Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:pypi/transformers@4.21.1
Typepypi
Namespace
Nametransformers
Version4.21.1
Qualifiers
Subpath
Is_vulnerabletrue
Next_non_vulnerable_version4.36.0
Latest_non_vulnerable_version4.36.0
Affected_by_vulnerabilities
0
url VCID-6wnz-1qbk-x3av
vulnerability_id VCID-6wnz-1qbk-x3av
summary Deserialization of Untrusted Data in GitHub repository huggingface/transformers prior to 4.36.
references
0
reference_url https://github.com/huggingface/transformers/commit/1d63b0ec361e7a38f1339385e8a5a855085532ce
reference_id
reference_type
scores
0
value 7.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
url https://github.com/huggingface/transformers/commit/1d63b0ec361e7a38f1339385e8a5a855085532ce
1
reference_url https://huntr.com/bounties/e1a3e548-e53a-48df-b708-9ee62140963c
reference_id
reference_type
scores
0
value 7.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
url https://huntr.com/bounties/e1a3e548-e53a-48df-b708-9ee62140963c
fixed_packages
0
url pkg:pypi/transformers@4.36.0
purl pkg:pypi/transformers@4.36.0
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/transformers@4.36.0
aliases CVE-2023-7018, PYSEC-2023-301
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-6wnz-1qbk-x3av
1
url VCID-re51-pz3b-xbc5
vulnerability_id VCID-re51-pz3b-xbc5
summary Deserialization of Untrusted Data in GitHub repository huggingface/transformers prior to 4.36.
references
0
reference_url https://github.com/huggingface/transformers/commit/1d63b0ec361e7a38f1339385e8a5a855085532ce
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
url https://github.com/huggingface/transformers/commit/1d63b0ec361e7a38f1339385e8a5a855085532ce
1
reference_url https://huntr.com/bounties/423611ee-7a2a-442a-babb-3ed2f8385c16
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
url https://huntr.com/bounties/423611ee-7a2a-442a-babb-3ed2f8385c16
fixed_packages
0
url pkg:pypi/transformers@4.36.0
purl pkg:pypi/transformers@4.36.0
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/transformers@4.36.0
aliases CVE-2023-6730, PYSEC-2023-300
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-re51-pz3b-xbc5
2
url VCID-smqc-ecxk-eqe6
vulnerability_id VCID-smqc-ecxk-eqe6
summary Insecure Temporary File in GitHub repository huggingface/transformers prior to 4.30.0.
references
0
reference_url https://github.com/huggingface/transformers/commit/80ca92470938bbcc348e2d9cf4734c7c25cb1c43
reference_id
reference_type
scores
0
value 4.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://github.com/huggingface/transformers/commit/80ca92470938bbcc348e2d9cf4734c7c25cb1c43
1
reference_url https://huntr.dev/bounties/a3867b4e-6701-4418-8c20-3c6e7084a44a
reference_id
reference_type
scores
0
value 4.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://huntr.dev/bounties/a3867b4e-6701-4418-8c20-3c6e7084a44a
fixed_packages
0
url pkg:pypi/transformers@4.30.0
purl pkg:pypi/transformers@4.30.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-6wnz-1qbk-x3av
1
vulnerability VCID-re51-pz3b-xbc5
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/transformers@4.30.0
aliases CVE-2023-2800, PYSEC-2023-299
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-smqc-ecxk-eqe6
Fixing_vulnerabilities
Risk_scorenull
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:pypi/transformers@4.21.1