Django REST framework

Vulnerability Instance

Lookup for vulnerabilities affecting packages.

Vulnerability_idVCID-c453-7khw-mub2
SummaryErlang/OTP before 18.0-rc1 does not properly check CBC padding bytes when terminating connections, which makes it easier for man-in-the-middle attackers to obtain cleartext data via a padding-oracle attack, a variant of CVE-2014-3566 (aka POODLE).
Aliases
0
alias CVE-2015-2774
Fixed_packages
0
url pkg:deb/debian/erlang@1:17.3-dfsg-4
purl pkg:deb/debian/erlang@1:17.3-dfsg-4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1283-nvxm-r7cw
1
vulnerability VCID-1ge1-3e4a-ebfq
2
vulnerability VCID-5qc5-5xds-bqa9
3
vulnerability VCID-86hm-g3m9-tkft
4
vulnerability VCID-9nt8-a7kg-kfcz
5
vulnerability VCID-c3vm-u9jn-83cs
6
vulnerability VCID-h11x-uyd8-2bd9
7
vulnerability VCID-jg37-ud9r-d3h7
8
vulnerability VCID-jxzt-8wru-6yhk
9
vulnerability VCID-jzn6-bzzf-nugp
10
vulnerability VCID-nqfj-97y5-suar
11
vulnerability VCID-tbwg-7hga-cybn
12
vulnerability VCID-tnt7-d764-13cq
13
vulnerability VCID-vqnt-uyex-87fn
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/erlang@1:17.3-dfsg-4
1
url pkg:deb/debian/erlang@1:17.3-dfsg-4?distro=trixie
purl pkg:deb/debian/erlang@1:17.3-dfsg-4?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/erlang@1:17.3-dfsg-4%3Fdistro=trixie
2
url pkg:deb/debian/erlang@1:23.2.6%2Bdfsg-1%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/erlang@1:23.2.6%2Bdfsg-1%2Bdeb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-28fj-t5hy-x3gn
1
vulnerability VCID-gcn7-ak4r-eba3
2
vulnerability VCID-h1k4-x8vr-5bch
3
vulnerability VCID-j7t3-nrjj-pfgp
4
vulnerability VCID-s9qn-9qdm-j7ej
5
vulnerability VCID-w9yj-xg82-kyac
6
vulnerability VCID-wwcj-hwqc-f3g7
7
vulnerability VCID-xcks-117s-v3dd
8
vulnerability VCID-z6gs-aq96-gkaw
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/erlang@1:23.2.6%252Bdfsg-1%252Bdeb11u1%3Fdistro=trixie
3
url pkg:deb/debian/erlang@1:25.2.3%2Bdfsg-1%2Bdeb12u3?distro=trixie
purl pkg:deb/debian/erlang@1:25.2.3%2Bdfsg-1%2Bdeb12u3?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1283-nvxm-r7cw
1
vulnerability VCID-28fj-t5hy-x3gn
2
vulnerability VCID-c3vm-u9jn-83cs
3
vulnerability VCID-gcn7-ak4r-eba3
4
vulnerability VCID-h1k4-x8vr-5bch
5
vulnerability VCID-j7t3-nrjj-pfgp
6
vulnerability VCID-jxzt-8wru-6yhk
7
vulnerability VCID-s9qn-9qdm-j7ej
8
vulnerability VCID-w9yj-xg82-kyac
9
vulnerability VCID-wwcj-hwqc-f3g7
10
vulnerability VCID-xcks-117s-v3dd
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/erlang@1:25.2.3%252Bdfsg-1%252Bdeb12u3%3Fdistro=trixie
4
url pkg:deb/debian/erlang@1:27.3.4.1%2Bdfsg-1%2Bdeb13u1?distro=trixie
purl pkg:deb/debian/erlang@1:27.3.4.1%2Bdfsg-1%2Bdeb13u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-gcn7-ak4r-eba3
1
vulnerability VCID-h1k4-x8vr-5bch
2
vulnerability VCID-j7t3-nrjj-pfgp
3
vulnerability VCID-s9qn-9qdm-j7ej
4
vulnerability VCID-w9yj-xg82-kyac
5
vulnerability VCID-wwcj-hwqc-f3g7
6
vulnerability VCID-zegc-rj1x-ryau
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/erlang@1:27.3.4.1%252Bdfsg-1%252Bdeb13u1%3Fdistro=trixie
5
url pkg:deb/debian/erlang@1:27.3.4.9%2Bdfsg-1?distro=trixie
purl pkg:deb/debian/erlang@1:27.3.4.9%2Bdfsg-1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-gcn7-ak4r-eba3
1
vulnerability VCID-j7t3-nrjj-pfgp
2
vulnerability VCID-zegc-rj1x-ryau
