Django REST framework

Vulnerability Instance

Lookup for vulnerabilities affecting packages.

Vulnerability_idVCID-wm39-aehq-cyfb
Summaryvarnish: remote clients may cause Varnish to assert and restart which could result in DoS
Aliases
0
alias CVE-2020-11653
Fixed_packages
0
url pkg:deb/debian/varnish@6.4.0-1?distro=trixie
purl pkg:deb/debian/varnish@6.4.0-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/varnish@6.4.0-1%3Fdistro=trixie
1
url pkg:deb/debian/varnish@6.5.1-1%2Bdeb11u3
purl pkg:deb/debian/varnish@6.5.1-1%2Bdeb11u3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-5781-s1ny-q7ey
1
vulnerability VCID-cmeu-b3fh-hkaf
2
vulnerability VCID-djsh-vmzh-sbe7
3
vulnerability VCID-j1qj-kj7k-v7fx
4
vulnerability VCID-pww8-5fsd-1kcz
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/varnish@6.5.1-1%252Bdeb11u3
2
url pkg:deb/debian/varnish@6.5.1-1%2Bdeb11u3?distro=trixie
purl pkg:deb/debian/varnish@6.5.1-1%2Bdeb11u3?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-5781-s1ny-q7ey
1
vulnerability VCID-cmeu-b3fh-hkaf
2
vulnerability VCID-djsh-vmzh-sbe7
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/varnish@6.5.1-1%252Bdeb11u3%3Fdistro=trixie
3
url pkg:deb/debian/varnish@7.1.1-2%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/varnish@7.1.1-2%2Bdeb12u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-5781-s1ny-q7ey
1
vulnerability VCID-cmeu-b3fh-hkaf
2
vulnerability VCID-djsh-vmzh-sbe7
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/varnish@7.1.1-2%252Bdeb12u1%3Fdistro=trixie
4
url pkg:deb/debian/varnish@7.7.0-3?distro=trixie
purl pkg:deb/debian/varnish@7.7.0-3?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-cmeu-b3fh-hkaf
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/varnish@7.7.0-3%3Fdistro=trixie
5
url pkg:deb/debian/varnish@7.7.3-2?distro=trixie
purl pkg:deb/debian/varnish@7.7.3-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/varnish@7.7.3-2%3Fdistro=trixie
Affected_packages
0
url pkg:deb/debian/varnish@1.0.2-2
purl pkg:deb/debian/varnish@1.0.2-2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-4fbk-5fwk-efbd
1
vulnerability VCID-fgjt-z1kd-nbct
2
vulnerability VCID-hery-ps62-9kf5
3
vulnerability VCID-hpb7-1n1t-n3em
4
vulnerability VCID-j1qj-kj7k-v7fx
5
vulnerability VCID-mbcb-cn8g-zfgw
6
vulnerability VCID-nrzf-yt7d-x7dh
7
vulnerability VCID-ntj2-zryg-tubp
8
vulnerability VCID-pww8-5fsd-1kcz
9
vulnerability VCID-r7t1-a958-d7dg
10
vulnerability VCID-rn5t-3pup-kbbv
11
vulnerability VCID-tnwn-h2wc-q7c4
12
vulnerability VCID-wm39-aehq-cyfb
13
vulnerability VCID-z4zn-dpfs-j7cq
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/varnish@1.0.2-2
1
url pkg:deb/debian/varnish@1.1.2
purl pkg:deb/debian/varnish@1.1.2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-4fbk-5fwk-efbd
1
vulnerability VCID-fgjt-z1kd-nbct
2
vulnerability VCID-hery-ps62-9kf5
3
vulnerability VCID-hpb7-1n1t-n3em
4
vulnerability VCID-j1qj-kj7k-v7fx
5
vulnerability VCID-mbcb-cn8g-zfgw
6
vulnerability VCID-nrzf-yt7d-x7dh
7
vulnerability VCID-ntj2-zryg-tubp
8
vulnerability VCID-pww8-5fsd-1kcz
9
vulnerability VCID-r7t1-a958-d7dg
10
vulnerability VCID-rn5t-3pup-kbbv
11
vulnerability VCID-tnwn-h2wc-q7c4
12
vulnerability VCID-wm39-aehq-cyfb
13
vulnerability VCID-z4zn-dpfs-j7cq
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/varnish@1.1.2
2
url pkg:deb/debian/varnish@2.1.3-8%2Bdeb6u2
purl pkg:deb/debian/varnish@2.1.3-8%2Bdeb6u2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-4fbk-5fwk-efbd
1
vulnerability VCID-fgjt-z1kd-nbct
2
vulnerability VCID-hery-ps62-9kf5
3
vulnerability VCID-hpb7-1n1t-n3em
4
vulnerability VCID-j1qj-kj7k-v7fx
5
vulnerability VCID-mbcb-cn8g-zfgw
6
vulnerability VCID-ntj2-zryg-tubp
7
vulnerability VCID-pww8-5fsd-1kcz
8
vulnerability VCID-r7t1-a958-d7dg
9
vulnerability VCID-rn5t-3pup-kbbv
10
vulnerability VCID-tnwn-h2wc-q7c4
11
vulnerability VCID-wm39-aehq-cyfb
12
vulnerability VCID-z4zn-dpfs-j7cq
