Django REST framework

Vulnerability Instance

Lookup for vulnerabilities affecting packages.

Vulnerability_idVCID-ewv4-4dk9-8bew
Summary389-ds-base: Password verification vulnerable to timing attack
Aliases
0
alias CVE-2016-5405
Fixed_packages
0
url pkg:deb/debian/389-ds-base@1.3.5.15-1?distro=trixie
purl pkg:deb/debian/389-ds-base@1.3.5.15-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/389-ds-base@1.3.5.15-1%3Fdistro=trixie
1
url pkg:deb/debian/389-ds-base@1.3.5.17-2
purl pkg:deb/debian/389-ds-base@1.3.5.17-2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1cnv-xra9-d7fw
1
vulnerability VCID-1emx-jre5-v7dm
2
vulnerability VCID-3paj-fqdp-yyg3
3
vulnerability VCID-4tdy-umt6-4ubr
4
vulnerability VCID-4tn2-her5-6fe1
5
vulnerability VCID-77rw-db6h-hya9
6
vulnerability VCID-7teh-3vk4-a7du
7
vulnerability VCID-f3t3-vxrz-8uew
8
vulnerability VCID-gmg8-mepq-87ez
9
vulnerability VCID-hjvf-3mm8-xfhq
10
vulnerability VCID-hvag-zpvk-vqbw
11
vulnerability VCID-jge6-uqra-yba1
12
vulnerability VCID-kkeh-mm7b-quc4
13
vulnerability VCID-knxk-357y-efhh
14
vulnerability VCID-pexr-smr8-gbhh
15
vulnerability VCID-qkca-awn5-hfas
16
vulnerability VCID-qv4g-5kzs-9kfa
17
vulnerability VCID-rffx-mwhe-tqe5
18
vulnerability VCID-s9es-be9s-t3h3
19
vulnerability VCID-vu7g-kqpe-83hq
20
vulnerability VCID-vx15-pahy-ufbn
21
vulnerability VCID-wcyy-45hw-2fc6
22
vulnerability VCID-x8k9-na1n-8fgj
23
vulnerability VCID-yaw8-dzr7-hyha
24
vulnerability VCID-z7kp-3dwk-wkgr
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/389-ds-base@1.3.5.17-2
2
url pkg:deb/debian/389-ds-base@1.4.4.11-2?distro=trixie
purl pkg:deb/debian/389-ds-base@1.4.4.11-2?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-63rm-mq1r-5fbz
1
vulnerability VCID-6f2q-qatg-kucr
2
vulnerability VCID-bpw5-xeju-93f3
3
vulnerability VCID-kbvd-dfmn-buat
4
vulnerability VCID-pqe1-ewjj-uqbn
5
vulnerability VCID-xs3r-chc9-27dr
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/389-ds-base@1.4.4.11-2%3Fdistro=trixie
3
url pkg:deb/debian/389-ds-base@2.3.1%2Bdfsg1-1%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/389-ds-base@2.3.1%2Bdfsg1-1%2Bdeb12u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-6f2q-qatg-kucr
1
vulnerability VCID-bpw5-xeju-93f3
2
vulnerability VCID-kbvd-dfmn-buat
3
vulnerability VCID-pqe1-ewjj-uqbn
4
vulnerability VCID-xs3r-chc9-27dr
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/389-ds-base@2.3.1%252Bdfsg1-1%252Bdeb12u1%3Fdistro=trixie
4
url pkg:deb/debian/389-ds-base@3.1.2%2Bdfsg1-1?distro=trixie
purl pkg:deb/debian/389-ds-base@3.1.2%2Bdfsg1-1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-pqe1-ewjj-uqbn
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/389-ds-base@3.1.2%252Bdfsg1-1%3Fdistro=trixie
5
url pkg:deb/debian/389-ds-base@3.1.2%2Bvendor1-1?distro=trixie
purl pkg:deb/debian/389-ds-base@3.1.2%2Bvendor1-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/389-ds-base@3.1.2%252Bvendor1-1%3Fdistro=trixie
6
url pkg:deb/debian/389-ds-base@3.1.2%2Bvendor1-2?distro=trixie
purl pkg:deb/debian/389-ds-base@3.1.2%2Bvendor1-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/389-ds-base@3.1.2%252Bvendor1-2%3Fdistro=trixie
Affected_packages
0
url pkg:deb/debian/389-ds-base@1.3.3.5-4
purl pkg:deb/debian/389-ds-base@1.3.3.5-4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1cnv-xra9-d7fw
1
vulnerability VCID-1emx-jre5-v7dm
2
vulnerability VCID-34te-4xhe-17h2
3
vulnerability VCID-3paj-fqdp-yyg3
4
vulnerability VCID-4tdy-umt6-4ubr
5
vulnerability VCID-4tn2-her5-6fe1
6
vulnerability VCID-77rw-db6h-hya9
7
vulnerability VCID-7teh-3vk4-a7du
8
vulnerability VCID-ewv4-4dk9-8bew
9
vulnerability VCID-f3t3-vxrz-8uew
10
vulnerability VCID-gmg8-mepq-87ez
11
vulnerability VCID-gmpt-rg5q-n3dk
12
vulnerability VCID-hjvf-3mm8-xfhq
13
vulnerability VCID-hvag-zpvk-vqbw
14
vulnerability VCID-jge6-uqra-yba1
15
vulnerability VCID-kkeh-mm7b-quc4
16
vulnerability VCID-knxk-357y-efhh
17
vulnerability VCID-n9jd-zew1-77d7
18
vulnerability VCID-pexr-smr8-gbhh
19
vulnerability VCID-qkca-awn5-hfas
20
vulnerability VCID-qv4g-5kzs-9kfa
21
vulnerability VCID-rffx-mwhe-tqe5
22
vulnerability VCID-s9es-be9s-t3h3
23
vulnerability VCID-vu7g-kqpe-83hq
24
vulnerability VCID-vx15-pahy-ufbn
25
vulnerability VCID-wcyy-45hw-2fc6
26
vulnerability VCID-wk61-n55m-j3fg
27
vulnerability VCID-wqg4-uer5-u3fd
28
vulnerability VCID-x8k9-na1n-8fgj
29
vulnerability VCID-xq1g-upbu-x7dp
30
