Django REST framework

Lookup for vulnerabilities affecting packages.

Vulnerability_id VCID-84eq-cq89-9qhm

Summary

Modification of Assumed-Immutable Data (MAID)
Prototype pollution attack through jQuery $.extend

Aliases

alias	CVE-2019-11358

alias	GHSA-6c3j-c64m-qhgq

Fixed_packages

url pkg:composer/drupal/core@8.0.0

purl pkg:composer/drupal/core@8.0.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2989-fmjz-nkby

vulnerability	VCID-2fas-m6vh-myhc

vulnerability	VCID-2t34-82p3-73c3

vulnerability	VCID-31qy-vagp-83b6

vulnerability	VCID-3xk4-qwaq-5yaj

vulnerability	VCID-4dpp-gg2v-q3et

vulnerability	VCID-56ze-2yw2-bfh8

vulnerability	VCID-5c5c-m7ba-kqct

vulnerability	VCID-7v89-2sss-hfaz

vulnerability	VCID-9nk8-dban-g7h9

vulnerability	VCID-a3s2-c4k2-4ufn

vulnerability	VCID-a4u4-ga84-wyf9

vulnerability	VCID-a7ss-tkb6-gkge

vulnerability	VCID-ah3h-t9qa-gudr

vulnerability	VCID-ard5-3cjv-1beu

vulnerability	VCID-asm8-guag-b3ep

vulnerability	VCID-avmn-kqky-83dd

vulnerability	VCID-ay6b-1a7z-qkas

vulnerability	VCID-bq2j-t19h-zyad

vulnerability	VCID-dav9-pgdh-8yey

vulnerability	VCID-dyhz-g3nv-yuc3

vulnerability	VCID-e12q-qavs-qybu

vulnerability	VCID-e8un-nbkk-cbf9

vulnerability	VCID-egtv-y9w1-skgr

vulnerability	VCID-jrhg-3271-tqdy

vulnerability	VCID-kzrs-mrga-nyej

vulnerability	VCID-mm13-6dhq-nqfb

vulnerability	VCID-myja-t33q-q3cv

vulnerability	VCID-nacy-y1qt-5yhb

vulnerability	VCID-ng6g-hvc2-bkg4

vulnerability	VCID-p54u-b18k-jyft

vulnerability	VCID-pgnc-fq4m-3kaz

vulnerability	VCID-pmmq-8s2m-h7dp

vulnerability	VCID-pnme-dc73-efcb

vulnerability	VCID-qsuc-53pg-zkda

vulnerability	VCID-rd4g-h1j9-23cb

vulnerability	VCID-rsc6-y1uv-6bfq

vulnerability	VCID-t89y-c9hq-9bhk

vulnerability	VCID-ta99-gcmk-2qc8

vulnerability	VCID-tpzm-u3qp-akc8

vulnerability	VCID-w4ks-ufnz-vfav

vulnerability	VCID-wapd-e3mu-sffn

vulnerability	VCID-wsv7-je8g-sqet

vulnerability	VCID-wszp-2es5-z7fy

vulnerability	VCID-x34m-u169-1bce

vulnerability	VCID-y1nb-prqc-suaj

vulnerability	VCID-yq4q-hydz-vuga

vulnerability	VCID-yygb-pp11-5udj

vulnerability	VCID-zqer-y4s4-hqhy

resource_url http://public2.vulnerablecode.io/packages/pkg:composer/drupal/core@8.0.0

url	pkg:composer/drupal/core@8.5.15
purl	pkg:composer/drupal/core@8.5.15
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:composer/drupal/core@8.5.15

url	pkg:composer/drupal/core@8.6.15
purl	pkg:composer/drupal/core@8.6.15
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:composer/drupal/core@8.6.15

url	pkg:composer/maximebf/debugbar@1.19.0
purl	pkg:composer/maximebf/debugbar@1.19.0
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:composer/maximebf/debugbar@1.19.0

url	pkg:gem/jquery-rails@4.3.4
purl	pkg:gem/jquery-rails@4.3.4
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:gem/jquery-rails@4.3.4

url	pkg:gem/rdoc@6.1.2
purl	pkg:gem/rdoc@6.1.2
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:gem/rdoc@6.1.2

