Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:nuget/CefSharp.Common.NETCore@87.1.132
Typenuget
Namespace
NameCefSharp.Common.NETCore
Version87.1.132
Qualifiers
Subpath
Is_vulnerabletrue
Next_non_vulnerable_version117.2.20
Latest_non_vulnerable_version117.2.20
Affected_by_vulnerabilities
0
url VCID-1j1f-verc-bqb3
vulnerability_id VCID-1j1f-verc-bqb3
summary Improper Neutralization in CefSharp.Common.NETCore.
references
0
reference_url https://github.com/cefsharp/CefSharp
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/cefsharp/CefSharp
1
reference_url https://github.com/cefsharp/CefSharp/commit/45e66f7c0f9094f2fd81ab57b37a9ed9576b51b8
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/cefsharp/CefSharp/commit/45e66f7c0f9094f2fd81ab57b37a9ed9576b51b8
2
reference_url https://github.com/advisories/GHSA-4c29-gfrp-g6x9
reference_id GHSA-4c29-gfrp-g6x9
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-4c29-gfrp-g6x9
3
reference_url https://github.com/cefsharp/CefSharp/security/advisories/GHSA-4c29-gfrp-g6x9
reference_id GHSA-4c29-gfrp-g6x9
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/cefsharp/CefSharp/security/advisories/GHSA-4c29-gfrp-g6x9
fixed_packages
0
url pkg:nuget/CefSharp.Common.NETCore@117.2.20
purl pkg:nuget/CefSharp.Common.NETCore@117.2.20
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:nuget/CefSharp.Common.NETCore@117.2.20
aliases GHSA-4c29-gfrp-g6x9, GMS-2023-3094, GMS-2023-3096
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-1j1f-verc-bqb3
1
url VCID-57ne-vzp6-b7f4
vulnerability_id VCID-57ne-vzp6-b7f4
summary 
Use after free in Animation. The exploitation is known to be easy. The attack may be initiated remotely. No form of authentication is needed for a successful exploitation. It demands that the victim is doing some kind of user interaction. Technical details are unknown but an exploit is available.

There is currently little other public information on the issue other than it has been flagged as `High` severity.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-0609
reference_id
reference_type
scores
0
value 0.39522
scoring_system epss
scoring_elements 0.9728
published_at 2026-04-01T12:55:00Z
1
value 0.39522
scoring_system epss
scoring_elements 0.9729
published_at 2026-04-07T12:55:00Z
2
value 0.39522
scoring_system epss
scoring_elements 0.97285
published_at 2026-04-02T12:55:00Z
3
value 0.42955
scoring_system epss
scoring_elements 0.97496
published_at 2026-04-18T12:55:00Z
4
value 0.42955
scoring_system epss
scoring_elements 0.97479
published_at 2026-04-08T12:55:00Z
5
value 0.42955
scoring_system epss
scoring_elements 0.9748
published_at 2026-04-09T12:55:00Z
6
value 0.42955
scoring_system epss
scoring_elements 0.97482
published_at 2026-04-11T12:55:00Z
7
value 0.42955
scoring_system epss
scoring_elements 0.97484
published_at 2026-04-12T12:55:00Z
8
value 0.42955
scoring_system epss
scoring_elements 0.97485
published_at 2026-04-13T12:55:00Z
9
value 0.42955
scoring_system epss
scoring_elements 0.97493
published_at 2026-04-16T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-0609
1
reference_url https://chromereleases.googleblog.com/2022/02/stable-channel-update-for-desktop_14.html
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-02-03T14:23:25Z/
url https://chromereleases.googleblog.com/2022/02/stable-channel-update-for-desktop_14.html
2
reference_url https://crbug.com/1296150
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-02-03T14:23:25Z/
url https://crbug.com/1296150
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0603
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0603
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0604
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0604
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0605
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0605
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0606
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0606
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0607
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0607
8
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0608
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0608
9
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0609
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0609
10
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0610
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0610
11
reference_url https://github.com/cefsharp/CefSharp
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/cefsharp/CefSharp
12
reference_url https://nvd.nist.gov/vuln/detail/CVE-2022-0609
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2022-0609
13
reference_url https://github.com/advisories/GHSA-vv6j-ww6x-54gx
reference_id GHSA-vv6j-ww6x-54gx
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-vv6j-ww6x-54gx
14
reference_url https://github.com/cefsharp/CefSharp/security/advisories/GHSA-vv6j-ww6x-54gx
reference_id GHSA-vv6j-ww6x-54gx
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/cefsharp/CefSharp/security/advisories/GHSA-vv6j-ww6x-54gx
15
reference_url https://security.gentoo.org/glsa/202202-02
reference_id GLSA-202202-02
reference_type
scores
url https://security.gentoo.org/glsa/202202-02
fixed_packages
0
url pkg:nuget/CefSharp.Common.NETCore@98.1.210
purl pkg:nuget/CefSharp.Common.NETCore@98.1.210
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1j1f-verc-bqb3
1
vulnerability VCID-mkgf-y94b-uuae
resource_url http://public2.vulnerablecode.io/packages/pkg:nuget/CefSharp.Common.NETCore@98.1.210
aliases CVE-2022-0609, GHSA-vv6j-ww6x-54gx, GMS-2022-140, GMS-2022-141, GMS-2022-142, GMS-2022-143, GMS-2022-144, GMS-2022-145, GMS-2022-146, GMS-2022-147, GMS-2022-148
risk_score 10.0
exploitability 2.0
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-57ne-vzp6-b7f4
2
url VCID-mkgf-y94b-uuae
vulnerability_id VCID-mkgf-y94b-uuae
summary 
CefSharp affected by heap buffer overflow in WebP
**Google is aware that an exploit for [CVE-2023-4863](https://www.cve.org/CVERecord?id=CVE-2023-4863) exists in the wild.**

