Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:nuget/CefSharp.WinForms.NETCore@89.0.170
Typenuget
Namespace
NameCefSharp.WinForms.NETCore
Version89.0.170
Qualifiers
Subpath
Is_vulnerabletrue
Next_non_vulnerable_version134.3.90
Latest_non_vulnerable_version134.3.90
Affected_by_vulnerabilities
0
url VCID-57ne-vzp6-b7f4
vulnerability_id VCID-57ne-vzp6-b7f4
summary 
Use after free in Animation. The exploitation is known to be easy. The attack may be initiated remotely. No form of authentication is needed for a successful exploitation. It demands that the victim is doing some kind of user interaction. Technical details are unknown but an exploit is available.

There is currently little other public information on the issue other than it has been flagged as `High` severity.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-0609
reference_id
reference_type
scores
0
value 0.39522
scoring_system epss
scoring_elements 0.9728
published_at 2026-04-01T12:55:00Z
1
value 0.39522
scoring_system epss
scoring_elements 0.9729
published_at 2026-04-07T12:55:00Z
2
value 0.39522
scoring_system epss
scoring_elements 0.97285
published_at 2026-04-02T12:55:00Z
3
value 0.42955
scoring_system epss
scoring_elements 0.97496
published_at 2026-04-18T12:55:00Z
4
value 0.42955
scoring_system epss
scoring_elements 0.97479
published_at 2026-04-08T12:55:00Z
5
value 0.42955
scoring_system epss
scoring_elements 0.9748
published_at 2026-04-09T12:55:00Z
6
value 0.42955
scoring_system epss
scoring_elements 0.97482
published_at 2026-04-11T12:55:00Z
7
value 0.42955
scoring_system epss
scoring_elements 0.97484
published_at 2026-04-12T12:55:00Z
8
value 0.42955
scoring_system epss
scoring_elements 0.97485
published_at 2026-04-13T12:55:00Z
9
value 0.42955
scoring_system epss
scoring_elements 0.97493
published_at 2026-04-16T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-0609
1
reference_url https://chromereleases.googleblog.com/2022/02/stable-channel-update-for-desktop_14.html
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-02-03T14:23:25Z/
url https://chromereleases.googleblog.com/2022/02/stable-channel-update-for-desktop_14.html
2
reference_url https://crbug.com/1296150
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-02-03T14:23:25Z/
url https://crbug.com/1296150
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0603
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0603
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0604
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0604
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0605
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0605
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0606
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0606
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0607
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0607
8
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0608
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0608
9
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0609
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0609
10
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0610
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0610
11
reference_url https://github.com/cefsharp/CefSharp
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/cefsharp/CefSharp
12
reference_url https://nvd.nist.gov/vuln/detail/CVE-2022-0609
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2022-0609
13
reference_url https://github.com/advisories/GHSA-vv6j-ww6x-54gx
reference_id GHSA-vv6j-ww6x-54gx
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-vv6j-ww6x-54gx
14
reference_url https://github.com/cefsharp/CefSharp/security/advisories/GHSA-vv6j-ww6x-54gx
reference_id GHSA-vv6j-ww6x-54gx
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/cefsharp/CefSharp/security/advisories/GHSA-vv6j-ww6x-54gx
15
reference_url https://security.gentoo.org/glsa/202202-02
reference_id GLSA-202202-02
reference_type
scores
url https://security.gentoo.org/glsa/202202-02
fixed_packages
0
url pkg:nuget/CefSharp.WinForms.NETCore@98.1.210
purl pkg:nuget/CefSharp.WinForms.NETCore@98.1.210
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-u9e3-f1kh-nkgn
resource_url http://public2.vulnerablecode.io/packages/pkg:nuget/CefSharp.WinForms.NETCore@98.1.210
aliases CVE-2022-0609, GHSA-vv6j-ww6x-54gx, GMS-2022-140, GMS-2022-141, GMS-2022-142, GMS-2022-143, GMS-2022-144, GMS-2022-145, GMS-2022-146, GMS-2022-147, GMS-2022-148
risk_score 10.0
exploitability 2.0
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-57ne-vzp6-b7f4
1
url VCID-u9e3-f1kh-nkgn
vulnerability_id VCID-u9e3-f1kh-nkgn
summary 
CefSharp affected by incorrect handle provided in unspecified circumstances in Mojo on Windows
Incorrect handle provided in unspecified circumstances in Mojo in Google Chrome on Windows prior to 134.0.6998.177 allowed a remote attacker to perform a sandbox escape via a malicious file. (Chromium security severity: High)

https://nvd.nist.gov/vuln/detail/CVE-2025-2783
https://chromereleases.googleblog.com/2025/03/stable-channel-update-for-desktop_25.html
https://issues.chromium.org/issues/405143032
references
0
reference_url https://chromereleases.googleblog.com/2025/03/stable-channel-update-for-desktop_25.html
reference_id
reference_type
scores
0
value 8.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://chromereleases.googleblog.com/2025/03/stable-channel-update-for-desktop_25.html
1
reference_url https://github.com/cefsharp/CefSharp
reference_id
reference_type
scores
0
value 8.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/cefsharp/CefSharp
2
reference_url https://github.com/cefsharp/CefSharp/releases/tag/v134.3.90
reference_id
reference_type
scores
0
value 8.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/cefsharp/CefSharp/releases/tag/v134.3.90
3
reference_url https://github.com/cefsharp/CefSharp/security/advisories/GHSA-f87w-3j5w-v58p
reference_id
reference_type
scores
0
value 8.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H
1
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/cefsharp/CefSharp/security/advisories/GHSA-f87w-3j5w-v58p
4
reference_url https://issues.chromium.org/issues/405143032
reference_id
reference_type
scores
0
value 8.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://issues.chromium.org/issues/405143032
5
reference_url https://nvd.nist.gov/vuln/detail/CVE-2025-2783
reference_id
reference_type
scores
0
value 8.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2025-2783
6
reference_url https://github.com/advisories/GHSA-f87w-3j5w-v58p
reference_id GHSA-f87w-3j5w-v58p
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-f87w-3j5w-v58p
fixed_packages
0
url pkg:nuget/CefSharp.WinForms.NETCore@134.3.90
purl pkg:nuget/CefSharp.WinForms.NETCore@134.3.90
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:nuget/CefSharp.WinForms.NETCore@134.3.90
aliases GHSA-f87w-3j5w-v58p
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-u9e3-f1kh-nkgn
Fixing_vulnerabilities
Risk_score10.0
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:nuget/CefSharp.WinForms.NETCore@89.0.170