Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:gem/spree@2.3.8
Typegem
Namespace
Namespree
Version2.3.8
Qualifiers
Subpath
Is_vulnerablefalse
Next_non_vulnerable_version2.4.5
Latest_non_vulnerable_version3.0.5
Affected_by_vulnerabilities
Fixing_vulnerabilities
0
url VCID-s4mu-v75h-dfep
vulnerability_id VCID-s4mu-v75h-dfep
summary 
Private information access through CSRF
A vulnerability in the API can allow an attacker to commit CSRF gaining access to private information.
references
0
reference_url http://osvdb.org/show/osvdb/119205
reference_id
reference_type
scores
url http://osvdb.org/show/osvdb/119205
1
reference_url https://spreecommerce.com/blog/security-updates-2015-3-3
reference_id
reference_type
scores
url https://spreecommerce.com/blog/security-updates-2015-3-3
fixed_packages
0
url pkg:gem/spree@2.2.10
purl pkg:gem/spree@2.2.10
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:gem/spree@2.2.10
1
url pkg:gem/spree@2.3.8
purl pkg:gem/spree@2.3.8
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:gem/spree@2.3.8
2
url pkg:gem/spree@2.4.5
purl pkg:gem/spree@2.4.5
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:gem/spree@2.4.5
3
url pkg:gem/spree@3.0.0.rc4
purl pkg:gem/spree@3.0.0.rc4
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:gem/spree@3.0.0.rc4
aliases OSVDB-119205
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-s4mu-v75h-dfep
Risk_scorenull
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:gem/spree@2.3.8