url	pkg:maven/org.webjars.npm/jquery@3.4.0
purl	pkg:maven/org.webjars.npm/jquery@3.4.0
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:maven/org.webjars.npm/jquery@3.4.0

url	pkg:npm/jquery@3.4.0
purl	pkg:npm/jquery@3.4.0
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:npm/jquery@3.4.0

url	pkg:nuget/jQuery@3.4.0
purl	pkg:nuget/jQuery@3.4.0
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:nuget/jQuery@3.4.0

url pkg:pypi/django@2.1.9

purl pkg:pypi/django@2.1.9

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-3mfy-uj9u-d7de

vulnerability	VCID-9mpt-zxaw-kkeg

vulnerability	VCID-c3m7-fu62-2qd9

vulnerability	VCID-g44a-m54u-97cr

vulnerability	VCID-gfar-wbzc-3ubr

vulnerability	VCID-pgtx-cdua-kfb4

vulnerability	VCID-yreb-z7nz-jkbs

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@2.1.9

url pkg:pypi/django@2.2.2

purl pkg:pypi/django@2.2.2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-3mfy-uj9u-d7de

vulnerability	VCID-4cp2-k4mn-8ffj

vulnerability	VCID-51tx-4tp9-kbcz

vulnerability	VCID-5q58-pzt4-8uey

vulnerability	VCID-6jpg-yrf8-cufy

vulnerability	VCID-9end-mq19-rke5

vulnerability	VCID-9mpt-zxaw-kkeg

vulnerability	VCID-attf-6gj8-ebaj

vulnerability	VCID-c3m7-fu62-2qd9

vulnerability	VCID-drwp-htkk-bkfh

vulnerability	VCID-fhp8-tck4-mye4

vulnerability	VCID-fksk-pr23-2yd8

vulnerability	VCID-g44a-m54u-97cr

vulnerability	VCID-gfar-wbzc-3ubr

vulnerability	VCID-hh9b-52xn-z7a9

vulnerability	VCID-j81e-su1y-tqa6

vulnerability	VCID-m4wa-xv9b-q7ce

vulnerability	VCID-n9vn-4uxr-hkau

vulnerability	VCID-na9w-xkvx-cbhd

vulnerability	VCID-nss9-1yrb-x7f2

vulnerability	VCID-pgtx-cdua-kfb4

vulnerability	VCID-q8r2-m9s6-rbek

vulnerability	VCID-qvfs-2v1h-p3h4

vulnerability	VCID-u9q1-63gf-7feh

vulnerability	VCID-vdpf-jddk-syda

vulnerability	VCID-yreb-z7nz-jkbs

vulnerability	VCID-z4x1-e7tp-rqhz

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@2.2.2

Affected_packages

url pkg:composer/drupal/core@7.0.0

purl pkg:composer/drupal/core@7.0.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2g67-a42m-qfbh

vulnerability	VCID-6rtn-zphz-sydn

vulnerability	VCID-84eq-cq89-9qhm

vulnerability	VCID-9nk8-dban-g7h9

vulnerability	VCID-a3s2-c4k2-4ufn

vulnerability	VCID-a4u4-ga84-wyf9

vulnerability	VCID-a7ss-tkb6-gkge

vulnerability	VCID-bge7-rqsx-gfee

vulnerability	VCID-e12q-qavs-qybu

vulnerability	VCID-e69p-v2ws-vufj

vulnerability	VCID-e8un-nbkk-cbf9

vulnerability	VCID-ey9c-4yhy-3qa5

vulnerability	VCID-mscp-wvvx-zfh3

vulnerability	VCID-n5n3-p5yy-13d9

vulnerability	VCID-pmmq-8s2m-h7dp

vulnerability	VCID-qsuc-53pg-zkda

vulnerability	VCID-tpzm-u3qp-akc8

vulnerability	VCID-wsv7-je8g-sqet

vulnerability	VCID-wszp-2es5-z7fy

vulnerability	VCID-x34m-u169-1bce

vulnerability	VCID-yygb-pp11-5udj

resource_url http://public2.vulnerablecode.io/packages/pkg:composer/drupal/core@7.0.0

url pkg:composer/drupal/core@8.5.0

purl pkg:composer/drupal/core@8.5.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-4dpp-gg2v-q3et

