Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:npm/growl@1.10.2
Typenpm
Namespace
Namegrowl
Version1.10.2
Qualifiers
Subpath
Is_vulnerablefalse
Next_non_vulnerable_versionnull
Latest_non_vulnerable_versionnull
Affected_by_vulnerabilities
Fixing_vulnerabilities
0
url VCID-14s5-v9gb-hkhp
vulnerability_id VCID-14s5-v9gb-hkhp
summary 
Command Injection
Growl does not properly sanitize input before passing it to exec, allowing for arbitrary command execution.
references
0
reference_url https://github.com/tj/node-growl/issues/60
reference_id
reference_type
scores
url https://github.com/tj/node-growl/issues/60
1
reference_url https://github.com/tj/node-growl/pull/61
reference_id
reference_type
scores
url https://github.com/tj/node-growl/pull/61
fixed_packages
0
url pkg:npm/growl@1.10.2
purl pkg:npm/growl@1.10.2
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/growl@1.10.2
aliases GMS-2016-47
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-14s5-v9gb-hkhp
1
url VCID-ft5f-6f5r-gyb6
vulnerability_id VCID-ft5f-6f5r-gyb6
summary 
OS Command Injection
Growl does not properly sanitize input before passing it to exec, allowing for arbitrary command execution.
references
0
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=900868
reference_id 900868
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=900868
1
reference_url https://nvd.nist.gov/vuln/detail/CVE-2017-16042
reference_id CVE-2017-16042
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2017-16042
fixed_packages
0
url pkg:npm/growl@1.10.2
purl pkg:npm/growl@1.10.2
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/growl@1.10.2
aliases CVE-2017-16042
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ft5f-6f5r-gyb6
Risk_scorenull
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:npm/growl@1.10.2