pypi/eventlet@0.20.1

purl pkg:pypi/eventlet@0.20.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-7493-kzzq-27dw

vulnerability	VCID-bnye-3p23-zyc9

vulnerability	VCID-cgcf-st57-tkd1

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/eventlet@0.20.1

url pkg:pypi/eventlet@0.21.0

purl pkg:pypi/eventlet@0.21.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-7493-kzzq-27dw

vulnerability	VCID-bnye-3p23-zyc9

vulnerability	VCID-cgcf-st57-tkd1

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/eventlet@0.21.0

url pkg:pypi/eventlet@0.22.0

purl pkg:pypi/eventlet@0.22.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-7493-kzzq-27dw

vulnerability	VCID-bnye-3p23-zyc9

vulnerability	VCID-cgcf-st57-tkd1

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/eventlet@0.22.0

url pkg:pypi/eventlet@0.22.1

purl pkg:pypi/eventlet@0.22.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-7493-kzzq-27dw

vulnerability	VCID-bnye-3p23-zyc9

vulnerability	VCID-cgcf-st57-tkd1

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/eventlet@0.22.1

url pkg:pypi/eventlet@0.23.0

purl pkg:pypi/eventlet@0.23.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-7493-kzzq-27dw

vulnerability	VCID-bnye-3p23-zyc9

vulnerability	VCID-cgcf-st57-tkd1

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/eventlet@0.23.0

url pkg:pypi/eventlet@0.24.0

purl pkg:pypi/eventlet@0.24.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-7493-kzzq-27dw

vulnerability	VCID-bnye-3p23-zyc9

vulnerability	VCID-cgcf-st57-tkd1

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/eventlet@0.24.0

url pkg:pypi/eventlet@0.24.1

purl pkg:pypi/eventlet@0.24.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-7493-kzzq-27dw

vulnerability	VCID-bnye-3p23-zyc9

vulnerability	VCID-cgcf-st57-tkd1

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/eventlet@0.24.1

url pkg:pypi/eventlet@0.25.0

purl pkg:pypi/eventlet@0.25.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-7493-kzzq-27dw

vulnerability	VCID-bnye-3p23-zyc9

vulnerability	VCID-cgcf-st57-tkd1

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/eventlet@0.25.0

url pkg:pypi/eventlet@0.25.1

purl pkg:pypi/eventlet@0.25.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-7493-kzzq-27dw

vulnerability	VCID-bnye-3p23-zyc9

vulnerability	VCID-cgcf-st57-tkd1

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/eventlet@0.25.1

url pkg:pypi/eventlet@0.25.2

purl pkg:pypi/eventlet@0.25.2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-7493-kzzq-27dw

vulnerability	VCID-bnye-3p23-zyc9

vulnerability	VCID-cgcf-st57-tkd1

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/eventlet@0.25.2

url pkg:pypi/eventlet@0.26.0

purl pkg:pypi/eventlet@0.26.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-7493-kzzq-27dw

vulnerability	VCID-bnye-3p23-zyc9

vulnerability	VCID-cgcf-st57-tkd1

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/eventlet@0.26.0

url pkg:pypi/eventlet@0.26.1

purl pkg:pypi/eventlet@0.26.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-7493-kzzq-27dw

vulnerability	VCID-bnye-3p23-zyc9

vulnerability	VCID-cgcf-st57-tkd1

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/eventlet@0.26.1

url pkg:pypi/eventlet@0.27.0

purl pkg:pypi/eventlet@0.27.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-7493-kzzq-27dw

vulnerability	VCID-bnye-3p23-zyc9

vulnerability	VCID-cgcf-st57-tkd1

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/eventlet@0.27.0

url pkg:pypi/eventlet@0.28.0

purl pkg:pypi/eventlet@0.28.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-7493-kzzq-27dw

vulnerability	VCID-bnye-3p23-zyc9

vulnerability	VCID-cgcf-st57-tkd1

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/eventlet@0.28.0

url pkg:pypi/eventlet@0.28.1

purl pkg:pypi/eventlet@0.28.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-7493-kzzq-27dw

vulnerability	VCID-bnye-3p23-zyc9

vulnerability	VCID-cgcf-st57-tkd1

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/eventlet@0.28.1

url pkg:pypi/eventlet@0.29.0

purl pkg:pypi/eventlet@0.29.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-7493-kzzq-27dw

vulnerability	VCID-bnye-3p23-zyc9

vulnerability	VCID-cgcf-st57-tkd1

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/eventlet@0.29.0

url pkg:pypi/eventlet@0.29.1

purl pkg:pypi/eventlet@0.29.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-7493-kzzq-27dw

vulnerability	VCID-bnye-3p23-zyc9

vulnerability	VCID-cgcf-st57-tkd1

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/eventlet@0.29.1

url pkg:pypi/eventlet@0.30.0

purl pkg:pypi/eventlet@0.30.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-7493-kzzq-27dw

vulnerability	VCID-bnye-3p23-zyc9

vulnerability	VCID-cgcf-st57-tkd1

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/eventlet@0.30.0

url pkg:pypi/eventlet@0.30.1

purl pkg:pypi/eventlet@0.30.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-7493-kzzq-27dw

vulnerability	VCID-bnye-3p23-zyc9

vulnerability	VCID-cgcf-st57-tkd1

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/eventlet@0.30.1

url pkg:pypi/eventlet@0.30.2

purl pkg:pypi/eventlet@0.30.2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-7493-kzzq-27dw

