Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:pypi/ipsilon@1.2.1
Typepypi
Namespace
Nameipsilon
Version1.2.1
Qualifiers
Subpath
Is_vulnerablefalse
Next_non_vulnerable_version2.0.2
Latest_non_vulnerable_version2.0.2
Affected_by_vulnerabilities
Fixing_vulnerabilities
0
url VCID-j7c7-5cjw-wqf9
vulnerability_id VCID-j7c7-5cjw-wqf9
summary 
Session Fixation
A vulnerability in ipsilon 2.0 before 2.0.2, 1.2 before 1.2.1, 1.1 before 1.1.2, and 1.0 before 1.0.3 was found that allows attacker to log out active sessions of other users. This issue is related to how it tracks sessions, and allows an unauthenticated attacker to view and terminate active sessions from other users. It is also called a "SAML2 multi-session vulnerability."
references
0
reference_url http://rhn.redhat.com/errata/RHSA-2016-2809.html
reference_id
reference_type
scores
url http://rhn.redhat.com/errata/RHSA-2016-2809.html
1
reference_url https://access.redhat.com/errata/RHSA-2016:2809
reference_id
reference_type
scores
url https://access.redhat.com/errata/RHSA-2016:2809
2
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1392829
reference_id
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1392829
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-8638
reference_id
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-8638
4
reference_url https://ipsilon-project.org/release/2.1.0.html
reference_id
reference_type
scores
url https://ipsilon-project.org/release/2.1.0.html
5
reference_url https://pagure.io/ipsilon/c/511fa8b7001c2f9a42301aa1d4b85aaf170a461c
reference_id
reference_type
scores
url https://pagure.io/ipsilon/c/511fa8b7001c2f9a42301aa1d4b85aaf170a461c
6
reference_url http://www.securityfocus.com/bid/94439
reference_id
reference_type
scores
url http://www.securityfocus.com/bid/94439
7
reference_url https://access.redhat.com/security/cve/CVE-2016-8638
reference_id CVE-2016-8638
reference_type
scores
url https://access.redhat.com/security/cve/CVE-2016-8638
8
reference_url https://nvd.nist.gov/vuln/detail/CVE-2016-8638
reference_id CVE-2016-8638
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2016-8638
9
reference_url https://ipsilon-project.org/advisory/CVE-2016-8638.txt
reference_id CVE-2016-8638.TXT
reference_type
scores
url https://ipsilon-project.org/advisory/CVE-2016-8638.txt
10
reference_url https://github.com/advisories/GHSA-376m-3rm2-9jm6
reference_id GHSA-376m-3rm2-9jm6
reference_type
scores
url https://github.com/advisories/GHSA-376m-3rm2-9jm6
fixed_packages
0
url pkg:pypi/ipsilon@1.0.3
purl pkg:pypi/ipsilon@1.0.3
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/ipsilon@1.0.3
1
url pkg:pypi/ipsilon@1.1.2
purl pkg:pypi/ipsilon@1.1.2
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/ipsilon@1.1.2
2
url pkg:pypi/ipsilon@1.2.1
purl pkg:pypi/ipsilon@1.2.1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/ipsilon@1.2.1
3
url pkg:pypi/ipsilon@2.0.2
purl pkg:pypi/ipsilon@2.0.2
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/ipsilon@2.0.2
aliases CVE-2016-8638, GHSA-376m-3rm2-9jm6
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-j7c7-5cjw-wqf9
Risk_scorenull
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:pypi/ipsilon@1.2.1