Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:npm/keystone@0.0.14
Typenpm
Namespace
Namekeystone
Version0.0.14
Qualifiers
Subpath
Is_vulnerabletrue
Next_non_vulnerable_version1.0.2
Latest_non_vulnerable_version5.5.1
Affected_by_vulnerabilities
0
url VCID-2yxf-3ebk-nbeu
vulnerability_id VCID-2yxf-3ebk-nbeu
summary 
Improper Input Validation
CSV Injection via a value that is mishandled in a CSV export.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2017-15879
reference_id
reference_type
scores
0
value 0.09815
scoring_system epss
scoring_elements 0.93112
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2017-15879
1
reference_url https://github.com/advisories/GHSA-6494-v9fq-fgq2
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/advisories/GHSA-6494-v9fq-fgq2
2
reference_url https://github.com/keystonejs/keystone/pull/4478
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/keystonejs/keystone/pull/4478
3
reference_url https://packetstormsecurity.com/files/144755/KeystoneJS-4.0.0-beta.5-Unauthenticated-CSV-Injection.html
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://packetstormsecurity.com/files/144755/KeystoneJS-4.0.0-beta.5-Unauthenticated-CSV-Injection.html
4
reference_url https://www.exploit-db.com/exploits/43053
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.exploit-db.com/exploits/43053
5
reference_url https://www.exploit-db.com/exploits/43053/
reference_id
reference_type
scores
url https://www.exploit-db.com/exploits/43053/
6
reference_url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/nodejs/webapps/43053.txt
reference_id CVE-2017-15879
reference_type exploit
scores
url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/nodejs/webapps/43053.txt
7
reference_url https://nvd.nist.gov/vuln/detail/CVE-2017-15879
reference_id CVE-2017-15879
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2017-15879
fixed_packages
0
url pkg:npm/keystone@4.0.0-beta7
purl pkg:npm/keystone@4.0.0-beta7
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/keystone@4.0.0-beta7
1
url pkg:npm/keystone@4.1.0
purl pkg:npm/keystone@4.1.0
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/keystone@4.1.0
aliases CVE-2017-15879, GHSA-6494-v9fq-fgq2
risk_score 10.0
exploitability 2.0
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-2yxf-3ebk-nbeu
1
url VCID-m9p7-836k-pqfb
vulnerability_id VCID-m9p7-836k-pqfb
summary 
Cross-site Scripting
Cross-Site Scripting vulnerability in KeystoneJS allows remote authenticated administrators to inject arbitrary web script or HTML via the `content brief` or `content extended` field.
references
0
reference_url http://blog.securelayer7.net/keystonejs-open-source-penetration-testing-report
reference_id
reference_type
scores
0
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://blog.securelayer7.net/keystonejs-open-source-penetration-testing-report
1
reference_url http://blog.securelayer7.net/keystonejs-open-source-penetration-testing-report/
reference_id
reference_type
scores
url http://blog.securelayer7.net/keystonejs-open-source-penetration-testing-report/
2
reference_url https://api.first.org/data/v1/epss?cve=CVE-2017-15881
reference_id
reference_type
scores
0
value 0.00466
scoring_system epss
scoring_elements 0.64737
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2017-15881
3
reference_url https://github.com/advisories/GHSA-7cv6-gvx3-m54m
reference_id
reference_type
scores
0
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/advisories/GHSA-7cv6-gvx3-m54m
4
reference_url https://github.com/keystonejs/keystone/issues/4437
reference_id
reference_type
scores
0
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/keystonejs/keystone/issues/4437
5
reference_url https://github.com/keystonejs/keystone/pull/4478
reference_id
reference_type
scores
0
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/keystonejs/keystone/pull/4478
6
reference_url https://securelayer7.net/download/pdf/KeystoneJS-Pentest-Report-SecureLayer7.pdf
reference_id
reference_type
scores
0
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://securelayer7.net/download/pdf/KeystoneJS-Pentest-Report-SecureLayer7.pdf
7
reference_url https://www.npmjs.com/advisories/981
reference_id
reference_type
scores
0
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.npmjs.com/advisories/981
8
reference_url http://www.securityfocus.com/bid/101541
reference_id
reference_type
scores
0
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.securityfocus.com/bid/101541
9
reference_url https://nvd.nist.gov/vuln/detail/CVE-2017-15881
reference_id CVE-2017-15881
reference_type
scores
0
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2017-15881
fixed_packages
0
url pkg:npm/keystone@4.0.0-beta.1
purl pkg:npm/keystone@4.0.0-beta.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2yxf-3ebk-nbeu
1
vulnerability VCID-ndu1-2s48-pucm
2
vulnerability VCID-sw46-5p81-kqhv
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/keystone@4.0.0-beta.1
1
url pkg:npm/keystone@4.0.0-beta7
purl pkg:npm/keystone@4.0.0-beta7
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/keystone@4.0.0-beta7
2
url pkg:npm/keystone@4.1.0
purl pkg:npm/keystone@4.1.0
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/keystone@4.1.0
aliases CVE-2017-15881, GHSA-7cv6-gvx3-m54m
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-m9p7-836k-pqfb
2
url VCID-ndu1-2s48-pucm
vulnerability_id VCID-ndu1-2s48-pucm
summary 
Cross-site Scripting
Possible Cross-site scripting via the "Contact Us feature".