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/erlang@1:27.3.4.9%252Bdfsg-1%3Fdistro=trixie
6
url pkg:deb/debian/erlang@1:27.3.4.10%2Bdfsg-1?distro=trixie
purl pkg:deb/debian/erlang@1:27.3.4.10%2Bdfsg-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/erlang@1:27.3.4.10%252Bdfsg-1%3Fdistro=trixie
Affected_packages
0
url pkg:deb/debian/erlang@49.1-10.1
purl pkg:deb/debian/erlang@49.1-10.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1283-nvxm-r7cw
1
vulnerability VCID-1ge1-3e4a-ebfq
2
vulnerability VCID-5qc5-5xds-bqa9
3
vulnerability VCID-86hm-g3m9-tkft
4
vulnerability VCID-9nt8-a7kg-kfcz
5
vulnerability VCID-c3vm-u9jn-83cs
6
vulnerability VCID-c453-7khw-mub2
7
vulnerability VCID-e1yx-dxa6-1bba
8
vulnerability VCID-h11x-uyd8-2bd9
9
vulnerability VCID-jg37-ud9r-d3h7
10
vulnerability VCID-jxzt-8wru-6yhk
11
vulnerability VCID-jzn6-bzzf-nugp
12
vulnerability VCID-nqfj-97y5-suar
13
vulnerability VCID-tbwg-7hga-cybn
14
vulnerability VCID-tnt7-d764-13cq
15
vulnerability VCID-udvu-fbdt-uygy
16
vulnerability VCID-uj9j-t27c-j3c1
17
vulnerability VCID-vqnt-uyex-87fn
18
vulnerability VCID-xap5-djda-2uem
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/erlang@49.1-10.1
1
url pkg:deb/debian/erlang@1:11.b.2-4
purl pkg:deb/debian/erlang@1:11.b.2-4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1283-nvxm-r7cw
1
vulnerability VCID-1ge1-3e4a-ebfq
2
vulnerability VCID-5qc5-5xds-bqa9
3
vulnerability VCID-86hm-g3m9-tkft
4
vulnerability VCID-9nt8-a7kg-kfcz
5
vulnerability VCID-c3vm-u9jn-83cs
6
vulnerability VCID-c453-7khw-mub2
7
vulnerability VCID-e1yx-dxa6-1bba
8
vulnerability VCID-h11x-uyd8-2bd9
9
vulnerability VCID-jg37-ud9r-d3h7
10
vulnerability VCID-jxzt-8wru-6yhk
11
vulnerability VCID-jzn6-bzzf-nugp
12
vulnerability VCID-nqfj-97y5-suar
13
vulnerability VCID-tbwg-7hga-cybn
14
vulnerability VCID-tnt7-d764-13cq
15
vulnerability VCID-udvu-fbdt-uygy
16
vulnerability VCID-uj9j-t27c-j3c1
17
vulnerability VCID-vqnt-uyex-87fn
18
vulnerability VCID-xap5-djda-2uem
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/erlang@1:11.b.2-4
2
url pkg:deb/debian/erlang@1:12.b.3-dfsg-4
purl pkg:deb/debian/erlang@1:12.b.3-dfsg-4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1283-nvxm-r7cw
1
vulnerability VCID-1ge1-3e4a-ebfq
2
vulnerability VCID-5qc5-5xds-bqa9
3
vulnerability VCID-86hm-g3m9-tkft
4
vulnerability VCID-9nt8-a7kg-kfcz
5
vulnerability VCID-c3vm-u9jn-83cs
6
vulnerability VCID-c453-7khw-mub2
7
vulnerability VCID-e1yx-dxa6-1bba
8
vulnerability VCID-h11x-uyd8-2bd9
9
vulnerability VCID-jg37-ud9r-d3h7
10
vulnerability VCID-jxzt-8wru-6yhk
11
vulnerability VCID-jzn6-bzzf-nugp
12
vulnerability VCID-nqfj-97y5-suar
13
vulnerability VCID-tbwg-7hga-cybn
14
vulnerability VCID-tnt7-d764-13cq
15
vulnerability VCID-udvu-fbdt-uygy
16
vulnerability VCID-uj9j-t27c-j3c1
17
vulnerability VCID-vqnt-uyex-87fn
18
vulnerability VCID-xap5-djda-2uem
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/erlang@1:12.b.3-dfsg-4
3
url pkg:deb/debian/erlang@1:14.a-dfsg-3squeeze1
purl pkg:deb/debian/erlang@1:14.a-dfsg-3squeeze1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1283-nvxm-r7cw
1
vulnerability VCID-1ge1-3e4a-ebfq
2
vulnerability VCID-5qc5-5xds-bqa9
3
vulnerability VCID-86hm-g3m9-tkft
4
vulnerability VCID-9nt8-a7kg-kfcz
5
vulnerability VCID-c3vm-u9jn-83cs
6
