Django REST framework

Lookup for vulnerabilities affecting packages.

Vulnerability_id VCID-7v3a-5q44-cucz

Summary Mbed TLS before 3.6.4 has a NULL pointer dereference because mbedtls_asn1_store_named_data can trigger conflicting data with val.p of NULL but val.len greater than zero.

Aliases

alias	CVE-2025-48965

Fixed_packages

url	pkg:apk/alpine/mbedtls@3.6.4-r0?arch=armhf&distroversion=v3.21&reponame=main
purl	pkg:apk/alpine/mbedtls@3.6.4-r0?arch=armhf&distroversion=v3.21&reponame=main
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/mbedtls@3.6.4-r0%3Farch=armhf&distroversion=v3.21&reponame=main

url	pkg:apk/alpine/mbedtls@3.6.4-r0?arch=aarch64&distroversion=v3.22&reponame=main
purl	pkg:apk/alpine/mbedtls@3.6.4-r0?arch=aarch64&distroversion=v3.22&reponame=main
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/mbedtls@3.6.4-r0%3Farch=aarch64&distroversion=v3.22&reponame=main

url	pkg:apk/alpine/mbedtls@3.6.4-r0?arch=armhf&distroversion=v3.22&reponame=main
purl	pkg:apk/alpine/mbedtls@3.6.4-r0?arch=armhf&distroversion=v3.22&reponame=main
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/mbedtls@3.6.4-r0%3Farch=armhf&distroversion=v3.22&reponame=main

url	pkg:apk/alpine/mbedtls@3.6.4-r0?arch=armv7&distroversion=v3.22&reponame=main
purl	pkg:apk/alpine/mbedtls@3.6.4-r0?arch=armv7&distroversion=v3.22&reponame=main
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/mbedtls@3.6.4-r0%3Farch=armv7&distroversion=v3.22&reponame=main

url	pkg:apk/alpine/mbedtls@3.6.4-r0?arch=loongarch64&distroversion=v3.22&reponame=main
purl	pkg:apk/alpine/mbedtls@3.6.4-r0?arch=loongarch64&distroversion=v3.22&reponame=main
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/mbedtls@3.6.4-r0%3Farch=loongarch64&distroversion=v3.22&reponame=main

url	pkg:apk/alpine/mbedtls@3.6.4-r0?arch=ppc64le&distroversion=v3.22&reponame=main
purl	pkg:apk/alpine/mbedtls@3.6.4-r0?arch=ppc64le&distroversion=v3.22&reponame=main
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/mbedtls@3.6.4-r0%3Farch=ppc64le&distroversion=v3.22&reponame=main

url	pkg:apk/alpine/mbedtls@3.6.4-r0?arch=riscv64&distroversion=v3.22&reponame=main
purl	pkg:apk/alpine/mbedtls@3.6.4-r0?arch=riscv64&distroversion=v3.22&reponame=main
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/mbedtls@3.6.4-r0%3Farch=riscv64&distroversion=v3.22&reponame=main

url	pkg:apk/alpine/mbedtls@3.6.4-r0?arch=s390x&distroversion=v3.22&reponame=main
purl	pkg:apk/alpine/mbedtls@3.6.4-r0?arch=s390x&distroversion=v3.22&reponame=main
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/mbedtls@3.6.4-r0%3Farch=s390x&distroversion=v3.22&reponame=main

url	pkg:apk/alpine/mbedtls@3.6.4-r0?arch=x86&distroversion=v3.22&reponame=main
purl	pkg:apk/alpine/mbedtls@3.6.4-r0?arch=x86&distroversion=v3.22&reponame=main
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/mbedtls@3.6.4-r0%3Farch=x86&distroversion=v3.22&reponame=main

url	pkg:apk/alpine/mbedtls@3.6.4-r0?arch=x86_64&distroversion=v3.22&reponame=main
purl	pkg:apk/alpine/mbedtls@3.6.4-r0?arch=x86_64&distroversion=v3.22&reponame=main
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/mbedtls@3.6.4-r0%3Farch=x86_64&distroversion=v3.22&reponame=main