vulnerability	VCID-84eq-cq89-9qhm

vulnerability	VCID-a4u4-ga84-wyf9

vulnerability	VCID-e69p-v2ws-vufj

vulnerability	VCID-pmmq-8s2m-h7dp

vulnerability	VCID-y1nb-prqc-suaj

resource_url http://public2.vulnerablecode.io/packages/pkg:composer/drupal/core@8.5.0

url pkg:composer/drupal/core@8.6.0

purl pkg:composer/drupal/core@8.6.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-6c6t-kmb3-2qcm

vulnerability	VCID-84eq-cq89-9qhm

vulnerability	VCID-9nk8-dban-g7h9

vulnerability	VCID-e69p-v2ws-vufj

resource_url http://public2.vulnerablecode.io/packages/pkg:composer/drupal/core@8.6.0

url pkg:maven/org.webjars.npm/jquery@1.1.4

purl pkg:maven/org.webjars.npm/jquery@1.1.4

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-84eq-cq89-9qhm

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.webjars.npm/jquery@1.1.4

url pkg:npm/jquery@1.1.4

purl pkg:npm/jquery@1.1.4

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-84eq-cq89-9qhm

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/jquery@1.1.4

url pkg:nuget/jQuery@1.1.4

purl pkg:nuget/jQuery@1.1.4

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-84eq-cq89-9qhm

resource_url http://public2.vulnerablecode.io/packages/pkg:nuget/jQuery@1.1.4

url pkg:pypi/django@2.0a1

purl pkg:pypi/django@2.0a1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-84eq-cq89-9qhm

vulnerability	VCID-9mpt-zxaw-kkeg

vulnerability	VCID-c58g-7jpv-t7hc

vulnerability	VCID-f1br-hvnm-wfdg

vulnerability	VCID-wch3-d92x-sudf

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@2.0a1

url pkg:pypi/django@2.2a1

purl pkg:pypi/django@2.2a1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-6jpg-yrf8-cufy

vulnerability	VCID-84eq-cq89-9qhm

vulnerability	VCID-9mpt-zxaw-kkeg

vulnerability	VCID-kbab-v2gz-dfe6

vulnerability	VCID-n9vn-4uxr-hkau

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@2.2a1

References

reference_url	https://access.redhat.com/errata/RHBA-2019:1570
reference_id
reference_type
scores
url	https://access.redhat.com/errata/RHBA-2019:1570

reference_url	https://access.redhat.com/errata/RHSA-2019:1456
reference_id
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2019:1456

reference_url	https://access.redhat.com/errata/RHSA-2019:2587
reference_id
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2019:2587

reference_url	https://access.redhat.com/errata/RHSA-2019:3023
reference_id
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2019:3023

reference_url	https://access.redhat.com/errata/RHSA-2019:3024
reference_id
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2019:3024

reference_url	https://backdropcms.org/security/backdrop-sa-core-2019-009
reference_id
reference_type
scores
url	https://backdropcms.org/security/backdrop-sa-core-2019-009

reference_url	https://blog.jquery.com/2019/04/10/jquery-3-4-0-released
reference_id
reference_type
scores
url	https://blog.jquery.com/2019/04/10/jquery-3-4-0-released

reference_url	https://blog.jquery.com/2019/04/10/jquery-3-4-0-released/
reference_id
reference_type
scores
url	https://blog.jquery.com/2019/04/10/jquery-3-4-0-released/

reference_url	https://github.com/django/django/commit/34ec52269ade54af31a021b12969913129571a3f
reference_id
reference_type
scores
url	https://github.com/django/django/commit/34ec52269ade54af31a021b12969913129571a3f

reference_url	https://github.com/django/django/commit/95649bc08547a878cebfa1d019edec8cb1b80829
reference_id
reference_type
scores
url	https://github.com/django/django/commit/95649bc08547a878cebfa1d019edec8cb1b80829

reference_url	https://github.com/django/django/commit/baaf187a4e354bf3976c51e2c83a0d2f8ee6e6ad
reference_id
reference_type
scores
url	https://github.com/django/django/commit/baaf187a4e354bf3976c51e2c83a0d2f8ee6e6ad

reference_url	https://github.com/jquery/jquery
reference_id
reference_type
scores
url	https://github.com/jquery/jquery

