Django REST framework

Vulnerability Instance

Lookup for vulnerabilities affecting packages.

Vulnerability_idVCID-5uhj-29cr-ckgd
SummaryDuplicate Advisory: phpseclib: guardrails needed on isPrime and randomPrime
Aliases
0
alias GHSA-hg35-mp25-qf6h
Fixed_packages
0
url pkg:composer/phpseclib/phpseclib@1.0.23
purl pkg:composer/phpseclib/phpseclib@1.0.23
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-96xr-m836-f7cq
1
vulnerability VCID-ejz5-zmbt-afbg
2
vulnerability VCID-hyua-p4yb-byh1
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/phpseclib/phpseclib@1.0.23
1
url pkg:composer/phpseclib/phpseclib@2.0.47
purl pkg:composer/phpseclib/phpseclib@2.0.47
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-96xr-m836-f7cq
1
vulnerability VCID-ejz5-zmbt-afbg
2
vulnerability VCID-hyua-p4yb-byh1
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/phpseclib/phpseclib@2.0.47
2
url pkg:composer/phpseclib/phpseclib@3.0.36
purl pkg:composer/phpseclib/phpseclib@3.0.36
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-96xr-m836-f7cq
1
vulnerability VCID-ejz5-zmbt-afbg
2
vulnerability VCID-hyua-p4yb-byh1
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/phpseclib/phpseclib@3.0.36
Affected_packages
0
url pkg:composer/phpseclib/phpseclib@1.0.0
purl pkg:composer/phpseclib/phpseclib@1.0.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1qj3-a1sx-kubr
1
vulnerability VCID-5uhj-29cr-ckgd
2
vulnerability VCID-96xr-m836-f7cq
3
vulnerability VCID-a1e2-pwtb-zqd1
4
vulnerability VCID-c8yh-8mt5-2qf1
5
vulnerability VCID-ejz5-zmbt-afbg
6
vulnerability VCID-hyua-p4yb-byh1
7
vulnerability VCID-j8qm-692k-bybp
8
vulnerability VCID-mc2v-gtgm-d3g5
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/phpseclib/phpseclib@1.0.0
1
url pkg:composer/phpseclib/phpseclib@2.0.0
purl pkg:composer/phpseclib/phpseclib@2.0.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1qj3-a1sx-kubr
1
vulnerability VCID-5uhj-29cr-ckgd
2
vulnerability VCID-96xr-m836-f7cq
3
vulnerability VCID-a1e2-pwtb-zqd1
4
vulnerability VCID-c8yh-8mt5-2qf1
5
vulnerability VCID-ejz5-zmbt-afbg
6
vulnerability VCID-hyua-p4yb-byh1
7
vulnerability VCID-j8qm-692k-bybp
8
vulnerability VCID-mc2v-gtgm-d3g5
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/phpseclib/phpseclib@2.0.0
2
url pkg:composer/phpseclib/phpseclib@3.0.0
purl pkg:composer/phpseclib/phpseclib@3.0.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1qj3-a1sx-kubr
1
vulnerability VCID-4x2v-6awj-t7ae
2
vulnerability VCID-5uhj-29cr-ckgd
3
vulnerability VCID-96xr-m836-f7cq
4
vulnerability VCID-a1e2-pwtb-zqd1
5
vulnerability VCID-c8yh-8mt5-2qf1
6
vulnerability VCID-ejz5-zmbt-afbg
7
vulnerability VCID-hyua-p4yb-byh1
8
vulnerability VCID-j8qm-692k-bybp
9
vulnerability VCID-j96y-epag-6kbd
10
vulnerability VCID-k7qp-9g66-rugk
11
vulnerability VCID-mc2v-gtgm-d3g5
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/phpseclib/phpseclib@3.0.0
References
0
reference_url https://github.com/phpseclib/phpseclib
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/phpseclib/phpseclib
1
reference_url https://github.com/phpseclib/phpseclib/commit/2870c8fab3f132d2ed40a66c97a36fe5ab625698
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/phpseclib/phpseclib/commit/2870c8fab3f132d2ed40a66c97a36fe5ab625698
2
reference_url https://github.com/phpseclib/phpseclib/commit/ad5dbdf2129f5e0fb644637770b7f33de8ca8575
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/phpseclib/phpseclib/commit/ad5dbdf2129f5e0fb644637770b7f33de8ca8575
3
reference_url https://github.com/phpseclib/phpseclib/commit/c55b75199ec8d12cec6eadf6da99da4a3712fe56
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/phpseclib/phpseclib/commit/c55b75199ec8d12cec6eadf6da99da4a3712fe56
4
reference_url https://nvd.nist.gov/vuln/detail/CVE-2024-27354
reference_id CVE-2024-27354
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2024-27354
5
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/phpseclib/phpseclib/CVE-2024-27354.yaml
reference_id CVE-2024-27354.YAML
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/phpseclib/phpseclib/CVE-2024-27354.yaml
6
reference_url https://github.com/advisories/GHSA-hg35-mp25-qf6h
reference_id GHSA-hg35-mp25-qf6h
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
2
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
3
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/advisories/GHSA-hg35-mp25-qf6h
Weaknesses
0
cwe_id 400
name Uncontrolled Resource Consumption
description The product does not properly control the allocation and maintenance of a limited resource, thereby enabling an actor to influence the amount of resources consumed, eventually leading to the exhaustion of available resources.
1
cwe_id 937
name OWASP Top Ten 2013 Category A9 - Using Components with Known Vulnerabilities
description Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2013.
2
cwe_id 1035
name OWASP Top Ten 2017 Category A9 - Using Components with Known Vulnerabilities
description Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2017.
Exploits
Severity_range_score7.0 - 8.9
Exploitability0.5
Weighted_severity8.0
Risk_score4.0
Resource_urlhttp://public2.vulnerablecode.io/vulnerabilities/VCID-5uhj-29cr-ckgd