Django REST framework

Lookup for vulnerable packages by Package URL.

Purl pkg:pypi/netius@0.8.4

Type pypi

Namespace

Name netius

Version 0.8.4

Qualifiers

Subpath

Is_vulnerable true

Next_non_vulnerable_version 1.17.58

Latest_non_vulnerable_version 1.17.58

Affected_by_vulnerabilities

url VCID-82n4-wc6g-wua6

vulnerability_id VCID-82n4-wc6g-wua6

summary netius prior to 1.17.58 is vulnerable to HTTP Request Smuggling. HTTP pipelining issues and request smuggling attacks might be possible due to incorrect Transfer encoding header parsing which could allow for CL:TE or TE:TE attacks.

references

reference_url	https://github.com/advisories/GHSA-wm2m-xrrp-j74c
reference_id
reference_type
scores
url	https://github.com/advisories/GHSA-wm2m-xrrp-j74c

reference_url	https://snyk.io/vuln/SNYK-PYTHON-NETIUS-569141
reference_id
reference_type
scores
url	https://snyk.io/vuln/SNYK-PYTHON-NETIUS-569141

fixed_packages

url	pkg:pypi/netius@1.17.58
purl	pkg:pypi/netius@1.17.58
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:pypi/netius@1.17.58

aliases CVE-2020-7655, GHSA-wm2m-xrrp-j74c, PYSEC-2020-242, SNYK-PYTHON-NETIUS-569141

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-82n4-wc6g-wua6

Fixing_vulnerabilities

Risk_score null

Resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/netius@0.8.4

Package Instance