reference_url	https://github.com/jquery/jquery/commit/753d591aea698e57d6db58c9f722cd0808619b1b
reference_id
reference_type
scores
url	https://github.com/jquery/jquery/commit/753d591aea698e57d6db58c9f722cd0808619b1b

reference_url	https://github.com/jquery/jquery/pull/4333
reference_id
reference_type
scores
url	https://github.com/jquery/jquery/pull/4333

reference_url	https://github.com/maximebf/php-debugbar/commit/847216e60544258c881f2733d699bbcfeefac0fc
reference_id
reference_type
scores
url	https://github.com/maximebf/php-debugbar/commit/847216e60544258c881f2733d699bbcfeefac0fc

reference_url	https://github.com/maximebf/php-debugbar/issues/447
reference_id
reference_type
scores
url	https://github.com/maximebf/php-debugbar/issues/447

reference_url	https://github.com/rails/jquery-rails/blob/master/CHANGELOG.md#434
reference_id
reference_type
scores
url	https://github.com/rails/jquery-rails/blob/master/CHANGELOG.md#434

reference_url

https://hackerone.com/reports/454365

reference_id

reference_type

scores

value	5.6
scoring_system	cvssv3
scoring_elements

url

https://hackerone.com/reports/454365

reference_url	https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44601
reference_id
reference_type
scores
url	https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44601

reference_url	https://lists.apache.org/thread.html/08720ef215ee7ab3386c05a1a90a7d1c852bf0706f176a7816bf65fc@%3Ccommits.airflow.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/08720ef215ee7ab3386c05a1a90a7d1c852bf0706f176a7816bf65fc@%3Ccommits.airflow.apache.org%3E

reference_url	https://lists.apache.org/thread.html/08720ef215ee7ab3386c05a1a90a7d1c852bf0706f176a7816bf65fc%40%3Ccommits.airflow.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/08720ef215ee7ab3386c05a1a90a7d1c852bf0706f176a7816bf65fc%40%3Ccommits.airflow.apache.org%3E

reference_url	https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f@%3Cdev.drill.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f@%3Cdev.drill.apache.org%3E

reference_url	https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f%40%3Cdev.drill.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f%40%3Cdev.drill.apache.org%3E

reference_url	https://lists.apache.org/thread.html/5928aa293e39d248266472210c50f176cac1535220f2486e6a7fa844@%3Ccommits.airflow.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/5928aa293e39d248266472210c50f176cac1535220f2486e6a7fa844@%3Ccommits.airflow.apache.org%3E

reference_url	https://lists.apache.org/thread.html/5928aa293e39d248266472210c50f176cac1535220f2486e6a7fa844%40%3Ccommits.airflow.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/5928aa293e39d248266472210c50f176cac1535220f2486e6a7fa844%40%3Ccommits.airflow.apache.org%3E

reference_url	https://lists.apache.org/thread.html/6097cdbd6f0a337bedd9bb5cc441b2d525ff002a96531de367e4259f@%3Ccommits.airflow.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/6097cdbd6f0a337bedd9bb5cc441b2d525ff002a96531de367e4259f@%3Ccommits.airflow.apache.org%3E

reference_url	https://lists.apache.org/thread.html/6097cdbd6f0a337bedd9bb5cc441b2d525ff002a96531de367e4259f%40%3Ccommits.airflow.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/6097cdbd6f0a337bedd9bb5cc441b2d525ff002a96531de367e4259f%40%3Ccommits.airflow.apache.org%3E

reference_url	https://lists.apache.org/thread.html/88fb0362fd40e5b605ea8149f63241537b8b6fb5bfa315391fc5cbb7@%3Ccommits.airflow.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/88fb0362fd40e5b605ea8149f63241537b8b6fb5bfa315391fc5cbb7@%3Ccommits.airflow.apache.org%3E

reference_url	https://lists.apache.org/thread.html/88fb0362fd40e5b605ea8149f63241537b8b6fb5bfa315391fc5cbb7%40%3Ccommits.airflow.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/88fb0362fd40e5b605ea8149f63241537b8b6fb5bfa315391fc5cbb7%40%3Ccommits.airflow.apache.org%3E

reference_url	https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442@%3Cdev.drill.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442@%3Cdev.drill.apache.org%3E

reference_url	https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442%40%3Cdev.drill.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442%40%3Cdev.drill.apache.org%3E

