Django REST framework

Lookup for vulnerabilities affecting packages.

Vulnerability_id VCID-3h2u-xpb3-guag

Summary ruby: openssl: Ruby Marvin Attack

Aliases

alias	CVE-2025-0306

Fixed_packages

url	pkg:deb/debian/ruby3.3@0?distro=trixie
purl	pkg:deb/debian/ruby3.3@0?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/ruby3.3@0%3Fdistro=trixie

url	pkg:deb/debian/ruby3.3@3.3.8-2?distro=trixie
purl	pkg:deb/debian/ruby3.3@3.3.8-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/ruby3.3@3.3.8-2%3Fdistro=trixie

Affected_packages

References

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-0306.json

reference_id

reference_type

scores

value	7.4
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-0306.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2025-0306

reference_id

reference_type

scores

value	0.00437
scoring_system	epss
scoring_elements	0.63111
published_at	2026-05-07T12:55:00Z

value	0.00437
scoring_system	epss
scoring_elements	0.63008
published_at	2026-04-02T12:55:00Z

value	0.00437
scoring_system	epss
scoring_elements	0.63108
published_at	2026-04-26T12:55:00Z

value	0.00437
scoring_system	epss
scoring_elements	0.63107
published_at	2026-04-29T12:55:00Z

value	0.00437
scoring_system	epss
scoring_elements	0.63064
published_at	2026-05-05T12:55:00Z

value	0.00437
scoring_system	epss
scoring_elements	0.63038
published_at	2026-04-04T12:55:00Z

value	0.00437
scoring_system	epss
scoring_elements	0.63002
published_at	2026-04-07T12:55:00Z

value	0.00437
scoring_system	epss
scoring_elements	0.63053
published_at	2026-04-08T12:55:00Z

value	0.00437
scoring_system	epss
scoring_elements	0.63069
published_at	2026-04-09T12:55:00Z

value	0.00437
scoring_system	epss
scoring_elements	0.63086
published_at	2026-04-16T12:55:00Z

value	0.00437
scoring_system	epss
scoring_elements	0.63072
published_at	2026-04-12T12:55:00Z

value	0.00437
scoring_system	epss
scoring_elements	0.6305
published_at	2026-04-13T12:55:00Z

value	0.00437
scoring_system	epss
scoring_elements	0.63094
published_at	2026-04-24T12:55:00Z

value	0.00437
scoring_system	epss
scoring_elements	0.63073
published_at	2026-04-21T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2025-0306

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-0306
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-0306

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	7.4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

https://bugzilla.redhat.com/show_bug.cgi?id=2336100

reference_id

2336100

reference_type

scores

value	7.4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-01-09T16:22:38Z/

url

https://bugzilla.redhat.com/show_bug.cgi?id=2336100

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:storage:3
reference_id	cpe:/a:redhat:storage:3
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:storage:3

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10
reference_id	cpe:/o:redhat:enterprise_linux:10
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6
reference_id	cpe:/o:redhat:enterprise_linux:6
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7
reference_id	cpe:/o:redhat:enterprise_linux:7
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8
reference_id	cpe:/o:redhat:enterprise_linux:8
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9
reference_id	cpe:/o:redhat:enterprise_linux:9
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9

reference_url

https://access.redhat.com/security/cve/CVE-2025-0306

reference_id

CVE-2025-0306

reference_type

scores

value	7.4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-01-09T16:22:38Z/

url

https://access.redhat.com/security/cve/CVE-2025-0306

Weaknesses

cwe_id	385
name	Covert Timing Channel
description	Covert timing channels convey information by modulating some aspect of system behavior over time, so that the program receiving the information can observe system behavior and infer protected information.

Exploits

Severity_range_score 7.4 - 7.4

Exploitability null

Weighted_severity null

Risk_score null

Resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-3h2u-xpb3-guag

Vulnerability Instance