url	pkg:apk/alpine/mbedtls@3.6.4-r0?arch=aarch64&distroversion=v3.23&reponame=main
purl	pkg:apk/alpine/mbedtls@3.6.4-r0?arch=aarch64&distroversion=v3.23&reponame=main
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/mbedtls@3.6.4-r0%3Farch=aarch64&distroversion=v3.23&reponame=main

url	pkg:apk/alpine/mbedtls@3.6.4-r0?arch=armhf&distroversion=v3.23&reponame=main
purl	pkg:apk/alpine/mbedtls@3.6.4-r0?arch=armhf&distroversion=v3.23&reponame=main
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/mbedtls@3.6.4-r0%3Farch=armhf&distroversion=v3.23&reponame=main

url	pkg:apk/alpine/mbedtls@3.6.4-r0?arch=armv7&distroversion=v3.23&reponame=main
purl	pkg:apk/alpine/mbedtls@3.6.4-r0?arch=armv7&distroversion=v3.23&reponame=main
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/mbedtls@3.6.4-r0%3Farch=armv7&distroversion=v3.23&reponame=main

url	pkg:apk/alpine/mbedtls@3.6.4-r0?arch=loongarch64&distroversion=v3.23&reponame=main
purl	pkg:apk/alpine/mbedtls@3.6.4-r0?arch=loongarch64&distroversion=v3.23&reponame=main
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/mbedtls@3.6.4-r0%3Farch=loongarch64&distroversion=v3.23&reponame=main

url	pkg:apk/alpine/mbedtls@3.6.4-r0?arch=ppc64le&distroversion=v3.23&reponame=main
purl	pkg:apk/alpine/mbedtls@3.6.4-r0?arch=ppc64le&distroversion=v3.23&reponame=main
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/mbedtls@3.6.4-r0%3Farch=ppc64le&distroversion=v3.23&reponame=main

url	pkg:apk/alpine/mbedtls@3.6.4-r0?arch=riscv64&distroversion=v3.23&reponame=main
purl	pkg:apk/alpine/mbedtls@3.6.4-r0?arch=riscv64&distroversion=v3.23&reponame=main
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/mbedtls@3.6.4-r0%3Farch=riscv64&distroversion=v3.23&reponame=main

url	pkg:apk/alpine/mbedtls@3.6.4-r0?arch=s390x&distroversion=v3.23&reponame=main
purl	pkg:apk/alpine/mbedtls@3.6.4-r0?arch=s390x&distroversion=v3.23&reponame=main
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/mbedtls@3.6.4-r0%3Farch=s390x&distroversion=v3.23&reponame=main

url	pkg:apk/alpine/mbedtls@3.6.4-r0?arch=x86&distroversion=v3.23&reponame=main
purl	pkg:apk/alpine/mbedtls@3.6.4-r0?arch=x86&distroversion=v3.23&reponame=main
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/mbedtls@3.6.4-r0%3Farch=x86&distroversion=v3.23&reponame=main

url	pkg:apk/alpine/mbedtls@3.6.4-r0?arch=x86_64&distroversion=v3.23&reponame=main
purl	pkg:apk/alpine/mbedtls@3.6.4-r0?arch=x86_64&distroversion=v3.23&reponame=main
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/mbedtls@3.6.4-r0%3Farch=x86_64&distroversion=v3.23&reponame=main

url	pkg:apk/alpine/mbedtls@3.6.4-r0?arch=aarch64&distroversion=v3.21&reponame=main
purl	pkg:apk/alpine/mbedtls@3.6.4-r0?arch=aarch64&distroversion=v3.21&reponame=main
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/mbedtls@3.6.4-r0%3Farch=aarch64&distroversion=v3.21&reponame=main