vulnerability VCID-c453-7khw-mub2
7
vulnerability VCID-e1yx-dxa6-1bba
8
vulnerability VCID-h11x-uyd8-2bd9
9
vulnerability VCID-jg37-ud9r-d3h7
10
vulnerability VCID-jxzt-8wru-6yhk
11
vulnerability VCID-jzn6-bzzf-nugp
12
vulnerability VCID-nqfj-97y5-suar
13
vulnerability VCID-tbwg-7hga-cybn
14
vulnerability VCID-tnt7-d764-13cq
15
vulnerability VCID-udvu-fbdt-uygy
16
vulnerability VCID-uj9j-t27c-j3c1
17
vulnerability VCID-vqnt-uyex-87fn
18
vulnerability VCID-xap5-djda-2uem
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/erlang@1:14.a-dfsg-3squeeze1
4
url pkg:deb/debian/erlang@1:15.b.1-dfsg-4%2Bdeb7u1
purl pkg:deb/debian/erlang@1:15.b.1-dfsg-4%2Bdeb7u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1283-nvxm-r7cw
1
vulnerability VCID-1ge1-3e4a-ebfq
2
vulnerability VCID-5qc5-5xds-bqa9
3
vulnerability VCID-86hm-g3m9-tkft
4
vulnerability VCID-9nt8-a7kg-kfcz
5
vulnerability VCID-c3vm-u9jn-83cs
6
vulnerability VCID-c453-7khw-mub2
7
vulnerability VCID-h11x-uyd8-2bd9
8
vulnerability VCID-jg37-ud9r-d3h7
9
vulnerability VCID-jxzt-8wru-6yhk
10
vulnerability VCID-jzn6-bzzf-nugp
11
vulnerability VCID-nqfj-97y5-suar
12
vulnerability VCID-tbwg-7hga-cybn
13
vulnerability VCID-tnt7-d764-13cq
14
vulnerability VCID-uj9j-t27c-j3c1
15
vulnerability VCID-vqnt-uyex-87fn
16
vulnerability VCID-xap5-djda-2uem
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/erlang@1:15.b.1-dfsg-4%252Bdeb7u1
5
url pkg:deb/debian/erlang@1:17.1-dfsg-4~bpo70%2B1
purl pkg:deb/debian/erlang@1:17.1-dfsg-4~bpo70%2B1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1283-nvxm-r7cw
1
vulnerability VCID-1ge1-3e4a-ebfq
2
vulnerability VCID-5qc5-5xds-bqa9
3
vulnerability VCID-86hm-g3m9-tkft
4
vulnerability VCID-9nt8-a7kg-kfcz
5
vulnerability VCID-c3vm-u9jn-83cs
6
vulnerability VCID-c453-7khw-mub2
7
vulnerability VCID-h11x-uyd8-2bd9
8
vulnerability VCID-jg37-ud9r-d3h7
9
vulnerability VCID-jxzt-8wru-6yhk
10
vulnerability VCID-jzn6-bzzf-nugp
11
vulnerability VCID-nqfj-97y5-suar
12
vulnerability VCID-tbwg-7hga-cybn
13
vulnerability VCID-tnt7-d764-13cq
14
vulnerability VCID-vqnt-uyex-87fn
15
vulnerability VCID-xap5-djda-2uem
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/erlang@1:17.1-dfsg-4~bpo70%252B1
6
url pkg:deb/debian/erlang@1:17.3-dfsg-4~bpo70%2B1
purl pkg:deb/debian/erlang@1:17.3-dfsg-4~bpo70%2B1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1283-nvxm-r7cw
1
vulnerability VCID-1ge1-3e4a-ebfq
2
vulnerability VCID-5qc5-5xds-bqa9
3
vulnerability VCID-86hm-g3m9-tkft
4
vulnerability VCID-9nt8-a7kg-kfcz
5
vulnerability VCID-c3vm-u9jn-83cs
6
vulnerability VCID-c453-7khw-mub2
7
vulnerability VCID-h11x-uyd8-2bd9
8
vulnerability VCID-jg37-ud9r-d3h7
9
vulnerability VCID-jxzt-8wru-6yhk
10
vulnerability VCID-jzn6-bzzf-nugp
11
vulnerability VCID-nqfj-97y5-suar
12
vulnerability VCID-tbwg-7hga-cybn
13
vulnerability VCID-tnt7-d764-13cq
14
vulnerability VCID-vqnt-uyex-87fn
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/erlang@1:17.3-dfsg-4~bpo70%252B1
References
0
reference_url http://lists.opensuse.org/opensuse-updates/2016-02/msg00124.html
reference_id
reference_type
scores
url http://lists.opensuse.org/opensuse-updates/2016-02/msg00124.html
1
reference_url http://openwall.com/lists/oss-security/2015/03/27/6
reference_id
reference_type
scores
url http://openwall.com/lists/oss-security/2015/03/27/6
2