### Description

Heap buffer overflow in WebP in Google Chrome prior to 116.0.5845.187 allowed a remote attacker to perform an out-of-bounds memory write via a crafted HTML page. (Chromium security severity: Critical)

### References

- https://www.cve.org/CVERecord?id=CVE-2023-4863
- https://nvd.nist.gov/vuln/detail/CVE-2023-4863
- https://www.techtarget.com/searchsecurity/news/366551978/Browser-companies-patch-critical-zero-day-vulnerability
references
0
reference_url https://github.com/cefsharp/CefSharp
reference_id
reference_type
scores
0
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/cefsharp/CefSharp
1
reference_url https://github.com/cefsharp/CefSharp/commit/f2890ba66170afb0bf742839febe4d20449f758c
reference_id
reference_type
scores
0
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/cefsharp/CefSharp/commit/f2890ba66170afb0bf742839febe4d20449f758c
2
reference_url https://github.com/cefsharp/CefSharp/releases/tag/v116.0.230
reference_id
reference_type
scores
0
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/cefsharp/CefSharp/releases/tag/v116.0.230
3
reference_url https://github.com/advisories/GHSA-j646-gj5p-p45g
reference_id GHSA-j646-gj5p-p45g
reference_type
scores
0
value CRITICAL
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-j646-gj5p-p45g
4
reference_url https://github.com/cefsharp/CefSharp/security/advisories/GHSA-j646-gj5p-p45g
reference_id GHSA-j646-gj5p-p45g
reference_type
scores
0
value CRITICAL
scoring_system cvssv3.1_qr
scoring_elements
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/cefsharp/CefSharp/security/advisories/GHSA-j646-gj5p-p45g
fixed_packages
0
url pkg:nuget/CefSharp.Common.NETCore@116.0.230
purl pkg:nuget/CefSharp.Common.NETCore@116.0.230
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1j1f-verc-bqb3
resource_url http://public2.vulnerablecode.io/packages/pkg:nuget/CefSharp.Common.NETCore@116.0.230
aliases GHSA-j646-gj5p-p45g, GMS-2023-2464, GMS-2023-2465
risk_score 4.5
exploitability 0.5
weighted_severity 9.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-mkgf-y94b-uuae
Fixing_vulnerabilities
Risk_score10.0
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:nuget/CefSharp.Common.NETCore@87.1.132