Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:nuget/CefSharp.Common.NETCore@100.0.140
Typenuget
Namespace
NameCefSharp.Common.NETCore
Version100.0.140
Qualifiers
Subpath
Is_vulnerabletrue
Next_non_vulnerable_version117.2.20
Latest_non_vulnerable_version117.2.20
Affected_by_vulnerabilities
0
url VCID-1j1f-verc-bqb3
vulnerability_id VCID-1j1f-verc-bqb3
summary Improper Neutralization in CefSharp.Common.NETCore.
references
0
reference_url https://github.com/cefsharp/CefSharp
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/cefsharp/CefSharp
1
reference_url https://github.com/cefsharp/CefSharp/commit/45e66f7c0f9094f2fd81ab57b37a9ed9576b51b8
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/cefsharp/CefSharp/commit/45e66f7c0f9094f2fd81ab57b37a9ed9576b51b8
2
reference_url https://github.com/advisories/GHSA-4c29-gfrp-g6x9
reference_id GHSA-4c29-gfrp-g6x9
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-4c29-gfrp-g6x9
3
reference_url https://github.com/cefsharp/CefSharp/security/advisories/GHSA-4c29-gfrp-g6x9
reference_id GHSA-4c29-gfrp-g6x9
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/cefsharp/CefSharp/security/advisories/GHSA-4c29-gfrp-g6x9
fixed_packages
0
url pkg:nuget/CefSharp.Common.NETCore@117.2.20
purl pkg:nuget/CefSharp.Common.NETCore@117.2.20
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:nuget/CefSharp.Common.NETCore@117.2.20
aliases GHSA-4c29-gfrp-g6x9, GMS-2023-3094, GMS-2023-3096
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-1j1f-verc-bqb3
1
url VCID-mkgf-y94b-uuae
vulnerability_id VCID-mkgf-y94b-uuae
summary 
CefSharp affected by heap buffer overflow in WebP
**Google is aware that an exploit for [CVE-2023-4863](https://www.cve.org/CVERecord?id=CVE-2023-4863) exists in the wild.**

### Description

Heap buffer overflow in WebP in Google Chrome prior to 116.0.5845.187 allowed a remote attacker to perform an out-of-bounds memory write via a crafted HTML page. (Chromium security severity: Critical)

### References

- https://www.cve.org/CVERecord?id=CVE-2023-4863
- https://nvd.nist.gov/vuln/detail/CVE-2023-4863
- https://www.techtarget.com/searchsecurity/news/366551978/Browser-companies-patch-critical-zero-day-vulnerability
references
0
reference_url https://github.com/cefsharp/CefSharp
reference_id
reference_type
scores
0
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/cefsharp/CefSharp
1
reference_url https://github.com/cefsharp/CefSharp/commit/f2890ba66170afb0bf742839febe4d20449f758c
reference_id
reference_type
scores
0
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/cefsharp/CefSharp/commit/f2890ba66170afb0bf742839febe4d20449f758c
2
reference_url https://github.com/cefsharp/CefSharp/releases/tag/v116.0.230
reference_id
reference_type
scores
0
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/cefsharp/CefSharp/releases/tag/v116.0.230
3
reference_url https://github.com/advisories/GHSA-j646-gj5p-p45g
reference_id GHSA-j646-gj5p-p45g
reference_type
scores
0
value CRITICAL
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-j646-gj5p-p45g
4
reference_url https://github.com/cefsharp/CefSharp/security/advisories/GHSA-j646-gj5p-p45g
reference_id GHSA-j646-gj5p-p45g
reference_type
scores
0
value CRITICAL
scoring_system cvssv3.1_qr
scoring_elements
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/cefsharp/CefSharp/security/advisories/GHSA-j646-gj5p-p45g
fixed_packages
0
url pkg:nuget/CefSharp.Common.NETCore@116.0.230
purl pkg:nuget/CefSharp.Common.NETCore@116.0.230
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1j1f-verc-bqb3
resource_url http://public2.vulnerablecode.io/packages/pkg:nuget/CefSharp.Common.NETCore@116.0.230
aliases GHSA-j646-gj5p-p45g, GMS-2023-2464, GMS-2023-2465
risk_score 4.5
exploitability 0.5
weighted_severity 9.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-mkgf-y94b-uuae
Fixing_vulnerabilities
Risk_score4.5
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:nuget/CefSharp.Common.NETCore@100.0.140