reference_url	https://lists.apache.org/thread.html/b736d0784cf02f5a30fbb4c5902762a15ad6d47e17e2c5a17b7d6205@%3Ccommits.airflow.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/b736d0784cf02f5a30fbb4c5902762a15ad6d47e17e2c5a17b7d6205@%3Ccommits.airflow.apache.org%3E

reference_url	https://lists.apache.org/thread.html/b736d0784cf02f5a30fbb4c5902762a15ad6d47e17e2c5a17b7d6205%40%3Ccommits.airflow.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/b736d0784cf02f5a30fbb4c5902762a15ad6d47e17e2c5a17b7d6205%40%3Ccommits.airflow.apache.org%3E

reference_url	https://lists.apache.org/thread.html/ba79cf1658741e9f146e4c59b50aee56656ea95d841d358d006c18b6@%3Ccommits.roller.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/ba79cf1658741e9f146e4c59b50aee56656ea95d841d358d006c18b6@%3Ccommits.roller.apache.org%3E

reference_url	https://lists.apache.org/thread.html/ba79cf1658741e9f146e4c59b50aee56656ea95d841d358d006c18b6%40%3Ccommits.roller.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/ba79cf1658741e9f146e4c59b50aee56656ea95d841d358d006c18b6%40%3Ccommits.roller.apache.org%3E

reference_url	https://lists.apache.org/thread.html/bcce5a9c532b386c68dab2f6b3ce8b0cc9b950ec551766e76391caa3@%3Ccommits.nifi.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/bcce5a9c532b386c68dab2f6b3ce8b0cc9b950ec551766e76391caa3@%3Ccommits.nifi.apache.org%3E

reference_url	https://lists.apache.org/thread.html/bcce5a9c532b386c68dab2f6b3ce8b0cc9b950ec551766e76391caa3%40%3Ccommits.nifi.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/bcce5a9c532b386c68dab2f6b3ce8b0cc9b950ec551766e76391caa3%40%3Ccommits.nifi.apache.org%3E

reference_url	https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc@%3Cissues.drill.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc@%3Cissues.drill.apache.org%3E

reference_url	https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc%40%3Cissues.drill.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc%40%3Cissues.drill.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r2041a75d3fc09dec55adfd95d598b38d22715303f65c997c054844c9@%3Cissues.flink.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r2041a75d3fc09dec55adfd95d598b38d22715303f65c997c054844c9@%3Cissues.flink.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r2041a75d3fc09dec55adfd95d598b38d22715303f65c997c054844c9%40%3Cissues.flink.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r2041a75d3fc09dec55adfd95d598b38d22715303f65c997c054844c9%40%3Cissues.flink.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r2baacab6e0acb5a2092eb46ae04fd6c3e8277b4fd79b1ffb7f3254fa@%3Cissues.flink.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r2baacab6e0acb5a2092eb46ae04fd6c3e8277b4fd79b1ffb7f3254fa@%3Cissues.flink.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r2baacab6e0acb5a2092eb46ae04fd6c3e8277b4fd79b1ffb7f3254fa%40%3Cissues.flink.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r2baacab6e0acb5a2092eb46ae04fd6c3e8277b4fd79b1ffb7f3254fa%40%3Cissues.flink.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r38f0d1aa3c923c22977fe7376508f030f22e22c1379fbb155bf29766@%3Cdev.syncope.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r38f0d1aa3c923c22977fe7376508f030f22e22c1379fbb155bf29766@%3Cdev.syncope.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r38f0d1aa3c923c22977fe7376508f030f22e22c1379fbb155bf29766%40%3Cdev.syncope.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r38f0d1aa3c923c22977fe7376508f030f22e22c1379fbb155bf29766%40%3Cdev.syncope.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r41b5bfe009c845f67d4f68948cc9419ac2d62e287804aafd72892b08@%3Cissues.flink.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r41b5bfe009c845f67d4f68948cc9419ac2d62e287804aafd72892b08@%3Cissues.flink.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r41b5bfe009c845f67d4f68948cc9419ac2d62e287804aafd72892b08%40%3Cissues.flink.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r41b5bfe009c845f67d4f68948cc9419ac2d62e287804aafd72892b08%40%3Cissues.flink.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r7aac081cbddb6baa24b75e74abf0929bf309b176755a53e3ed810355@%3Cdev.flink.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r7aac081cbddb6baa24b75e74abf0929bf309b176755a53e3ed810355@%3Cdev.flink.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r7aac081cbddb6baa24b75e74abf0929bf309b176755a53e3ed810355%40%3Cdev.flink.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r7aac081cbddb6baa24b75e74abf0929bf309b176755a53e3ed810355%40%3Cdev.flink.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r7d64895cc4dff84d0becfc572b20c0e4bf9bfa7b10c6f5f73e783734@%3Cdev.storm.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r7d64895cc4dff84d0becfc572b20c0e4bf9bfa7b10c6f5f73e783734@%3Cdev.storm.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r7d64895cc4dff84d0becfc572b20c0e4bf9bfa7b10c6f5f73e783734%40%3Cdev.storm.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r7d64895cc4dff84d0becfc572b20c0e4bf9bfa7b10c6f5f73e783734%40%3Cdev.storm.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r7e8ebccb7c022e41295f6fdb7b971209b83702339f872ddd8cf8bf73@%3Cissues.flink.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r7e8ebccb7c022e41295f6fdb7b971209b83702339f872ddd8cf8bf73@%3Cissues.flink.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r7e8ebccb7c022e41295f6fdb7b971209b83702339f872ddd8cf8bf73%40%3Cissues.flink.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r7e8ebccb7c022e41295f6fdb7b971209b83702339f872ddd8cf8bf73%40%3Cissues.flink.apache.org%3E