url	pkg:apk/alpine/mbedtls@3.6.4-r0?arch=armv7&distroversion=v3.21&reponame=main
purl	pkg:apk/alpine/mbedtls@3.6.4-r0?arch=armv7&distroversion=v3.21&reponame=main
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/mbedtls@3.6.4-r0%3Farch=armv7&distroversion=v3.21&reponame=main

url	pkg:apk/alpine/mbedtls@3.6.4-r0?arch=loongarch64&distroversion=v3.21&reponame=main
purl	pkg:apk/alpine/mbedtls@3.6.4-r0?arch=loongarch64&distroversion=v3.21&reponame=main
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/mbedtls@3.6.4-r0%3Farch=loongarch64&distroversion=v3.21&reponame=main

url	pkg:apk/alpine/mbedtls@3.6.4-r0?arch=ppc64le&distroversion=v3.21&reponame=main
purl	pkg:apk/alpine/mbedtls@3.6.4-r0?arch=ppc64le&distroversion=v3.21&reponame=main
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/mbedtls@3.6.4-r0%3Farch=ppc64le&distroversion=v3.21&reponame=main

url	pkg:apk/alpine/mbedtls@3.6.4-r0?arch=riscv64&distroversion=v3.21&reponame=main
purl	pkg:apk/alpine/mbedtls@3.6.4-r0?arch=riscv64&distroversion=v3.21&reponame=main
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/mbedtls@3.6.4-r0%3Farch=riscv64&distroversion=v3.21&reponame=main

url	pkg:apk/alpine/mbedtls@3.6.4-r0?arch=s390x&distroversion=v3.21&reponame=main
purl	pkg:apk/alpine/mbedtls@3.6.4-r0?arch=s390x&distroversion=v3.21&reponame=main
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/mbedtls@3.6.4-r0%3Farch=s390x&distroversion=v3.21&reponame=main

url	pkg:apk/alpine/mbedtls@3.6.4-r0?arch=x86&distroversion=v3.21&reponame=main
purl	pkg:apk/alpine/mbedtls@3.6.4-r0?arch=x86&distroversion=v3.21&reponame=main
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/mbedtls@3.6.4-r0%3Farch=x86&distroversion=v3.21&reponame=main

url	pkg:apk/alpine/mbedtls@3.6.4-r0?arch=x86_64&distroversion=v3.21&reponame=main
purl	pkg:apk/alpine/mbedtls@3.6.4-r0?arch=x86_64&distroversion=v3.21&reponame=main
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/mbedtls@3.6.4-r0%3Farch=x86_64&distroversion=v3.21&reponame=main

url	pkg:apk/alpine/mbedtls@3.6.4-r0?arch=aarch64&distroversion=v3.20&reponame=main
purl	pkg:apk/alpine/mbedtls@3.6.4-r0?arch=aarch64&distroversion=v3.20&reponame=main
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/mbedtls@3.6.4-r0%3Farch=aarch64&distroversion=v3.20&reponame=main

url	pkg:apk/alpine/mbedtls@3.6.4-r0?arch=armhf&distroversion=v3.20&reponame=main
purl	pkg:apk/alpine/mbedtls@3.6.4-r0?arch=armhf&distroversion=v3.20&reponame=main
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/mbedtls@3.6.4-r0%3Farch=armhf&distroversion=v3.20&reponame=main

url	pkg:apk/alpine/mbedtls@3.6.4-r0?arch=armv7&distroversion=v3.20&reponame=main
purl	pkg:apk/alpine/mbedtls@3.6.4-r0?arch=armv7&distroversion=v3.20&reponame=main
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/mbedtls@3.6.4-r0%3Farch=armv7&distroversion=v3.20&reponame=main

url	pkg:apk/alpine/mbedtls@3.6.4-r0?arch=ppc64le&distroversion=v3.20&reponame=main
purl	pkg:apk/alpine/mbedtls@3.6.4-r0?arch=ppc64le&distroversion=v3.20&reponame=main
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/mbedtls@3.6.4-r0%3Farch=ppc64le&distroversion=v3.20&reponame=main

