Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:apk/alpine/strongswan@5.9.10-r0?arch=aarch64&distroversion=v3.20&reponame=main
Typeapk
Namespacealpine
Namestrongswan
Version5.9.10-r0
Qualifiers
arch aarch64
distroversion v3.20
reponame main
Subpath
Is_vulnerablefalse
Next_non_vulnerable_version5.9.12-r0
Latest_non_vulnerable_version5.9.13-r2
Affected_by_vulnerabilities
Fixing_vulnerabilities
0
url VCID-m93x-ug6j-dfbt
vulnerability_id VCID-m93x-ug6j-dfbt
summary strongSwan 5.9.8 and 5.9.9 potentially allows remote code execution because it uses a variable named "public" for two different purposes within the same function. There is initially incorrect access control, later followed by an expired pointer dereference. One attack vector is sending an untrusted client certificate during EAP-TLS. A server is affected only if it loads plugins that implement TLS-based EAP methods (EAP-TLS, EAP-TTLS, EAP-PEAP, or EAP-TNC). This is fixed in 5.9.10.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2023-26463
reference_id
reference_type
scores
0
value 0.11537
scoring_system epss
scoring_elements 0.93777
published_at 2026-06-09T12:55:00Z
1
value 0.11811
scoring_system epss
scoring_elements 0.93846
published_at 2026-06-04T12:55:00Z
2
value 0.11811
scoring_system epss
scoring_elements 0.93856
published_at 2026-06-05T12:55:00Z
3
value 0.11811
scoring_system epss
scoring_elements 0.93855
published_at 2026-06-07T12:55:00Z
4
value 0.11811
scoring_system epss
scoring_elements 0.93854
published_at 2026-06-08T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2023-26463
1
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
2
reference_url https://security.gentoo.org/glsa/202405-08
reference_id GLSA-202405-08
reference_type
scores
url https://security.gentoo.org/glsa/202405-08
3
reference_url https://security.netapp.com/advisory/ntap-20230517-0010/
reference_id ntap-20230517-0010
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-07T21:14:51Z/
url https://security.netapp.com/advisory/ntap-20230517-0010/
4
reference_url https://github.com/strongswan/strongswan/releases
reference_id releases
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-07T21:14:51Z/
url https://github.com/strongswan/strongswan/releases
5
reference_url https://www.strongswan.org/blog/2023/03/02/strongswan-vulnerability-%28cve-2023-26463%29.html
reference_id strongswan-vulnerability-%28cve-2023-26463%29.html
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-07T21:14:51Z/
url https://www.strongswan.org/blog/2023/03/02/strongswan-vulnerability-%28cve-2023-26463%29.html
fixed_packages
0
url pkg:apk/alpine/strongswan@5.9.10-r0?arch=aarch64&distroversion=v3.20&reponame=main
purl pkg:apk/alpine/strongswan@5.9.10-r0?arch=aarch64&distroversion=v3.20&reponame=main
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/strongswan@5.9.10-r0%3Farch=aarch64&distroversion=v3.20&reponame=main
aliases CVE-2023-26463
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-m93x-ug6j-dfbt
Risk_scorenull
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:apk/alpine/strongswan@5.9.10-r0%3Farch=aarch64&distroversion=v3.20&reponame=main