Django REST framework

Vulnerability Instance

Lookup for vulnerabilities affecting packages.

Vulnerability_idVCID-ayrd-g1eb-h3dt
SummaryOpenVPN: OpenVPN: Local denial of service vulnerability in interactive service agent
Aliases
0
alias CVE-2025-13751
Fixed_packages
0
url pkg:apk/alpine/openvpn@0?arch=loongarch64&distroversion=edge&reponame=main
purl pkg:apk/alpine/openvpn@0?arch=loongarch64&distroversion=edge&reponame=main
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/openvpn@0%3Farch=loongarch64&distroversion=edge&reponame=main
1
url pkg:apk/alpine/openvpn@0?arch=armhf&distroversion=edge&reponame=main
purl pkg:apk/alpine/openvpn@0?arch=armhf&distroversion=edge&reponame=main
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/openvpn@0%3Farch=armhf&distroversion=edge&reponame=main
2
url pkg:apk/alpine/openvpn@0?arch=aarch64&distroversion=edge&reponame=main
purl pkg:apk/alpine/openvpn@0?arch=aarch64&distroversion=edge&reponame=main
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/openvpn@0%3Farch=aarch64&distroversion=edge&reponame=main
3
url pkg:apk/alpine/openvpn@0?arch=armv7&distroversion=edge&reponame=main
purl pkg:apk/alpine/openvpn@0?arch=armv7&distroversion=edge&reponame=main
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/openvpn@0%3Farch=armv7&distroversion=edge&reponame=main
4
url pkg:apk/alpine/openvpn@0?arch=ppc64le&distroversion=edge&reponame=main
purl pkg:apk/alpine/openvpn@0?arch=ppc64le&distroversion=edge&reponame=main
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/openvpn@0%3Farch=ppc64le&distroversion=edge&reponame=main
5
url pkg:apk/alpine/openvpn@0?arch=riscv64&distroversion=edge&reponame=main
purl pkg:apk/alpine/openvpn@0?arch=riscv64&distroversion=edge&reponame=main
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/openvpn@0%3Farch=riscv64&distroversion=edge&reponame=main
6
url pkg:apk/alpine/openvpn@0?arch=s390x&distroversion=edge&reponame=main
purl pkg:apk/alpine/openvpn@0?arch=s390x&distroversion=edge&reponame=main
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/openvpn@0%3Farch=s390x&distroversion=edge&reponame=main
7
url pkg:apk/alpine/openvpn@0?arch=x86&distroversion=edge&reponame=main
purl pkg:apk/alpine/openvpn@0?arch=x86&distroversion=edge&reponame=main
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/openvpn@0%3Farch=x86&distroversion=edge&reponame=main
8
url pkg:apk/alpine/openvpn@0?arch=x86_64&distroversion=edge&reponame=main
purl pkg:apk/alpine/openvpn@0?arch=x86_64&distroversion=edge&reponame=main
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/openvpn@0%3Farch=x86_64&distroversion=edge&reponame=main
9
url pkg:deb/debian/openvpn@0?distro=trixie
purl pkg:deb/debian/openvpn@0?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openvpn@0%3Fdistro=trixie
10
url pkg:deb/debian/openvpn@2.5.1-3?distro=trixie
purl pkg:deb/debian/openvpn@2.5.1-3?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openvpn@2.5.1-3%3Fdistro=trixie
11
url pkg:deb/debian/openvpn@2.6.3-1%2Bdeb12u4?distro=trixie
purl pkg:deb/debian/openvpn@2.6.3-1%2Bdeb12u4?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openvpn@2.6.3-1%252Bdeb12u4%3Fdistro=trixie
12
url pkg:deb/debian/openvpn@2.6.14-1%2Bdeb13u1?distro=trixie
purl pkg:deb/debian/openvpn@2.6.14-1%2Bdeb13u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openvpn@2.6.14-1%252Bdeb13u1%3Fdistro=trixie
13
url pkg:deb/debian/openvpn@2.7.0-1?distro=trixie
purl pkg:deb/debian/openvpn@2.7.0-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openvpn@2.7.0-1%3Fdistro=trixie
14
url pkg:deb/debian/openvpn@2.7.1-1?distro=trixie
purl pkg:deb/debian/openvpn@2.7.1-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openvpn@2.7.1-1%3Fdistro=trixie