url	pkg:apk/alpine/mbedtls@3.6.4-r0?arch=riscv64&distroversion=v3.20&reponame=main
purl	pkg:apk/alpine/mbedtls@3.6.4-r0?arch=riscv64&distroversion=v3.20&reponame=main
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/mbedtls@3.6.4-r0%3Farch=riscv64&distroversion=v3.20&reponame=main

url	pkg:apk/alpine/mbedtls@3.6.4-r0?arch=s390x&distroversion=v3.20&reponame=main
purl	pkg:apk/alpine/mbedtls@3.6.4-r0?arch=s390x&distroversion=v3.20&reponame=main
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/mbedtls@3.6.4-r0%3Farch=s390x&distroversion=v3.20&reponame=main

url	pkg:apk/alpine/mbedtls@3.6.4-r0?arch=x86&distroversion=v3.20&reponame=main
purl	pkg:apk/alpine/mbedtls@3.6.4-r0?arch=x86&distroversion=v3.20&reponame=main
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/mbedtls@3.6.4-r0%3Farch=x86&distroversion=v3.20&reponame=main

url	pkg:apk/alpine/mbedtls@3.6.4-r0?arch=x86_64&distroversion=v3.20&reponame=main
purl	pkg:apk/alpine/mbedtls@3.6.4-r0?arch=x86_64&distroversion=v3.20&reponame=main
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/mbedtls@3.6.4-r0%3Farch=x86_64&distroversion=v3.20&reponame=main

url	pkg:apk/alpine/mbedtls@3.6.4-r0?arch=armv7&distroversion=edge&reponame=main
purl	pkg:apk/alpine/mbedtls@3.6.4-r0?arch=armv7&distroversion=edge&reponame=main
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/mbedtls@3.6.4-r0%3Farch=armv7&distroversion=edge&reponame=main

url	pkg:apk/alpine/mbedtls@3.6.4-r0?arch=ppc64le&distroversion=edge&reponame=main
purl	pkg:apk/alpine/mbedtls@3.6.4-r0?arch=ppc64le&distroversion=edge&reponame=main
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/mbedtls@3.6.4-r0%3Farch=ppc64le&distroversion=edge&reponame=main

url	pkg:apk/alpine/mbedtls@3.6.4-r0?arch=riscv64&distroversion=edge&reponame=main
purl	pkg:apk/alpine/mbedtls@3.6.4-r0?arch=riscv64&distroversion=edge&reponame=main
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/mbedtls@3.6.4-r0%3Farch=riscv64&distroversion=edge&reponame=main

url	pkg:apk/alpine/mbedtls@3.6.4-r0?arch=s390x&distroversion=edge&reponame=main
purl	pkg:apk/alpine/mbedtls@3.6.4-r0?arch=s390x&distroversion=edge&reponame=main
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/mbedtls@3.6.4-r0%3Farch=s390x&distroversion=edge&reponame=main

url	pkg:apk/alpine/mbedtls@3.6.4-r0?arch=x86&distroversion=edge&reponame=main
purl	pkg:apk/alpine/mbedtls@3.6.4-r0?arch=x86&distroversion=edge&reponame=main
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/mbedtls@3.6.4-r0%3Farch=x86&distroversion=edge&reponame=main

url	pkg:apk/alpine/mbedtls@3.6.4-r0?arch=x86_64&distroversion=edge&reponame=main
purl	pkg:apk/alpine/mbedtls@3.6.4-r0?arch=x86_64&distroversion=edge&reponame=main
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/mbedtls@3.6.4-r0%3Farch=x86_64&distroversion=edge&reponame=main