references
0
reference_url http://blog.securelayer7.net/keystonejs-open-source-penetration-testing-report
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://blog.securelayer7.net/keystonejs-open-source-penetration-testing-report
1
reference_url http://blog.securelayer7.net/keystonejs-open-source-penetration-testing-report/
reference_id
reference_type
scores
url http://blog.securelayer7.net/keystonejs-open-source-penetration-testing-report/
2
reference_url https://api.first.org/data/v1/epss?cve=CVE-2017-15878
reference_id
reference_type
scores
0
value 0.03604
scoring_system epss
scoring_elements 0.87985
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2017-15878
3
reference_url https://github.com/advisories/GHSA-7qcx-jmrc-h2rr
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/advisories/GHSA-7qcx-jmrc-h2rr
4
reference_url https://github.com/keystonejs/keystone
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/keystonejs/keystone
5
reference_url https://github.com/keystonejs/keystone/pull/4478
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/keystonejs/keystone/pull/4478
6
reference_url https://packetstormsecurity.com/files/144756/KeystoneJS-4.0.0-beta.5-Unauthenticated-Stored-Cross-Site-Scripting.html
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://packetstormsecurity.com/files/144756/KeystoneJS-4.0.0-beta.5-Unauthenticated-Stored-Cross-Site-Scripting.html
7
reference_url https://securelayer7.net/download/pdf/KeystoneJS-Pentest-Report-SecureLayer7.pdf
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://securelayer7.net/download/pdf/KeystoneJS-Pentest-Report-SecureLayer7.pdf
8
reference_url https://www.exploit-db.com/exploits/43054
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.exploit-db.com/exploits/43054
9
reference_url https://www.exploit-db.com/exploits/43054/
reference_id
reference_type
scores
url https://www.exploit-db.com/exploits/43054/
10
reference_url https://www.npmjs.com/advisories/980
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.npmjs.com/advisories/980
11
reference_url http://www.securityfocus.com/bid/101541
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.securityfocus.com/bid/101541
12
reference_url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/nodejs/webapps/43054.txt
reference_id CVE-2017-15878
reference_type exploit
scores
url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/nodejs/webapps/43054.txt
13
reference_url https://nvd.nist.gov/vuln/detail/CVE-2017-15878
reference_id CVE-2017-15878
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2017-15878
fixed_packages
0
url pkg:npm/keystone@4.0.0
purl pkg:npm/keystone@4.0.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2yxf-3ebk-nbeu
1
vulnerability VCID-m9p7-836k-pqfb
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/keystone@4.0.0
aliases CVE-2017-15878, GHSA-7qcx-jmrc-h2rr
risk_score 10.0
exploitability 2.0
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ndu1-2s48-pucm
3
url VCID-qs56-6vgh-6uaz
vulnerability_id VCID-qs56-6vgh-6uaz
summary 
Authentication Weakness in keystone
Due to a bug in the the default sign in functionality in the keystone node module before 0.3.16, incomplete email addresses could be matched. A correct password is still required to complete sign in.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2015-9240
reference_id
reference_type
scores
0
value 0.00237
scoring_system epss
scoring_elements 0.46887
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2015-9240
1
reference_url https://nodesecurity.io/advisories/60
reference_id
reference_type
scores
url https://nodesecurity.io/advisories/60
2
reference_url https://www.npmjs.com/advisories/60
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.npmjs.com/advisories/60
3
reference_url https://www.npmjs.com/package/keystone
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.npmjs.com/package/keystone
4
reference_url https://nvd.nist.gov/vuln/detail/CVE-2015-9240
reference_id CVE-2015-9240
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2015-9240
5
reference_url https://github.com/advisories/GHSA-39pj-gq8q-9pfj
reference_id GHSA-39pj-gq8q-9pfj
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/advisories/GHSA-39pj-gq8q-9pfj
fixed_packages
0
url pkg:npm/keystone@0.3.16
purl pkg:npm/keystone@0.3.16
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2yxf-3ebk-nbeu
1
vulnerability VCID-m9p7-836k-pqfb
2
vulnerability VCID-ndu1-2s48-pucm
3
vulnerability VCID-sw46-5p81-kqhv
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/keystone@0.3.16
aliases CVE-2015-9240, GHSA-39pj-gq8q-9pfj
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-qs56-6vgh-6uaz
4
url VCID-sw46-5p81-kqhv
vulnerability_id VCID-sw46-5p81-kqhv
summary 
Cross-Site Request Forgery (CSRF)
KeystoneJS allows application-wide CSRF bypass by removing the CSRF parameter and value.