vulnerability VCID-yaw8-dzr7-hyha
31
vulnerability VCID-z7kp-3dwk-wkgr
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/389-ds-base@1.3.3.5-4
1
url pkg:rpm/redhat/389-ds-base@1.2.11.15-84?arch=el6_8
purl pkg:rpm/redhat/389-ds-base@1.2.11.15-84?arch=el6_8
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-ewv4-4dk9-8bew
1
vulnerability VCID-v2zu-5qpd-6qfv
2
vulnerability VCID-wqg4-uer5-u3fd
resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/389-ds-base@1.2.11.15-84%3Farch=el6_8
2
url pkg:rpm/redhat/389-ds-base@1.3.5.10-11?arch=el7
purl pkg:rpm/redhat/389-ds-base@1.3.5.10-11?arch=el7
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-ewv4-4dk9-8bew
1
vulnerability VCID-v2zu-5qpd-6qfv
2
vulnerability VCID-wqg4-uer5-u3fd
resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/389-ds-base@1.3.5.10-11%3Farch=el7
References
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5405.json
reference_id
reference_type
scores
0
value 6.8
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:N/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5405.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-5405
reference_id
reference_type
scores
0
value 0.00593
scoring_system epss
scoring_elements 0.69188
published_at 2026-04-01T12:55:00Z
1
value 0.00593
scoring_system epss
scoring_elements 0.69203
published_at 2026-04-02T12:55:00Z
2
value 0.00593
scoring_system epss
scoring_elements 0.69224
published_at 2026-04-04T12:55:00Z
3
value 0.00593
scoring_system epss
scoring_elements 0.69207
published_at 2026-04-07T12:55:00Z
4
value 0.00593
scoring_system epss
scoring_elements 0.69257
published_at 2026-04-08T12:55:00Z
5
value 0.00593
scoring_system epss
scoring_elements 0.69275
published_at 2026-04-09T12:55:00Z
6
value 0.00593
scoring_system epss
scoring_elements 0.69297
published_at 2026-04-11T12:55:00Z
7
value 0.00593
scoring_system epss
scoring_elements 0.69282
published_at 2026-04-12T12:55:00Z
8
value 0.00593
scoring_system epss
scoring_elements 0.69253
published_at 2026-04-13T12:55:00Z
9
value 0.00593
scoring_system epss
scoring_elements 0.69292
published_at 2026-04-16T12:55:00Z
10
value 0.00593
scoring_system epss
scoring_elements 0.69301
published_at 2026-04-18T12:55:00Z
11
value 0.00593
scoring_system epss
scoring_elements 0.69281
published_at 2026-04-21T12:55:00Z
12
value 0.00593
scoring_system epss
scoring_elements 0.69332
published_at 2026-04-24T12:55:00Z
13
value 0.00593
scoring_system epss
scoring_elements 0.69339
published_at 2026-04-26T12:55:00Z
14
value 0.00593
scoring_system epss
scoring_elements 0.69346
published_at 2026-04-29T12:55:00Z
15
value 0.00593
scoring_system epss
scoring_elements 0.69324
published_at 2026-05-05T12:55:00Z
16
value 0.00593
scoring_system epss
scoring_elements 0.69366
published_at 2026-05-07T12:55:00Z
17
value 0.00593
scoring_system epss
scoring_elements 0.69402
published_at 2026-05-09T12:55:00Z
18
value 0.00593
scoring_system epss
scoring_elements 0.6937
published_at 2026-05-11T12:55:00Z
19
value 0.00593
scoring_system epss
scoring_elements 0.69395
published_at 2026-05-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-5405
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5405
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5405
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 2.6
scoring_system cvssv2
scoring_elements AV:N/AC:H/Au:N/C:P/I:N/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1358865
reference_id 1358865
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1358865
5
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=842121
reference_id 842121
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=842121
6
reference_url https://access.redhat.com/errata/RHSA-2016:2594
reference_id RHSA-2016:2594
reference_type
scores
url https://access.redhat.com/errata/RHSA-2016:2594
7
reference_url https://access.redhat.com/errata/RHSA-2016:2765
reference_id RHSA-2016:2765
reference_type
scores
url https://access.redhat.com/errata/RHSA-2016:2765
Weaknesses
0
cwe_id 385
name Covert Timing Channel
description Covert timing channels convey information by modulating some aspect of system behavior over time, so that the program receiving the information can observe system behavior and infer protected information.
Exploits
Severity_range_score2.6 - 6.8
Exploitability0.5
Weighted_severity6.1
Risk_score3.0
Resource_urlhttp://public2.vulnerablecode.io/vulnerabilities/VCID-ewv4-4dk9-8bew