url	pkg:apk/alpine/mbedtls@3.6.4-r0?arch=loongarch64&distroversion=edge&reponame=main
purl	pkg:apk/alpine/mbedtls@3.6.4-r0?arch=loongarch64&distroversion=edge&reponame=main
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/mbedtls@3.6.4-r0%3Farch=loongarch64&distroversion=edge&reponame=main

url	pkg:apk/alpine/mbedtls@3.6.4-r0?arch=aarch64&distroversion=edge&reponame=main
purl	pkg:apk/alpine/mbedtls@3.6.4-r0?arch=aarch64&distroversion=edge&reponame=main
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/mbedtls@3.6.4-r0%3Farch=aarch64&distroversion=edge&reponame=main

url	pkg:apk/alpine/mbedtls@3.6.4-r0?arch=armhf&distroversion=edge&reponame=main
purl	pkg:apk/alpine/mbedtls@3.6.4-r0?arch=armhf&distroversion=edge&reponame=main
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/mbedtls@3.6.4-r0%3Farch=armhf&distroversion=edge&reponame=main

url pkg:deb/debian/mbedtls@2.16.9-0.1?distro=trixie

purl pkg:deb/debian/mbedtls@2.16.9-0.1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5bxk-rknm-zfhc

vulnerability	VCID-f1fz-b8b6-dfb8

vulnerability	VCID-gvkn-6e2m-dyez

vulnerability	VCID-k8w1-nrjy-wfbe

vulnerability	VCID-kchn-2wez-bbb2

vulnerability	VCID-pj6w-rufw-nqgd

vulnerability	VCID-vp4q-81cq-33cw

vulnerability	VCID-vs6q-c4ug-xfer

vulnerability	VCID-wsvw-6tmk-3kdj

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/mbedtls@2.16.9-0.1%3Fdistro=trixie

url	pkg:deb/debian/mbedtls@2.16.9-0.1%2Bdeb11u2?distro=trixie
purl	pkg:deb/debian/mbedtls@2.16.9-0.1%2Bdeb11u2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/mbedtls@2.16.9-0.1%252Bdeb11u2%3Fdistro=trixie

url pkg:deb/debian/mbedtls@2.28.3-1

purl pkg:deb/debian/mbedtls@2.28.3-1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-4sbv-dqyv-6baw

vulnerability	VCID-5bxk-rknm-zfhc

vulnerability	VCID-7ppw-f9jy-k7ae

vulnerability	VCID-7v3a-5q44-cucz

vulnerability	VCID-98cg-wuhp-qudq

vulnerability	VCID-f1fz-b8b6-dfb8

vulnerability	VCID-gvkn-6e2m-dyez

vulnerability	VCID-kchn-2wez-bbb2

vulnerability	VCID-pj6w-rufw-nqgd

vulnerability	VCID-vp4q-81cq-33cw

vulnerability	VCID-vs6q-c4ug-xfer

vulnerability	VCID-wsvw-6tmk-3kdj

vulnerability	VCID-zpq1-dwvf-8ka2

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/mbedtls@2.28.3-1

url	pkg:deb/debian/mbedtls@3.6.4-1?distro=trixie
purl	pkg:deb/debian/mbedtls@3.6.4-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/mbedtls@3.6.4-1%3Fdistro=trixie

url pkg:deb/debian/mbedtls@3.6.5-0.1~deb13u1?distro=trixie

purl pkg:deb/debian/mbedtls@3.6.5-0.1~deb13u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-4sbv-dqyv-6baw

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/mbedtls@3.6.5-0.1~deb13u1%3Fdistro=trixie

url pkg:deb/debian/mbedtls@3.6.5-0.1~deb13u1

purl pkg:deb/debian/mbedtls@3.6.5-0.1~deb13u1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-4sbv-dqyv-6baw

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/mbedtls@3.6.5-0.1~deb13u1

url pkg:deb/debian/mbedtls@3.6.5-0.1?distro=trixie

purl pkg:deb/debian/mbedtls@3.6.5-0.1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-4sbv-dqyv-6baw

