Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:apk/alpine/py3-urllib3@1.26.18-r0?arch=ppc64le&distroversion=v3.15&reponame=main
Typeapk
Namespacealpine
Namepy3-urllib3
Version1.26.18-r0
Qualifiers
arch ppc64le
distroversion v3.15
reponame main
Subpath
Is_vulnerablefalse
Next_non_vulnerable_versionnull
Latest_non_vulnerable_versionnull
Affected_by_vulnerabilities
Fixing_vulnerabilities
0
url VCID-4evk-srqq-fuef
vulnerability_id VCID-4evk-srqq-fuef
summary urllib3 is a user-friendly HTTP client library for Python. urllib3 previously wouldn't remove the HTTP request body when an HTTP redirect response using status 301, 302, or 303 after the request had its method changed from one that could accept a request body (like `POST`) to `GET` as is required by HTTP RFCs. Although this behavior is not specified in the section for redirects, it can be inferred by piecing together information from different sections and we have observed the behavior in other major HTTP client implementations like curl and web browsers. Because the vulnerability requires a previously trusted service to become compromised in order to have an impact on confidentiality we believe the exploitability of this vulnerability is low. Additionally, many users aren't putting sensitive data in HTTP request bodies, if this is the case then this vulnerability isn't exploitable. Both of the following conditions must be true to be affected by this vulnerability: 1. Using urllib3 and submitting sensitive information in the HTTP request body (such as form data or JSON) and 2. The origin service is compromised and starts redirecting using 301, 302, or 303 to a malicious peer or the redirected-to service becomes compromised. This issue has been addressed in versions 1.26.18 and 2.0.7 and users are advised to update to resolve this issue. Users unable to update should disable redirects for services that aren't expecting to respond with redirects with `redirects=False` and disable automatic redirects with `redirects=False` and handle 301, 302, and 303 redirects manually by stripping the HTTP request body.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-45803.json
reference_id
reference_type
scores
0
value 4.2
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:A/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-45803.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2023-45803
reference_id
reference_type
scores
0
value 0.00051
scoring_system epss
scoring_elements 0.15748
published_at 2026-04-16T12:55:00Z
1
value 0.00051
scoring_system epss
scoring_elements 0.15824
published_at 2026-04-13T12:55:00Z
2
value 0.00051
scoring_system epss
scoring_elements 0.15944
published_at 2026-04-02T12:55:00Z
3
value 0.00051
scoring_system epss
scoring_elements 0.15931
published_at 2026-04-11T12:55:00Z
4
value 0.00051
scoring_system epss
scoring_elements 0.16009
published_at 2026-04-04T12:55:00Z
5
value 0.00051
scoring_system epss
scoring_elements 0.15807
published_at 2026-04-07T12:55:00Z
6
value 0.00051
scoring_system epss
scoring_elements 0.15893
published_at 2026-04-12T12:55:00Z
7
value 0.00051
scoring_system epss
scoring_elements 0.15954
published_at 2026-04-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2023-45803
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45803
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45803
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 4.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:A/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/urllib3/PYSEC-2023-212.yaml
reference_id
reference_type
scores
0
value 4.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:A/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N
1
value 5.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:A/AC:L/AT:P/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/urllib3/PYSEC-2023-212.yaml
5
reference_url https://github.com/urllib3/urllib3
reference_id
reference_type
scores
0
value 4.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:A/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N
1
value 5.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:A/AC:L/AT:P/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/urllib3/urllib3
6
reference_url https://github.com/urllib3/urllib3/commit/4e50fbc5db74e32cabd5ccc1ab81fc103adfe0b3
reference_id
reference_type
scores
0
value 4.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:A/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N
1
value 5.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:A/AC:L/AT:P/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/urllib3/urllib3/commit/4e50fbc5db74e32cabd5ccc1ab81fc103adfe0b3
7
reference_url https://github.com/urllib3/urllib3/commit/4e98d57809dacab1cbe625fddeec1a290c478ea9
reference_id
reference_type
scores
0
