Django REST framework
Api Root
Package List
Package Instance
Format
json
api
admin
Package Instance
Lookup for vulnerable packages by Package URL.
Purl
pkg:pypi/roundup@2.5.0
Type
pypi
Namespace
Name
roundup
Version
2.5.0
Qualifiers
Subpath
Is_vulnerable
false
Next_non_vulnerable_version
null
Latest_non_vulnerable_version
null
Affected_by_vulnerabilities
Fixing_vulnerabilities
0
url
VCID-9ydc-txfc-pqe6
vulnerability_id
VCID-9ydc-txfc-pqe6
summary
In Roundup before 2.5.0, XSS can occur via interaction between URLs and issue tracker templates (devel and responsive).
references
0
reference_url
https://github.com/pypa/advisory-database/tree/main/vulns/roundup/PYSEC-2025-69.yaml
reference_id
reference_type
scores
url
https://github.com/pypa/advisory-database/tree/main/vulns/roundup/PYSEC-2025-69.yaml
1
reference_url
https://github.com/roundup-tracker/roundup
reference_id
reference_type
scores
url
https://github.com/roundup-tracker/roundup
2
reference_url
https://github.com/roundup-tracker/roundup/commit/3b1f22f331d4798491bd4746dbaaa6cfbe972952
reference_id
reference_type
scores
url
https://github.com/roundup-tracker/roundup/commit/3b1f22f331d4798491bd4746dbaaa6cfbe972952
3
reference_url
https://github.com/roundup-tracker/roundup/commit/65ac8f4dcb03a9a36a67c3e98fdf79cbd2a0b3fb
reference_id
reference_type
scores
url
https://github.com/roundup-tracker/roundup/commit/65ac8f4dcb03a9a36a67c3e98fdf79cbd2a0b3fb
4
reference_url
https://www.roundup-tracker.org/docs/security.html
reference_id
reference_type
scores
url
https://www.roundup-tracker.org/docs/security.html
5
reference_url
https://www.roundup-tracker.org/docs/upgrading.html#cve-2025-53865
reference_id
reference_type
scores
url
https://www.roundup-tracker.org/docs/upgrading.html#cve-2025-53865
6
reference_url
https://nvd.nist.gov/vuln/detail/CVE-2025-53865
reference_id
CVE-2025-53865
reference_type
scores
url
https://nvd.nist.gov/vuln/detail/CVE-2025-53865
7
reference_url
https://github.com/advisories/GHSA-qxh9-qmf2-rhwc
reference_id
GHSA-qxh9-qmf2-rhwc
reference_type
scores
url
https://github.com/advisories/GHSA-qxh9-qmf2-rhwc
fixed_packages
0
url
pkg:pypi/roundup@2.5.0
purl
pkg:pypi/roundup@2.5.0
is_vulnerable
false
affected_by_vulnerabilities
resource_url
http://public2.vulnerablecode.io/packages/pkg:pypi/roundup@2.5.0
aliases
CVE-2025-53865, GHSA-qxh9-qmf2-rhwc, PYSEC-2025-69
risk_score
null
exploitability
null
weighted_severity
null
resource_url
http://public2.vulnerablecode.io/vulnerabilities/VCID-9ydc-txfc-pqe6
Risk_score
null
Resource_url
http://public2.vulnerablecode.io/packages/pkg:pypi/roundup@2.5.0
×
Create
None
×
Edit
None