Django REST framework

Vulnerability Instance

Lookup for vulnerabilities affecting packages.

Vulnerability_idVCID-bpw5-xeju-93f3
SummaryRHDS: LDAP browser tries to decode userPassword instead of userCertificate attribute
Aliases
0
alias CVE-2023-1055
Fixed_packages
0
url pkg:deb/debian/389-ds-base@2.3.4%2Bdfsg1-1?distro=trixie
purl pkg:deb/debian/389-ds-base@2.3.4%2Bdfsg1-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/389-ds-base@2.3.4%252Bdfsg1-1%3Fdistro=trixie
1
url pkg:deb/debian/389-ds-base@3.1.2%2Bdfsg1-1
purl pkg:deb/debian/389-ds-base@3.1.2%2Bdfsg1-1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-pqe1-ewjj-uqbn
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/389-ds-base@3.1.2%252Bdfsg1-1
2
url pkg:deb/debian/389-ds-base@3.1.2%2Bdfsg1-1?distro=trixie
purl pkg:deb/debian/389-ds-base@3.1.2%2Bdfsg1-1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-pqe1-ewjj-uqbn
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/389-ds-base@3.1.2%252Bdfsg1-1%3Fdistro=trixie
3
url pkg:deb/debian/389-ds-base@3.1.2%2Bvendor1-1?distro=trixie
purl pkg:deb/debian/389-ds-base@3.1.2%2Bvendor1-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/389-ds-base@3.1.2%252Bvendor1-1%3Fdistro=trixie
4
url pkg:deb/debian/389-ds-base@3.1.2%2Bvendor1-2?distro=trixie
purl pkg:deb/debian/389-ds-base@3.1.2%2Bvendor1-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/389-ds-base@3.1.2%252Bvendor1-2%3Fdistro=trixie
Affected_packages
0
url pkg:deb/debian/389-ds-base@1.4.4.11-2
purl pkg:deb/debian/389-ds-base@1.4.4.11-2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-4tdy-umt6-4ubr
1
vulnerability VCID-63rm-mq1r-5fbz
2
vulnerability VCID-6f2q-qatg-kucr
3
vulnerability VCID-77rw-db6h-hya9
4
vulnerability VCID-bpw5-xeju-93f3
5
vulnerability VCID-hjvf-3mm8-xfhq
6
vulnerability VCID-kbvd-dfmn-buat
7
vulnerability VCID-knxk-357y-efhh
8
vulnerability VCID-pqe1-ewjj-uqbn
9
vulnerability VCID-qkca-awn5-hfas
10
vulnerability VCID-qv4g-5kzs-9kfa
11
vulnerability VCID-rffx-mwhe-tqe5
12
vulnerability VCID-vx15-pahy-ufbn
13
vulnerability VCID-x8k9-na1n-8fgj
14
vulnerability VCID-xs3r-chc9-27dr
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/389-ds-base@1.4.4.11-2
1
url pkg:deb/debian/389-ds-base@1.4.4.11-2?distro=trixie
purl pkg:deb/debian/389-ds-base@1.4.4.11-2?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-63rm-mq1r-5fbz
1
vulnerability VCID-6f2q-qatg-kucr
2
vulnerability VCID-bpw5-xeju-93f3
3
vulnerability VCID-kbvd-dfmn-buat
4
vulnerability VCID-pqe1-ewjj-uqbn
5
vulnerability VCID-xs3r-chc9-27dr
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/389-ds-base@1.4.4.11-2%3Fdistro=trixie
2
url pkg:deb/debian/389-ds-base@2.3.1%2Bdfsg1-1%2Bdeb12u1
purl pkg:deb/debian/389-ds-base@2.3.1%2Bdfsg1-1%2Bdeb12u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-6f2q-qatg-kucr
1
vulnerability VCID-bpw5-xeju-93f3
2
vulnerability VCID-kbvd-dfmn-buat
3
vulnerability VCID-pqe1-ewjj-uqbn
4
vulnerability VCID-xs3r-chc9-27dr
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/389-ds-base@2.3.1%252Bdfsg1-1%252Bdeb12u1
3
url pkg:deb/debian/389-ds-base@2.3.1%2Bdfsg1-1%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/389-ds-base@2.3.1%2Bdfsg1-1%2Bdeb12u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-6f2q-qatg-kucr
1
vulnerability VCID-bpw5-xeju-93f3
2
vulnerability VCID-kbvd-dfmn-buat
3
vulnerability VCID-pqe1-ewjj-uqbn
4
vulnerability VCID-xs3r-chc9-27dr
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/389-ds-base@2.3.1%252Bdfsg1-1%252Bdeb12u1%3Fdistro=trixie
References