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/varnish@2.1.3-8%252Bdeb6u2
3
url pkg:deb/debian/varnish@3.0.2-2%2Bdeb7u2
purl pkg:deb/debian/varnish@3.0.2-2%2Bdeb7u2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-4fbk-5fwk-efbd
1
vulnerability VCID-fgjt-z1kd-nbct
2
vulnerability VCID-hery-ps62-9kf5
3
vulnerability VCID-hpb7-1n1t-n3em
4
vulnerability VCID-j1qj-kj7k-v7fx
5
vulnerability VCID-mbcb-cn8g-zfgw
6
vulnerability VCID-ntj2-zryg-tubp
7
vulnerability VCID-pww8-5fsd-1kcz
8
vulnerability VCID-r7t1-a958-d7dg
9
vulnerability VCID-rn5t-3pup-kbbv
10
vulnerability VCID-tnwn-h2wc-q7c4
11
vulnerability VCID-wm39-aehq-cyfb
12
vulnerability VCID-z4zn-dpfs-j7cq
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/varnish@3.0.2-2%252Bdeb7u2
4
url pkg:deb/debian/varnish@4.0.2-1
purl pkg:deb/debian/varnish@4.0.2-1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-4fbk-5fwk-efbd
1
vulnerability VCID-hery-ps62-9kf5
2
vulnerability VCID-hpb7-1n1t-n3em
3
vulnerability VCID-j1qj-kj7k-v7fx
4
vulnerability VCID-mbcb-cn8g-zfgw
5
vulnerability VCID-pww8-5fsd-1kcz
6
vulnerability VCID-r7t1-a958-d7dg
7
vulnerability VCID-rn5t-3pup-kbbv
8
vulnerability VCID-tnwn-h2wc-q7c4
9
vulnerability VCID-wm39-aehq-cyfb
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/varnish@4.0.2-1
5
url pkg:deb/debian/varnish@4.0.2-1%2Bdeb8u1
purl pkg:deb/debian/varnish@4.0.2-1%2Bdeb8u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-4fbk-5fwk-efbd
1
vulnerability VCID-hery-ps62-9kf5
2
vulnerability VCID-hpb7-1n1t-n3em
3
vulnerability VCID-j1qj-kj7k-v7fx
4
vulnerability VCID-mbcb-cn8g-zfgw
5
vulnerability VCID-pww8-5fsd-1kcz
6
vulnerability VCID-r7t1-a958-d7dg
7
vulnerability VCID-rn5t-3pup-kbbv
8
vulnerability VCID-tnwn-h2wc-q7c4
9
vulnerability VCID-wm39-aehq-cyfb
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/varnish@4.0.2-1%252Bdeb8u1
6
url pkg:deb/debian/varnish@5.0.0-7%2Bdeb9u2
purl pkg:deb/debian/varnish@5.0.0-7%2Bdeb9u2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-4fbk-5fwk-efbd
1
vulnerability VCID-hery-ps62-9kf5
2
vulnerability VCID-hpb7-1n1t-n3em
3
vulnerability VCID-j1qj-kj7k-v7fx
4
vulnerability VCID-mbcb-cn8g-zfgw
5
vulnerability VCID-pww8-5fsd-1kcz
6
vulnerability VCID-r7t1-a958-d7dg
7
vulnerability VCID-rn5t-3pup-kbbv
8
vulnerability VCID-tnwn-h2wc-q7c4
9
vulnerability VCID-wm39-aehq-cyfb
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/varnish@5.0.0-7%252Bdeb9u2
7
url pkg:deb/debian/varnish@6.1.1-1%2Bdeb10u3
purl pkg:deb/debian/varnish@6.1.1-1%2Bdeb10u3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-hery-ps62-9kf5
1
vulnerability VCID-hpb7-1n1t-n3em
2
vulnerability VCID-j1qj-kj7k-v7fx
3
vulnerability VCID-mbcb-cn8g-zfgw
4
vulnerability VCID-pww8-5fsd-1kcz
5
vulnerability VCID-r7t1-a958-d7dg
6
vulnerability VCID-rn5t-3pup-kbbv
7
vulnerability VCID-wm39-aehq-cyfb
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/varnish@6.1.1-1%252Bdeb10u3
References
0
reference_url http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00026.html
reference_id
reference_type
scores
url http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00026.html
1
reference_url http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00031.html
reference_id
reference_type
scores
url http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00031.html
2
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-11653.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-11653.json
3
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-11653
reference_id
reference_type
scores
0
value 0.0126
scoring_system epss
scoring_elements 0.79358
published_at 2026-04-01T12:55:00Z
1
value 0.0126
scoring_system epss
scoring_elements 0.79438
published_at 2026-04-21T12:55:00Z
2
value 0.0126
scoring_system epss
scoring_elements 0.79436
published_at 2026-04-16T12:55:00Z
3
value 0.0126
scoring_system epss
scoring_elements 0.79435
published_at 2026-04-18T12:55:00Z
4
value 0.0126