value 4.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:A/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N
1
value 5.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:A/AC:L/AT:P/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-13T15:56:19Z/
url https://github.com/urllib3/urllib3/commit/4e98d57809dacab1cbe625fddeec1a290c478ea9
8
reference_url https://github.com/urllib3/urllib3/commit/b594c5ceaca38e1ac215f916538fb128e3526a36
reference_id
reference_type
scores
0
value 4.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:A/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N
1
value 5.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:A/AC:L/AT:P/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/urllib3/urllib3/commit/b594c5ceaca38e1ac215f916538fb128e3526a36
9
reference_url https://github.com/urllib3/urllib3/releases/tag/1.26.18
reference_id
reference_type
scores
0
value 4.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:A/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N
1
value 5.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:A/AC:L/AT:P/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/urllib3/urllib3/releases/tag/1.26.18
10
reference_url https://github.com/urllib3/urllib3/releases/tag/2.0.7
reference_id
reference_type
scores
0
value 4.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:A/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N
1
value 5.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:A/AC:L/AT:P/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/urllib3/urllib3/releases/tag/2.0.7
11
reference_url https://github.com/urllib3/urllib3/security/advisories/GHSA-g4mx-q9vg-27p4
reference_id
reference_type
scores
0
value 4.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:A/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
2
value 5.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:A/AC:L/AT:P/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
3
value MODERATE
scoring_system generic_textual
scoring_elements
4
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-13T15:56:19Z/
url https://github.com/urllib3/urllib3/security/advisories/GHSA-g4mx-q9vg-27p4
12
reference_url https://lists.debian.org/debian-lts-announce/2024/12/msg00020.html
reference_id
reference_type
scores
0
value 4.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:A/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N
1
value 5.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:A/AC:L/AT:P/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.debian.org/debian-lts-announce/2024/12/msg00020.html
13
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4R2Y5XK3WALSR3FNAGN7JBYV2B343ZKB
reference_id
reference_type
scores
0
value 4.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:A/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N
1
value 5.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:A/AC:L/AT:P/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4R2Y5XK3WALSR3FNAGN7JBYV2B343ZKB
14
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5F5CUBAN5XMEBVBZPHFITBLMJV5FIJJ5
reference_id
reference_type
scores
0
value 4.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:A/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N
1
value 5.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:A/AC:L/AT:P/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5F5CUBAN5XMEBVBZPHFITBLMJV5FIJJ5
15
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PPDPLM6UUMN55ESPQWJFLLIZY4ZKCNRX
reference_id
reference_type
scores
0
value 4.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:A/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N
1
value 5.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:A/AC:L/AT:P/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PPDPLM6UUMN55ESPQWJFLLIZY4ZKCNRX
16
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PPDPLM6UUMN55ESPQWJFLLIZY4ZKCNRX/
reference_id
reference_type
scores
0
value 4.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:A/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-13T15:56:19Z/
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PPDPLM6UUMN55ESPQWJFLLIZY4ZKCNRX/
17
reference_url https://www.rfc-editor.org/rfc/rfc9110.html#name-get
reference_id
reference_type
scores
0
value 4.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:A/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N
1
value 5.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:A/AC:L/AT:P/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-13T15:56:19Z/
url https://www.rfc-editor.org/rfc/rfc9110.html#name-get
18
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1054226
reference_id 1054226
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1054226
19
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2246840
reference_id 2246840
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2246840
20