reference_url	https://lists.apache.org/thread.html/rac25da84ecdcd36f6de5ad0d255f4e967209bbbebddb285e231da37d@%3Cissues.flink.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/rac25da84ecdcd36f6de5ad0d255f4e967209bbbebddb285e231da37d@%3Cissues.flink.apache.org%3E

reference_url	https://lists.apache.org/thread.html/rac25da84ecdcd36f6de5ad0d255f4e967209bbbebddb285e231da37d%40%3Cissues.flink.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/rac25da84ecdcd36f6de5ad0d255f4e967209bbbebddb285e231da37d%40%3Cissues.flink.apache.org%3E

reference_url	https://lists.apache.org/thread.html/rca37935d661f4689cb4119f1b3b224413b22be161b678e6e6ce0c69b@%3Ccommits.nifi.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/rca37935d661f4689cb4119f1b3b224413b22be161b678e6e6ce0c69b@%3Ccommits.nifi.apache.org%3E

reference_url	https://lists.apache.org/thread.html/rca37935d661f4689cb4119f1b3b224413b22be161b678e6e6ce0c69b%40%3Ccommits.nifi.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/rca37935d661f4689cb4119f1b3b224413b22be161b678e6e6ce0c69b%40%3Ccommits.nifi.apache.org%3E

reference_url	https://lists.debian.org/debian-lts-announce/2019/05/msg00006.html
reference_id
reference_type
scores
url	https://lists.debian.org/debian-lts-announce/2019/05/msg00006.html

reference_url	https://lists.debian.org/debian-lts-announce/2019/05/msg00029.html
reference_id
reference_type
scores
url	https://lists.debian.org/debian-lts-announce/2019/05/msg00029.html

reference_url	https://lists.debian.org/debian-lts-announce/2020/02/msg00024.html
reference_id
reference_type
scores
url	https://lists.debian.org/debian-lts-announce/2020/02/msg00024.html

reference_url	https://lists.debian.org/debian-lts-announce/2023/08/msg00040.html
reference_id
reference_type
scores
url	https://lists.debian.org/debian-lts-announce/2023/08/msg00040.html

reference_url	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4UOAZIFCSZ3ENEFOR5IXX6NFAD3HV7FA
reference_id
reference_type
scores
url	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4UOAZIFCSZ3ENEFOR5IXX6NFAD3HV7FA

reference_url	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5IABSKTYZ5JUGL735UKGXL5YPRYOPUYI
reference_id
reference_type
scores
url	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5IABSKTYZ5JUGL735UKGXL5YPRYOPUYI

reference_url	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KYH3OAGR2RTCHRA5NOKX2TES7SNQMWGO
reference_id
reference_type
scores
url	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KYH3OAGR2RTCHRA5NOKX2TES7SNQMWGO