vulnerability	VCID-bnye-3p23-zyc9

vulnerability	VCID-cgcf-st57-tkd1

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/eventlet@0.30.2

url pkg:pypi/eventlet@0.30.3

purl pkg:pypi/eventlet@0.30.3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-7493-kzzq-27dw

vulnerability	VCID-bnye-3p23-zyc9

vulnerability	VCID-cgcf-st57-tkd1

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/eventlet@0.30.3

url pkg:rpm/redhat/python-eventlet@0.25.2-4?arch=el8

purl pkg:rpm/redhat/python-eventlet@0.25.2-4?arch=el8

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-cgcf-st57-tkd1

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/python-eventlet@0.25.2-4%3Farch=el8

url pkg:rpm/redhat/python-eventlet@0.25.2-5.el8ost?arch=1

purl pkg:rpm/redhat/python-eventlet@0.25.2-5.el8ost?arch=1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-cgcf-st57-tkd1

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/python-eventlet@0.25.2-5.el8ost%3Farch=1

References

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-21419.json

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-21419.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2021-21419

reference_id

reference_type

scores

value	0.00097
scoring_system	epss
scoring_elements	0.26716
published_at	2026-04-18T12:55:00Z

value	0.00097
scoring_system	epss
scoring_elements	0.26744
published_at	2026-04-16T12:55:00Z

value	0.00097
scoring_system	epss
scoring_elements	0.26736
published_at	2026-04-13T12:55:00Z

value	0.00097
scoring_system	epss
scoring_elements	0.26793
published_at	2026-04-12T12:55:00Z

value	0.00097
scoring_system	epss
scoring_elements	0.26838
published_at	2026-04-11T12:55:00Z

value	0.00097
scoring_system	epss
scoring_elements	0.26835
published_at	2026-04-09T12:55:00Z

value	0.00097
scoring_system	epss
scoring_elements	0.26786
published_at	2026-04-08T12:55:00Z

value	0.00097
scoring_system	epss
scoring_elements	0.26717
published_at	2026-04-07T12:55:00Z

value	0.00097
scoring_system	epss
scoring_elements	0.26929
published_at	2026-04-04T12:55:00Z

value	0.00097
scoring_system	epss
scoring_elements	0.26854
published_at	2026-04-01T12:55:00Z

value	0.00097
scoring_system	epss
scoring_elements	0.26895
published_at	2026-04-02T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2021-21419

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21419
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21419

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

https://github.com/eventlet/eventlet

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

value	6.9
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/eventlet/eventlet

reference_url

https://github.com/eventlet/eventlet/commit/1412f5e4125b4313f815778a1acb4d3336efcd07

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

value	6.9
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/eventlet/eventlet/commit/1412f5e4125b4313f815778a1acb4d3336efcd07

reference_url

https://github.com/eventlet/eventlet/security/advisories/GHSA-9p9m-jm8w-94p2

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

value	MODERATE
scoring_system	cvssv3.1_qr
scoring_elements

value	6.9
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/eventlet/eventlet/security/advisories/GHSA-9p9m-jm8w-94p2

reference_url

https://github.com/pypa/advisory-database/tree/main/vulns/eventlet/PYSEC-2021-12.yaml

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

value	6.9
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/pypa/advisory-database/tree/main/vulns/eventlet/PYSEC-2021-12.yaml

reference_url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2WJFSBPLCNSZNHYQC4QDRDFRTEZRMD2L

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

value	6.9
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2WJFSBPLCNSZNHYQC4QDRDFRTEZRMD2L

reference_url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R5JZP4LZOSP7CUAM3GIRW6PIAWKH5VGB

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

value	6.9
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R5JZP4LZOSP7CUAM3GIRW6PIAWKH5VGB

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2021-21419

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

value	6.9
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2021-21419

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1958407
reference_id	1958407
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1958407

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=988342
reference_id	988342
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=988342

reference_url

https://security.archlinux.org/AVG-1928

reference_id

AVG-1928

reference_type

scores

value	Medium
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-1928

reference_url

https://github.com/advisories/GHSA-9p9m-jm8w-94p2

reference_id

GHSA-9p9m-jm8w-94p2

reference_type

scores

value	MODERATE
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-9p9m-jm8w-94p2

reference_url	https://access.redhat.com/errata/RHSA-2021:2437
reference_id	RHSA-2021:2437
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:2437

reference_url	https://access.redhat.com/errata/RHSA-2021:5071
reference_id	RHSA-2021:5071
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:5071

reference_url	https://usn.ubuntu.com/4956-1/
reference_id	USN-4956-1
reference_type
scores
url	https://usn.ubuntu.com/4956-1/

Weaknesses

cwe_id	400
name	Uncontrolled Resource Consumption
description	The product does not properly control the allocation and maintenance of a limited resource, thereby enabling an actor to influence the amount of resources consumed, eventually leading to the exhaustion of available resources.

cwe_id	937
name	OWASP Top Ten 2013 Category A9 - Using Components with Known Vulnerabilities
description	Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2013.

cwe_id	1035
name	OWASP Top Ten 2017 Category A9 - Using Components with Known Vulnerabilities
description	Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2017.

Exploits

Severity_range_score 4.0 - 7.5

Exploitability 0.5

Weighted_severity 6.2

Risk_score 3.1

Resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-cgcf-st57-tkd1

Vulnerability Instance