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4R2Y5XK3WALSR3FNAGN7JBYV2B343ZKB/
reference_id 4R2Y5XK3WALSR3FNAGN7JBYV2B343ZKB
reference_type
scores
0
value 4.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:A/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-13T15:56:19Z/
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4R2Y5XK3WALSR3FNAGN7JBYV2B343ZKB/
21
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5F5CUBAN5XMEBVBZPHFITBLMJV5FIJJ5/
reference_id 5F5CUBAN5XMEBVBZPHFITBLMJV5FIJJ5
reference_type
scores
0
value 4.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:A/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-13T15:56:19Z/
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5F5CUBAN5XMEBVBZPHFITBLMJV5FIJJ5/
22
reference_url https://nvd.nist.gov/vuln/detail/CVE-2023-45803
reference_id CVE-2023-45803
reference_type
scores
0
value 4.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:A/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N
1
value 5.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:A/AC:L/AT:P/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2023-45803
23
reference_url https://github.com/advisories/GHSA-g4mx-q9vg-27p4
reference_id GHSA-g4mx-q9vg-27p4
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-g4mx-q9vg-27p4
24
reference_url https://access.redhat.com/errata/RHSA-2023:7851
reference_id RHSA-2023:7851
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:7851
25
reference_url https://access.redhat.com/errata/RHSA-2024:0116
reference_id RHSA-2024:0116
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:0116
26
reference_url https://access.redhat.com/errata/RHSA-2024:0300
reference_id RHSA-2024:0300
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:0300
27
reference_url https://access.redhat.com/errata/RHSA-2024:0464
reference_id RHSA-2024:0464
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:0464
28
reference_url https://access.redhat.com/errata/RHSA-2024:0588
reference_id RHSA-2024:0588
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:0588
29
reference_url https://access.redhat.com/errata/RHSA-2024:11189
reference_id RHSA-2024:11189
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:11189
30
reference_url https://access.redhat.com/errata/RHSA-2024:11238
reference_id RHSA-2024:11238
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:11238
31
reference_url https://access.redhat.com/errata/RHSA-2024:1155
reference_id RHSA-2024:1155
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:1155
32
reference_url https://access.redhat.com/errata/RHSA-2024:1383
reference_id RHSA-2024:1383
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:1383
33
reference_url https://access.redhat.com/errata/RHSA-2024:2132
reference_id RHSA-2024:2132
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:2132
34
reference_url https://access.redhat.com/errata/RHSA-2024:2734
reference_id RHSA-2024:2734
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:2734
35
reference_url https://access.redhat.com/errata/RHSA-2024:2952
reference_id RHSA-2024:2952
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:2952
36
reference_url https://access.redhat.com/errata/RHSA-2024:2968
reference_id RHSA-2024:2968
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:2968
37
reference_url https://access.redhat.com/errata/RHSA-2024:2988
reference_id RHSA-2024:2988
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:2988
38
reference_url https://access.redhat.com/errata/RHSA-2025:0078
reference_id RHSA-2025:0078
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:0078
39
reference_url https://access.redhat.com/errata/RHSA-2025:1793
reference_id RHSA-2025:1793
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:1793
40
reference_url https://access.redhat.com/errata/RHSA-2025:1813
reference_id RHSA-2025:1813
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:1813
41
reference_url https://usn.ubuntu.com/6473-1/
reference_id USN-6473-1
reference_type
scores
url https://usn.ubuntu.com/6473-1/
42
reference_url https://usn.ubuntu.com/6473-2/
reference_id USN-6473-2
reference_type
scores
url https://usn.ubuntu.com/6473-2/
43
reference_url https://usn.ubuntu.com/7762-1/
reference_id USN-7762-1
reference_type
scores
url https://usn.ubuntu.com/7762-1/
fixed_packages
0
url pkg:apk/alpine/py3-urllib3@1.26.18-r0?arch=ppc64le&distroversion=v3.15&reponame=main
purl pkg:apk/alpine/py3-urllib3@1.26.18-r0?arch=ppc64le&distroversion=v3.15&reponame=main
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/py3-urllib3@1.26.18-r0%3Farch=ppc64le&distroversion=v3.15&reponame=main
aliases CVE-2023-45803, GHSA-g4mx-q9vg-27p4, PYSEC-2023-212
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-4evk-srqq-fuef
Risk_scorenull
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:apk/alpine/py3-urllib3@1.26.18-r0%3Farch=ppc64le&distroversion=v3.15&reponame=main