Affected_packages
References
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-13751.json
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-13751.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-13751
reference_id
reference_type
scores
0
value 0.00016
scoring_system epss
scoring_elements 0.0369
published_at 2026-04-02T12:55:00Z
1
value 0.00037
scoring_system epss
scoring_elements 0.10768
published_at 2026-04-18T12:55:00Z
2
value 0.00037
scoring_system epss
scoring_elements 0.10891
published_at 2026-04-08T12:55:00Z
3
value 0.00037
scoring_system epss
scoring_elements 0.10944
published_at 2026-04-09T12:55:00Z
4
value 0.00037
scoring_system epss
scoring_elements 0.10946
published_at 2026-04-11T12:55:00Z
5
value 0.00037
scoring_system epss
scoring_elements 0.10913
published_at 2026-04-12T12:55:00Z
6
value 0.00037
scoring_system epss
scoring_elements 0.1089
published_at 2026-04-13T12:55:00Z
7
value 0.00037
scoring_system epss
scoring_elements 0.10755
published_at 2026-04-16T12:55:00Z
8
value 0.00037
scoring_system epss
scoring_elements 0.1099
published_at 2026-04-04T12:55:00Z
9
value 0.00037
scoring_system epss
scoring_elements 0.10815
published_at 2026-04-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-13751
2
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2418624
reference_id 2418624
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2418624
3
reference_url https://community.openvpn.net/Security%20Announcements/CVE-2025-13751
reference_id CVE-2025-13751
reference_type
scores
0
value 1.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:P/VC:N/VI:N/VA:H/SC:N/SI:N/SA:H/E:U/U:Clear
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-03T16:32:17Z/
url https://community.openvpn.net/Security%20Announcements/CVE-2025-13751
4
reference_url https://www.mail-archive.com/openvpn-announce@lists.sourceforge.net/msg00153.html
reference_id msg00153.html
reference_type
scores
0
value 1.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:P/VC:N/VI:N/VA:H/SC:N/SI:N/SA:H/E:U/U:Clear
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-03T16:32:17Z/
url https://www.mail-archive.com/openvpn-announce@lists.sourceforge.net/msg00153.html
5
reference_url https://www.mail-archive.com/openvpn-announce@lists.sourceforge.net/msg00154.html
reference_id msg00154.html
reference_type
scores
0
value 1.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:P/VC:N/VI:N/VA:H/SC:N/SI:N/SA:H/E:U/U:Clear
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-03T16:32:17Z/
url https://www.mail-archive.com/openvpn-announce@lists.sourceforge.net/msg00154.html
Weaknesses
0
cwe_id 770
name Allocation of Resources Without Limits or Throttling
description The product allocates a reusable resource or group of resources on behalf of an actor without imposing any restrictions on the size or number of resources that can be allocated, in violation of the intended security policy for that actor.
1
cwe_id 775
name Missing Release of File Descriptor or Handle after Effective Lifetime
description The product does not release a file descriptor or handle after its effective lifetime has ended, i.e., after the file descriptor/handle is no longer needed.
2
cwe_id 841
name Improper Enforcement of Behavioral Workflow
description The product supports a session in which more than one behavior must be performed by an actor, but it does not properly ensure that the actor performs the behaviors in the required sequence.
Exploits
Severity_range_score1.3 - 5.5
Exploitabilitynull
Weighted_severitynull
Risk_scorenull
Resource_urlhttp://public2.vulnerablecode.io/vulnerabilities/VCID-ayrd-g1eb-h3dt