Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:pypi/webob@0.9.7
Typepypi
Namespace
Namewebob
Version0.9.7
Qualifiers
Subpath
Is_vulnerabletrue
Next_non_vulnerable_version1.8.8
Latest_non_vulnerable_version1.8.8
Affected_by_vulnerabilities
0
url VCID-9bm9-9f5h-2yg5
vulnerability_id VCID-9bm9-9f5h-2yg5
summary WebOb provides objects for HTTP requests and responses. When WebOb normalizes the HTTP Location header to include the request hostname, it does so by parsing the URL that the user is to be redirected to with Python's urlparse, and joining it to the base URL. `urlparse` however treats a `//` at the start of a string as a URI without a scheme, and then treats the next part as the hostname. `urljoin` will then use that hostname from the second part as the hostname replacing the original one from the request. This vulnerability is patched in WebOb version 1.8.8.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-42353.json
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-42353.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2024-42353
reference_id
reference_type
scores
0
value 0.00242
scoring_system epss
scoring_elements 0.47508
published_at 2026-04-21T12:55:00Z
1
value 0.00263
scoring_system epss
scoring_elements 0.49755
published_at 2026-04-11T12:55:00Z
2
value 0.00263
scoring_system epss
scoring_elements 0.49708
published_at 2026-04-02T12:55:00Z
3
value 0.00263
scoring_system epss
scoring_elements 0.49775
published_at 2026-04-18T12:55:00Z
4
value 0.00263
scoring_system epss
scoring_elements 0.49728
published_at 2026-04-13T12:55:00Z
5
value 0.00263
scoring_system epss
scoring_elements 0.49727
published_at 2026-04-12T12:55:00Z
6
value 0.00263
scoring_system epss
scoring_elements 0.49736
published_at 2026-04-04T12:55:00Z
7
value 0.00263
scoring_system epss
scoring_elements 0.49688
published_at 2026-04-07T12:55:00Z
8
value 0.00263
scoring_system epss
scoring_elements 0.49743
published_at 2026-04-08T12:55:00Z
9
value 0.00263
scoring_system epss
scoring_elements 0.49737
published_at 2026-04-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2024-42353
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-42353
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-42353
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://github.com/Pylons/webob
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/Pylons/webob
5
reference_url https://github.com/Pylons/webob/commit/f689bcf4f0a1f64f1735b1d5069aef5be6974b5b
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-15T14:02:15Z/
url https://github.com/Pylons/webob/commit/f689bcf4f0a1f64f1735b1d5069aef5be6974b5b
6
reference_url https://github.com/Pylons/webob/security/advisories/GHSA-mg3v-6m49-jhp3
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
2
value 5.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
3
value MODERATE
scoring_system generic_textual
scoring_elements
4
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-15T14:02:15Z/
url https://github.com/Pylons/webob/security/advisories/GHSA-mg3v-6m49-jhp3
7
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/webob/PYSEC-2024-188.yaml
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/webob/PYSEC-2024-188.yaml
8
reference_url https://nvd.nist.gov/vuln/detail/CVE-2024-42353
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2024-42353
9
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1078879
reference_id 1078879
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1078879
10
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2305004
reference_id 2305004
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2305004
11
reference_url https://github.com/advisories/GHSA-mg3v-6m49-jhp3
reference_id GHSA-mg3v-6m49-jhp3
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-mg3v-6m49-jhp3
12
reference_url https://access.redhat.com/errata/RHSA-2024:6775
reference_id RHSA-2024:6775
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:6775
13
reference_url https://access.redhat.com/errata/RHSA-2024:6827
reference_id RHSA-2024:6827
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:6827
14
reference_url https://access.redhat.com/errata/RHSA-2024:7590
reference_id RHSA-2024:7590
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:7590
15
reference_url https://access.redhat.com/errata/RHSA-2024:9983
reference_id RHSA-2024:9983
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:9983
16
reference_url https://access.redhat.com/errata/RHSA-2024:9989
reference_id RHSA-2024:9989
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:9989
17
reference_url https://access.redhat.com/errata/RHSA-2025:4664
reference_id RHSA-2025:4664
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:4664
18
reference_url https://access.redhat.com/errata/RHSA-2025:9775
reference_id RHSA-2025:9775
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:9775
19
reference_url https://usn.ubuntu.com/6984-1/
reference_id USN-6984-1
reference_type
scores
url https://usn.ubuntu.com/6984-1/
fixed_packages
0
url pkg:pypi/webob@1.8.8
purl pkg:pypi/webob@1.8.8
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/webob@1.8.8
aliases CVE-2024-42353, GHSA-mg3v-6m49-jhp3, PYSEC-2024-188
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-9bm9-9f5h-2yg5
Fixing_vulnerabilities
Risk_score3.1
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:pypi/webob@0.9.7