Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:apk/alpine/glib-networking@2.64.3-r0?arch=riscv64&distroversion=v3.20&reponame=community
Typeapk
Namespacealpine
Nameglib-networking
Version2.64.3-r0
Qualifiers
arch riscv64
distroversion v3.20
reponame community
Subpath
Is_vulnerablefalse
Next_non_vulnerable_versionnull
Latest_non_vulnerable_versionnull
Affected_by_vulnerabilities
Fixing_vulnerabilities
0
url VCID-wh3w-f9zg-fkam
vulnerability_id VCID-wh3w-f9zg-fkam
summary In GNOME glib-networking through 2.64.2, the implementation of GTlsClientConnection skips hostname verification of the server's TLS certificate if the application fails to specify the expected server identity. This is in contrast to its intended documented behavior, to fail the certificate verification. Applications that fail to provide the server identity, including Balsa before 2.5.11 and 2.6.x before 2.6.1, accept a TLS certificate if the certificate is valid for any host.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-13645.json
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-13645.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-13645
reference_id
reference_type
scores
0
value 0.0046
scoring_system epss
scoring_elements 0.64427
published_at 2026-06-04T12:55:00Z
1
value 0.0046
scoring_system epss
scoring_elements 0.6447
published_at 2026-06-05T12:55:00Z
2
value 0.0046
scoring_system epss
scoring_elements 0.64479
published_at 2026-06-06T12:55:00Z
3
value 0.0046
scoring_system epss
scoring_elements 0.64466
published_at 2026-06-07T12:55:00Z
4
value 0.0046
scoring_system epss
scoring_elements 0.64456
published_at 2026-06-08T12:55:00Z
5
value 0.0046
scoring_system epss
scoring_elements 0.64476
published_at 2026-06-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-13645
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13645
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13645
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1842645
reference_id 1842645
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1842645
5
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=961756
reference_id 961756
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=961756
6
reference_url https://security.gentoo.org/glsa/202007-50
reference_id GLSA-202007-50
reference_type
scores
url https://security.gentoo.org/glsa/202007-50
7
reference_url https://usn.ubuntu.com/4405-1/
reference_id USN-4405-1
reference_type
scores
url https://usn.ubuntu.com/4405-1/
fixed_packages
0
url pkg:apk/alpine/glib-networking@2.64.3-r0?arch=riscv64&distroversion=v3.20&reponame=community
purl pkg:apk/alpine/glib-networking@2.64.3-r0?arch=riscv64&distroversion=v3.20&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/glib-networking@2.64.3-r0%3Farch=riscv64&distroversion=v3.20&reponame=community
aliases CVE-2020-13645
risk_score 3.0
exploitability 0.5
weighted_severity 5.9
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-wh3w-f9zg-fkam
Risk_scorenull
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:apk/alpine/glib-networking@2.64.3-r0%3Farch=riscv64&distroversion=v3.20&reponame=community