reference_url	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QV3PKZC3PQCO3273HAT76PAQZFBEO4KP
reference_id
reference_type
scores
url	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QV3PKZC3PQCO3273HAT76PAQZFBEO4KP

reference_url	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RLXRX23725JL366CNZGJZ7AQQB7LHQ6F
reference_id
reference_type
scores
url	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RLXRX23725JL366CNZGJZ7AQQB7LHQ6F

reference_url	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WZW27UCJ5CYFL4KFFFMYMIBNMIU2ALG5
reference_id
reference_type
scores
url	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WZW27UCJ5CYFL4KFFFMYMIBNMIU2ALG5

reference_url	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4UOAZIFCSZ3ENEFOR5IXX6NFAD3HV7FA
reference_id
reference_type
scores
url	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4UOAZIFCSZ3ENEFOR5IXX6NFAD3HV7FA

reference_url	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5IABSKTYZ5JUGL735UKGXL5YPRYOPUYI
reference_id
reference_type
scores
url	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5IABSKTYZ5JUGL735UKGXL5YPRYOPUYI

reference_url	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KYH3OAGR2RTCHRA5NOKX2TES7SNQMWGO
reference_id
reference_type
scores
url	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KYH3OAGR2RTCHRA5NOKX2TES7SNQMWGO

reference_url	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QV3PKZC3PQCO3273HAT76PAQZFBEO4KP
reference_id
reference_type
scores
url	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QV3PKZC3PQCO3273HAT76PAQZFBEO4KP

reference_url	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RLXRX23725JL366CNZGJZ7AQQB7LHQ6F
reference_id
reference_type
scores
url	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RLXRX23725JL366CNZGJZ7AQQB7LHQ6F

reference_url	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WZW27UCJ5CYFL4KFFFMYMIBNMIU2ALG5
reference_id
reference_type
scores
url	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WZW27UCJ5CYFL4KFFFMYMIBNMIU2ALG5

reference_url	https://seclists.org/bugtraq/2019/Apr/32
reference_id
reference_type
scores
url	https://seclists.org/bugtraq/2019/Apr/32

reference_url	https://seclists.org/bugtraq/2019/Jun/12
reference_id
reference_type
scores
url	https://seclists.org/bugtraq/2019/Jun/12

reference_url	https://seclists.org/bugtraq/2019/May/18
reference_id
reference_type
scores
url	https://seclists.org/bugtraq/2019/May/18

reference_url	https://security.netapp.com/advisory/ntap-20190919-0001
reference_id
reference_type
scores
url	https://security.netapp.com/advisory/ntap-20190919-0001

reference_url	https://security.snyk.io/vuln/SNYK-DOTNET-JQUERY-450226
reference_id
reference_type
scores
url	https://security.snyk.io/vuln/SNYK-DOTNET-JQUERY-450226

reference_url	https://snyk.io/vuln/SNYK-JS-JQUERY-174006
reference_id
reference_type
scores
url	https://snyk.io/vuln/SNYK-JS-JQUERY-174006

reference_url	https://supportportal.juniper.net/s/article/2021-07-Security-Bulletin-Junos-OS-Multiple-J-Web-vulnerabilities-resolved-in-Junos-OS-21-2R1
reference_id
reference_type
scores
url	https://supportportal.juniper.net/s/article/2021-07-Security-Bulletin-Junos-OS-Multiple-J-Web-vulnerabilities-resolved-in-Junos-OS-21-2R1

reference_url	https://web.archive.org/web/20190824065237/http://www.securityfocus.com/bid/108023
reference_id
reference_type
scores
url	https://web.archive.org/web/20190824065237/http://www.securityfocus.com/bid/108023

reference_url	https://www.debian.org/security/2019/dsa-4434
reference_id
reference_type
scores
url	https://www.debian.org/security/2019/dsa-4434

reference_url	https://www.debian.org/security/2019/dsa-4460
reference_id
reference_type
scores
url	https://www.debian.org/security/2019/dsa-4460

reference_url	https://www.djangoproject.com/weblog/2019/jun/03/security-releases
reference_id
reference_type
scores
url	https://www.djangoproject.com/weblog/2019/jun/03/security-releases

reference_url	https://www.drupal.org/sa-core-2019-006
reference_id
reference_type
scores
url	https://www.drupal.org/sa-core-2019-006