reference_url http://openwall.com/lists/oss-security/2015/03/27/9
reference_id
reference_type
scores
url http://openwall.com/lists/oss-security/2015/03/27/9
3
reference_url https://api.first.org/data/v1/epss?cve=CVE-2015-2774
reference_id
reference_type
scores
0
value 0.00529
scoring_system epss
scoring_elements 0.67211
published_at 2026-04-13T12:55:00Z
1
value 0.00529
scoring_system epss
scoring_elements 0.67245
published_at 2026-04-16T12:55:00Z
2
value 0.00529
scoring_system epss
scoring_elements 0.67137
published_at 2026-04-01T12:55:00Z
3
value 0.00529
scoring_system epss
scoring_elements 0.67174
published_at 2026-04-07T12:55:00Z
4
value 0.00529
scoring_system epss
scoring_elements 0.67198
published_at 2026-04-04T12:55:00Z
5
value 0.00529
scoring_system epss
scoring_elements 0.67225
published_at 2026-04-08T12:55:00Z
6
value 0.00529
scoring_system epss
scoring_elements 0.67239
published_at 2026-04-09T12:55:00Z
7
value 0.00529
scoring_system epss
scoring_elements 0.67259
published_at 2026-04-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2015-2774
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2774
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2774
5
reference_url https://web.archive.org/web/20150905124006/http://www.erlang.org/news/85
reference_id
reference_type
scores
url https://web.archive.org/web/20150905124006/http://www.erlang.org/news/85
6
reference_url https://www.imperialviolet.org/2014/12/08/poodleagain.html
reference_id
reference_type
scores
url https://www.imperialviolet.org/2014/12/08/poodleagain.html
7
reference_url http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html
reference_id
reference_type
scores
url http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html
8
reference_url http://www.securityfocus.com/bid/73398
reference_id
reference_type
scores
url http://www.securityfocus.com/bid/73398
9
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=781839
reference_id 781839
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=781839
10
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:erlang:erlang\/otp:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:erlang:erlang\/otp:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:erlang:erlang\/otp:*:*:*:*:*:*:*:*
11
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*
reference_id cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*
12
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:solaris:11.2:*:*:*:*:*:*:*
reference_id cpe:2.3:o:oracle:solaris:11.2:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:solaris:11.2:*:*:*:*:*:*:*
13
reference_url https://nvd.nist.gov/vuln/detail/CVE-2015-2774
reference_id CVE-2015-2774
reference_type
scores
0
value 4.3
scoring_system cvssv2
scoring_elements AV:N/AC:M/Au:N/C:P/I:N/A:N
1
value 5.9
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
url https://nvd.nist.gov/vuln/detail/CVE-2015-2774
14
reference_url https://usn.ubuntu.com/3571-1/
reference_id USN-3571-1
reference_type
scores
url https://usn.ubuntu.com/3571-1/
Weaknesses
0
cwe_id 200
name Exposure of Sensitive Information to an Unauthorized Actor
description The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.
Exploits
Severity_range_score4.3 - 5.9
Exploitability0.5
Weighted_severity5.3
Risk_score2.6
Resource_urlhttp://public2.vulnerablecode.io/vulnerabilities/VCID-c453-7khw-mub2