scoring_system epss
scoring_elements 0.79364
published_at 2026-04-02T12:55:00Z
5
value 0.0126
scoring_system epss
scoring_elements 0.79387
published_at 2026-04-04T12:55:00Z
6
value 0.0126
scoring_system epss
scoring_elements 0.79373
published_at 2026-04-07T12:55:00Z
7
value 0.0126
scoring_system epss
scoring_elements 0.794
published_at 2026-04-08T12:55:00Z
8
value 0.0126
scoring_system epss
scoring_elements 0.79409
published_at 2026-04-09T12:55:00Z
9
value 0.0126
scoring_system epss
scoring_elements 0.79433
published_at 2026-04-11T12:55:00Z
10
value 0.0126
scoring_system epss
scoring_elements 0.79416
published_at 2026-04-12T12:55:00Z
11
value 0.0126
scoring_system epss
scoring_elements 0.79405
published_at 2026-04-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-11653
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11653
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11653
5
reference_url https://lists.debian.org/debian-lts-announce/2022/11/msg00036.html
reference_id
reference_type
scores
url https://lists.debian.org/debian-lts-announce/2022/11/msg00036.html
6
reference_url https://varnish-cache.org/security/VSV00005.html#vsv00005
reference_id
reference_type
scores
url https://varnish-cache.org/security/VSV00005.html#vsv00005
7
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1813867
reference_id 1813867
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1813867
8
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=956307
reference_id 956307
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=956307
9
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:opensuse:backports_sle:15.0:sp1:*:*:*:*:*:*
reference_id cpe:2.3:a:opensuse:backports_sle:15.0:sp1:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:opensuse:backports_sle:15.0:sp1:*:*:*:*:*:*
10
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:varnish-cache:varnish_cache:*:*:*:*:-:*:*:*
reference_id cpe:2.3:a:varnish-cache:varnish_cache:*:*:*:*:-:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:varnish-cache:varnish_cache:*:*:*:*:-:*:*:*
11
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:varnish-software:varnish_cache:*:*:*:*:lts:*:*:*
reference_id cpe:2.3:a:varnish-software:varnish_cache:*:*:*:*:lts:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:varnish-software:varnish_cache:*:*:*:*:lts:*:*:*
12
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*
13
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*
reference_id cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*
14
reference_url https://nvd.nist.gov/vuln/detail/CVE-2020-11653
reference_id CVE-2020-11653
reference_type
scores
0
value 5.0
scoring_system cvssv2
scoring_elements AV:N/AC:L/Au:N/C:N/I:N/A:P
1
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://nvd.nist.gov/vuln/detail/CVE-2020-11653
15
reference_url https://access.redhat.com/errata/RHSA-2020:4756
reference_id RHSA-2020:4756
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:4756
16
reference_url https://usn.ubuntu.com/5474-1/
reference_id USN-5474-1
reference_type
scores
url https://usn.ubuntu.com/5474-1/
17
reference_url https://usn.ubuntu.com/5474-2/
reference_id USN-5474-2
reference_type
scores
url https://usn.ubuntu.com/5474-2/
Weaknesses
0
cwe_id 400
name Uncontrolled Resource Consumption
description The product does not properly control the allocation and maintenance of a limited resource, thereby enabling an actor to influence the amount of resources consumed, eventually leading to the exhaustion of available resources.
1
cwe_id 617
name Reachable Assertion
description The product contains an assert() or similar statement that can be triggered by an attacker, which leads to an application exit or other behavior that is more severe than necessary.
Exploits
Severity_range_score5.0 - 7.5
Exploitability0.5
Weighted_severity6.8
Risk_score3.4
Resource_urlhttp://public2.vulnerablecode.io/vulnerabilities/VCID-wm39-aehq-cyfb