reference_url	https://www.oracle.com/security-alerts/cpuapr2020.html
reference_id
reference_type
scores
url	https://www.oracle.com/security-alerts/cpuapr2020.html

reference_url	https://www.oracle.com/security-alerts/cpuApr2021.html
reference_id
reference_type
scores
url	https://www.oracle.com/security-alerts/cpuApr2021.html

reference_url	https://www.oracle.com/security-alerts/cpujan2020.html
reference_id
reference_type
scores
url	https://www.oracle.com/security-alerts/cpujan2020.html

reference_url	https://www.oracle.com/security-alerts/cpujan2021.html
reference_id
reference_type
scores
url	https://www.oracle.com/security-alerts/cpujan2021.html

reference_url	https://www.oracle.com/security-alerts/cpujan2022.html
reference_id
reference_type
scores
url	https://www.oracle.com/security-alerts/cpujan2022.html

reference_url	https://www.oracle.com/security-alerts/cpujul2020.html
reference_id
reference_type
scores
url	https://www.oracle.com/security-alerts/cpujul2020.html

reference_url	https://www.oracle.com//security-alerts/cpujul2021.html
reference_id
reference_type
scores
url	https://www.oracle.com//security-alerts/cpujul2021.html

reference_url	https://www.oracle.com/security-alerts/cpuoct2020.html
reference_id
reference_type
scores
url	https://www.oracle.com/security-alerts/cpuoct2020.html

reference_url	https://www.oracle.com/security-alerts/cpuoct2021.html
reference_id
reference_type
scores
url	https://www.oracle.com/security-alerts/cpuoct2021.html

reference_url	https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html
reference_id
reference_type
scores
url	https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html

reference_url	https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html
reference_id
reference_type
scores
url	https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html

reference_url	https://www.privacy-wise.com/mitigating-cve-2019-11358-in-old-versions-of-jquery
reference_id
reference_type
scores
url	https://www.privacy-wise.com/mitigating-cve-2019-11358-in-old-versions-of-jquery

reference_url	https://www.synology.com/security/advisory/Synology_SA_19_19
reference_id
reference_type
scores
url	https://www.synology.com/security/advisory/Synology_SA_19_19

reference_url	https://www.tenable.com/security/tns-2019-08
reference_id
reference_type
scores
url	https://www.tenable.com/security/tns-2019-08

reference_url	https://www.tenable.com/security/tns-2020-02
reference_id
reference_type
scores
url	https://www.tenable.com/security/tns-2020-02

100

reference_url	http://www.securityfocus.com/bid/108023
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/108023

101

reference_url

https://github.com/nodejs/security-wg/blob/main/vuln/npm/496.json

reference_id

496

reference_type

scores

value	5.6
scoring_system	cvssv3
scoring_elements

url

https://github.com/nodejs/security-wg/blob/main/vuln/npm/496.json

102

reference_url	https://nvd.nist.gov/vuln/detail/CVE-2019-11358
reference_id	CVE-2019-11358
reference_type
scores
url	https://nvd.nist.gov/vuln/detail/CVE-2019-11358

103

reference_url	https://github.com/rubysec/ruby-advisory-db/blob/master/gems/jquery-rails/CVE-2019-11358.yml
reference_id	CVE-2019-11358.YML
reference_type
scores
url	https://github.com/rubysec/ruby-advisory-db/blob/master/gems/jquery-rails/CVE-2019-11358.yml

104

reference_url	https://github.com/advisories/GHSA-6c3j-c64m-qhgq
reference_id	GHSA-6c3j-c64m-qhgq
reference_type
scores
url	https://github.com/advisories/GHSA-6c3j-c64m-qhgq

Weaknesses

cwe_id	1035
name	OWASP Top Ten 2017 Category A9 - Using Components with Known Vulnerabilities
description	Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2017.

cwe_id	79
name	Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
description	The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users.

cwe_id	937
name	OWASP Top Ten 2013 Category A9 - Using Components with Known Vulnerabilities
description	Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2013.

cwe_id	1321
name	Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')
description	The product receives input from an upstream component that specifies attributes that are to be initialized or updated in an object, but it does not properly control modifications of attributes of the object prototype.

Exploits

Severity_range_score 5.6 - 5.6

Exploitability null

Weighted_severity null

Risk_score null

Resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-84eq-cq89-9qhm

Vulnerability Instance