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/mbedtls@3.6.5-0.1%3Fdistro=trixie

Affected_packages

url pkg:deb/debian/mbedtls@2.4.2-1%2Bdeb9u1~bpo8%2B1

purl pkg:deb/debian/mbedtls@2.4.2-1%2Bdeb9u1~bpo8%2B1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1teg-yvuy-4kga

vulnerability	VCID-44ju-rrx6-rkcy

vulnerability	VCID-4y36-8tq3-abg6

vulnerability	VCID-5e8e-tdjb-f7c4

vulnerability	VCID-5x2e-paq2-nyf9

vulnerability	VCID-71u1-k3yx-pfgx

vulnerability	VCID-7ppw-f9jy-k7ae

vulnerability	VCID-7v3a-5q44-cucz

vulnerability	VCID-8vmc-tp28-wyae

vulnerability	VCID-9236-axrw-8qc4

vulnerability	VCID-987j-wtrr-7beu

vulnerability	VCID-98cg-wuhp-qudq

vulnerability	VCID-aw5s-tfkx-6ffv

vulnerability	VCID-dhdp-17ae-t7gf

vulnerability	VCID-ewrv-m6gm-y7hc

vulnerability	VCID-g7w2-d16t-8bd9

vulnerability	VCID-gcjd-xt4f-x3bj

vulnerability	VCID-jcnd-yb5z-p7d3

vulnerability	VCID-p4mh-ztr8-k7d6

vulnerability	VCID-pnsj-2xc8-efbr

vulnerability	VCID-rmzm-2q2n-zkdg

vulnerability	VCID-rqxq-rqxu-4fes

vulnerability	VCID-s1qx-e7uw-c3eq

vulnerability	VCID-svsq-har4-dyen

vulnerability	VCID-t2j5-4x1d-2kb1

vulnerability	VCID-wc33-4jtc-7ueu

vulnerability	VCID-x5we-9dmz-p7bh

vulnerability	VCID-x682-agtt-myf1

vulnerability	VCID-xhbs-y3dr-1kc8

vulnerability	VCID-ydp2-phc9-m7b1

vulnerability	VCID-zpq1-dwvf-8ka2

vulnerability	VCID-zyge-82z3-33eq

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/mbedtls@2.4.2-1%252Bdeb9u1~bpo8%252B1

url pkg:deb/debian/mbedtls@2.4.2-1%2Bdeb9u3

purl pkg:deb/debian/mbedtls@2.4.2-1%2Bdeb9u3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1teg-yvuy-4kga