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-1055.json
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-1055.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2023-1055
reference_id
reference_type
scores
0
value 0.00063
scoring_system epss
scoring_elements 0.19886
published_at 2026-04-02T12:55:00Z
1
value 0.00063
scoring_system epss
scoring_elements 0.19508
published_at 2026-05-07T12:55:00Z
2
value 0.00063
scoring_system epss
scoring_elements 0.19536
published_at 2026-04-29T12:55:00Z
3
value 0.00063
scoring_system epss
scoring_elements 0.19419
published_at 2026-05-05T12:55:00Z
4
value 0.00063
scoring_system epss
scoring_elements 0.19943
published_at 2026-04-04T12:55:00Z
5
value 0.00063
scoring_system epss
scoring_elements 0.1967
published_at 2026-04-07T12:55:00Z
6
value 0.00063
scoring_system epss
scoring_elements 0.1975
published_at 2026-04-08T12:55:00Z
7
value 0.00063
scoring_system epss
scoring_elements 0.19801
published_at 2026-04-09T12:55:00Z
8
value 0.00063
scoring_system epss
scoring_elements 0.19806
published_at 2026-04-11T12:55:00Z
9
value 0.00063
scoring_system epss
scoring_elements 0.19761
published_at 2026-04-12T12:55:00Z
10
value 0.00063
scoring_system epss
scoring_elements 0.19704
published_at 2026-04-13T12:55:00Z
11
value 0.00063
scoring_system epss
scoring_elements 0.1968
published_at 2026-04-16T12:55:00Z
12
value 0.00063
scoring_system epss
scoring_elements 0.19682
published_at 2026-04-18T12:55:00Z
13
value 0.00063
scoring_system epss
scoring_elements 0.19695
published_at 2026-04-21T12:55:00Z
14
value 0.00063
scoring_system epss
scoring_elements 0.19586
published_at 2026-04-24T12:55:00Z
15
value 0.00063
scoring_system epss
scoring_elements 0.19573
published_at 2026-04-26T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2023-1055
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1055
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1055
3
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1034891
reference_id 1034891
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1034891
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2173517
reference_id 2173517
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2173517
5
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MZOYQ5TCV6ZEPMDV4CSLK3KINAAO4SRI/
reference_id MZOYQ5TCV6ZEPMDV4CSLK3KINAAO4SRI
reference_type
scores
0
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-11T14:02:37Z/
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MZOYQ5TCV6ZEPMDV4CSLK3KINAAO4SRI/
6
reference_url https://access.redhat.com/errata/RHSA-2023:3489
reference_id RHSA-2023:3489
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:3489
7
reference_url https://access.redhat.com/errata/RHSA-2023:4655
reference_id RHSA-2023:4655
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:4655
8
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2173517#c0
reference_id show_bug.cgi?id=2173517#c0
reference_type
scores
0
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-11T14:02:37Z/
url https://bugzilla.redhat.com/show_bug.cgi?id=2173517#c0
Weaknesses
0
cwe_id 295
name Improper Certificate Validation
description The product does not validate, or incorrectly validates, a certificate.
1
cwe_id 200
name Exposure of Sensitive Information to an Unauthorized Actor
description The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.
Exploits
Severity_range_score5.5 - 5.5
Exploitability0.5
Weighted_severity5.0
Risk_score2.5
Resource_urlhttp://public2.vulnerablecode.io/vulnerabilities/VCID-bpw5-xeju-93f3