Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:maven/org.apache.ignite/ignite-core@1.0.0
Typemaven
Namespaceorg.apache.ignite
Nameignite-core
Version1.0.0
Qualifiers
Subpath
Is_vulnerabletrue
Next_non_vulnerable_version1.9.0
Latest_non_vulnerable_version2.6.0
Affected_by_vulnerabilities
0
url VCID-nfsq-9tkw-tqcs
vulnerability_id VCID-nfsq-9tkw-tqcs
summary 
Improper Input Validation
Spring Data Commons contains a property binder vulnerability caused by improper neutralization of special elements. An unauthenticated remote malicious user (or attacker) can supply specially crafted request parameters against Spring Data REST backed HTTP resources or using Spring Data's projection-based request payload binding hat can lead to a remote code execution attack.
references
0
reference_url https://nvd.nist.gov/vuln/detail/CVE-2018-1273
reference_id CVE-2018-1273
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2018-1273
1
reference_url https://pivotal.io/security/cve-2018-1273
reference_id CVE-2018-1273
reference_type
scores
url https://pivotal.io/security/cve-2018-1273
fixed_packages
0
url pkg:maven/org.apache.ignite/ignite-core@2.6.0
purl pkg:maven/org.apache.ignite/ignite-core@2.6.0
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.ignite/ignite-core@2.6.0
aliases CVE-2018-1273
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-nfsq-9tkw-tqcs
Fixing_vulnerabilities
Risk_scorenull
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:maven/org.apache.ignite/ignite-core@1.0.0