references
0
reference_url http://blog.securelayer7.net/keystonejs-open-source-penetration-testing-report
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://blog.securelayer7.net/keystonejs-open-source-penetration-testing-report
1
reference_url http://blog.securelayer7.net/keystonejs-open-source-penetration-testing-report/
reference_id
reference_type
scores
url http://blog.securelayer7.net/keystonejs-open-source-penetration-testing-report/
2
reference_url https://api.first.org/data/v1/epss?cve=CVE-2017-16570
reference_id
reference_type
scores
0
value 0.00198
scoring_system epss
scoring_elements 0.41748
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2017-16570
3
reference_url https://github.com/advisories/GHSA-q43c-g2g7-6gxj
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/advisories/GHSA-q43c-g2g7-6gxj
4
reference_url https://github.com/keystonejs/keystone/issues/4437
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/keystonejs/keystone/issues/4437
5
reference_url https://github.com/keystonejs/keystone/pull/4478
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/keystonejs/keystone/pull/4478
6
reference_url https://securelayer7.net/download/pdf/KeystoneJS-Pentest-Report-SecureLayer7.pdf
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://securelayer7.net/download/pdf/KeystoneJS-Pentest-Report-SecureLayer7.pdf
7
reference_url https://snyk.io/vuln/SNYK-JS-KEYSTONE-449663
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://snyk.io/vuln/SNYK-JS-KEYSTONE-449663
8
reference_url https://www.exploit-db.com/exploits/43922
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.exploit-db.com/exploits/43922
9
reference_url https://www.npmjs.com/advisories/979
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.npmjs.com/advisories/979
10
reference_url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/nodejs/webapps/43922.html
reference_id CVE-2017-16570
reference_type exploit
scores
url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/nodejs/webapps/43922.html
11
reference_url https://nvd.nist.gov/vuln/detail/CVE-2017-16570
reference_id CVE-2017-16570
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2017-16570
fixed_packages
0
url pkg:npm/keystone@4.0.0-beta.7
purl pkg:npm/keystone@4.0.0-beta.7
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2yxf-3ebk-nbeu
1
vulnerability VCID-ndu1-2s48-pucm
2
vulnerability VCID-sw46-5p81-kqhv
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/keystone@4.0.0-beta.7
1
url pkg:npm/keystone@4.0.0
purl pkg:npm/keystone@4.0.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2yxf-3ebk-nbeu
1
vulnerability VCID-m9p7-836k-pqfb
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/keystone@4.0.0
aliases CVE-2017-16570, GHSA-q43c-g2g7-6gxj
risk_score 10.0
exploitability 2.0
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-sw46-5p81-kqhv
5
url VCID-yynq-xbdy-2ff7
vulnerability_id VCID-yynq-xbdy-2ff7
summary 
Authentication Weakness
Due to a bug in the the default sign in functionality, incomplete email addresses could be matched. A correct password is still required to complete sign in.
references
fixed_packages
0
url pkg:npm/keystone@0.3.16
purl pkg:npm/keystone@0.3.16
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2yxf-3ebk-nbeu
1
vulnerability VCID-m9p7-836k-pqfb
2
vulnerability VCID-ndu1-2s48-pucm
3
vulnerability VCID-sw46-5p81-kqhv
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/keystone@0.3.16
aliases GMS-2015-50
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-yynq-xbdy-2ff7
Fixing_vulnerabilities
Risk_score10.0
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:npm/keystone@0.0.14