vulnerability	VCID-44ju-rrx6-rkcy

vulnerability	VCID-4y36-8tq3-abg6

vulnerability	VCID-5e8e-tdjb-f7c4

vulnerability	VCID-5x2e-paq2-nyf9

vulnerability	VCID-71u1-k3yx-pfgx

vulnerability	VCID-7ppw-f9jy-k7ae

vulnerability	VCID-7v3a-5q44-cucz

vulnerability	VCID-8vmc-tp28-wyae

vulnerability	VCID-9236-axrw-8qc4

vulnerability	VCID-987j-wtrr-7beu

vulnerability	VCID-98cg-wuhp-qudq

vulnerability	VCID-aw5s-tfkx-6ffv

vulnerability	VCID-dhdp-17ae-t7gf

vulnerability	VCID-ewrv-m6gm-y7hc

vulnerability	VCID-g7w2-d16t-8bd9

vulnerability	VCID-gcjd-xt4f-x3bj

vulnerability	VCID-jcnd-yb5z-p7d3

vulnerability	VCID-p4mh-ztr8-k7d6

vulnerability	VCID-pnsj-2xc8-efbr

vulnerability	VCID-rmzm-2q2n-zkdg

vulnerability	VCID-rqxq-rqxu-4fes

vulnerability	VCID-s1qx-e7uw-c3eq

vulnerability	VCID-svsq-har4-dyen

vulnerability	VCID-t2j5-4x1d-2kb1

vulnerability	VCID-wc33-4jtc-7ueu

vulnerability	VCID-x5we-9dmz-p7bh

vulnerability	VCID-x682-agtt-myf1

vulnerability	VCID-xhbs-y3dr-1kc8

vulnerability	VCID-ydp2-phc9-m7b1

vulnerability	VCID-zpq1-dwvf-8ka2

vulnerability	VCID-zyge-82z3-33eq

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/mbedtls@2.4.2-1%252Bdeb9u3

url pkg:deb/debian/mbedtls@2.16.0-1

purl pkg:deb/debian/mbedtls@2.16.0-1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1teg-yvuy-4kga

vulnerability	VCID-4y36-8tq3-abg6

vulnerability	VCID-5e8e-tdjb-f7c4

vulnerability	VCID-5x2e-paq2-nyf9

vulnerability	VCID-71u1-k3yx-pfgx

vulnerability	VCID-7ppw-f9jy-k7ae

vulnerability	VCID-7v3a-5q44-cucz

vulnerability	VCID-8vmc-tp28-wyae

vulnerability	VCID-9236-axrw-8qc4

vulnerability	VCID-987j-wtrr-7beu

vulnerability	VCID-98cg-wuhp-qudq

vulnerability	VCID-ewrv-m6gm-y7hc

vulnerability	VCID-g7w2-d16t-8bd9

vulnerability	VCID-jcnd-yb5z-p7d3

vulnerability	VCID-rqxq-rqxu-4fes

vulnerability	VCID-s1qx-e7uw-c3eq

vulnerability	VCID-svsq-har4-dyen

vulnerability	VCID-t2j5-4x1d-2kb1

vulnerability	VCID-x5we-9dmz-p7bh

vulnerability	VCID-x682-agtt-myf1

vulnerability	VCID-ydp2-phc9-m7b1

vulnerability	VCID-zpq1-dwvf-8ka2

vulnerability	VCID-zyge-82z3-33eq

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/mbedtls@2.16.0-1

url pkg:deb/debian/mbedtls@2.16.9-0.1

purl pkg:deb/debian/mbedtls@2.16.9-0.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1teg-yvuy-4kga

vulnerability	VCID-5bxk-rknm-zfhc

vulnerability	VCID-5x2e-paq2-nyf9

vulnerability	VCID-7ppw-f9jy-k7ae

vulnerability	VCID-7v3a-5q44-cucz

vulnerability	VCID-8vmc-tp28-wyae

vulnerability	VCID-98cg-wuhp-qudq

vulnerability	VCID-f1fz-b8b6-dfb8

vulnerability	VCID-gvkn-6e2m-dyez

vulnerability	VCID-k8w1-nrjy-wfbe

vulnerability	VCID-kchn-2wez-bbb2

vulnerability	VCID-pj6w-rufw-nqgd

vulnerability	VCID-t2j5-4x1d-2kb1

vulnerability	VCID-vp4q-81cq-33cw

vulnerability	VCID-vs6q-c4ug-xfer

vulnerability	VCID-wsvw-6tmk-3kdj

vulnerability	VCID-x5we-9dmz-p7bh

vulnerability	VCID-zpq1-dwvf-8ka2

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/mbedtls@2.16.9-0.1

url pkg:deb/debian/mbedtls@2.28.3-1?distro=trixie

purl pkg:deb/debian/mbedtls@2.28.3-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-4sbv-dqyv-6baw

vulnerability	VCID-5bxk-rknm-zfhc

vulnerability	VCID-7ppw-f9jy-k7ae

vulnerability	VCID-7v3a-5q44-cucz

vulnerability	VCID-98cg-wuhp-qudq

vulnerability	VCID-f1fz-b8b6-dfb8

vulnerability	VCID-gvkn-6e2m-dyez

vulnerability	VCID-kchn-2wez-bbb2

vulnerability	VCID-pj6w-rufw-nqgd

vulnerability	VCID-vp4q-81cq-33cw

vulnerability	VCID-vs6q-c4ug-xfer

vulnerability	VCID-wsvw-6tmk-3kdj

vulnerability	VCID-zpq1-dwvf-8ka2

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/mbedtls@2.28.3-1%3Fdistro=trixie

url pkg:deb/debian/mbedtls@2.28.3-1

purl pkg:deb/debian/mbedtls@2.28.3-1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-4sbv-dqyv-6baw

vulnerability	VCID-5bxk-rknm-zfhc

vulnerability	VCID-7ppw-f9jy-k7ae

vulnerability	VCID-7v3a-5q44-cucz

vulnerability	VCID-98cg-wuhp-qudq

vulnerability	VCID-f1fz-b8b6-dfb8

vulnerability	VCID-gvkn-6e2m-dyez

vulnerability	VCID-kchn-2wez-bbb2

vulnerability	VCID-pj6w-rufw-nqgd

vulnerability	VCID-vp4q-81cq-33cw

vulnerability	VCID-vs6q-c4ug-xfer

vulnerability	VCID-wsvw-6tmk-3kdj

vulnerability	VCID-zpq1-dwvf-8ka2

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/mbedtls@2.28.3-1

References

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2025-48965

reference_id

reference_type

scores

value	0.00033
scoring_system	epss
scoring_elements	0.09613
published_at	2026-04-04T12:55:00Z

value	0.00033
scoring_system	epss
scoring_elements	0.09562
published_at	2026-04-02T12:55:00Z

value	0.00045
scoring_system	epss
scoring_elements	0.13755
published_at	2026-04-08T12:55:00Z

value	0.00045
scoring_system	epss
scoring_elements	0.13673
published_at	2026-04-07T12:55:00Z

value	0.00045
scoring_system	epss
scoring_elements	0.13806
published_at	2026-04-09T12:55:00Z

value	0.00045
scoring_system	epss
scoring_elements	0.13774
published_at	2026-04-11T12:55:00Z

value	0.00045
scoring_system	epss
scoring_elements	0.13737
published_at	2026-04-12T12:55:00Z

value	0.00045
scoring_system	epss
scoring_elements	0.13688
published_at	2026-04-13T12:55:00Z

value	0.0006
scoring_system	epss
scoring_elements	0.18643
published_at	2026-04-16T12:55:00Z

value	0.0006
scoring_system	epss
scoring_elements	0.18655
published_at	2026-04-18T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2025-48965

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-48965
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-48965

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1108790
reference_id	1108790
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1108790

reference_url

https://github.com/Mbed-TLS/mbedtls-docs/blob/main/security-advisories/mbedtls-security-advisory-2025-06-6.md

reference_id

mbedtls-security-advisory-2025-06-6.md

reference_type

scores

value	4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:N/A:L

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-07-23T14:32:31Z/

url

https://github.com/Mbed-TLS/mbedtls-docs/blob/main/security-advisories/mbedtls-security-advisory-2025-06-6.md

reference_url

https://mbed-tls.readthedocs.io/en/latest/tech-updates/security-advisories/

reference_id

security-advisories

reference_type

scores

value	4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:N/A:L

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-07-23T14:32:31Z/

url

https://mbed-tls.readthedocs.io/en/latest/tech-updates/security-advisories/

reference_url	https://usn.ubuntu.com/8123-1/
reference_id	USN-8123-1
reference_type
scores
url	https://usn.ubuntu.com/8123-1/

Weaknesses

cwe_id	696
name	Incorrect Behavior Order
description	The product performs multiple related behaviors, but the behaviors are performed in the wrong order in ways which may produce resultant weaknesses.

Exploits

Severity_range_score 4.0 - 4.0

Exploitability 0.5

Weighted_severity 3.6

Risk_score 1.8

Resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-7v3a-5q44-cucz

Vulnerability Instance