Django REST framework

Lookup for vulnerabilities affecting packages.

Vulnerability_id VCID-kqgv-6uaw-wbg8

Summary Mako before 0.3.4 relies on the cgi.escape function in the Python standard library for cross-site scripting (XSS) protection, which makes it easier for remote attackers to conduct XSS attacks via vectors involving single-quote characters and a JavaScript onLoad event handler for a BODY element.

Aliases

alias	CVE-2010-2480

alias	PYSEC-2010-1

Fixed_packages

url pkg:pypi/mako@0.3.4

purl pkg:pypi/mako@0.3.4

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-7157-v8k4-gbbx

vulnerability	VCID-78vq-wbe5-aygj

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/mako@0.3.4

Affected_packages

url pkg:pypi/mako@0.1.0

purl pkg:pypi/mako@0.1.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-7157-v8k4-gbbx

vulnerability	VCID-78vq-wbe5-aygj

vulnerability	VCID-kqgv-6uaw-wbg8

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/mako@0.1.0

url pkg:pypi/mako@0.1.1

purl pkg:pypi/mako@0.1.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-7157-v8k4-gbbx

vulnerability	VCID-78vq-wbe5-aygj

vulnerability	VCID-kqgv-6uaw-wbg8

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/mako@0.1.1

url pkg:pypi/mako@0.1.2

purl pkg:pypi/mako@0.1.2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-7157-v8k4-gbbx

vulnerability	VCID-78vq-wbe5-aygj

vulnerability	VCID-kqgv-6uaw-wbg8

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/mako@0.1.2

url pkg:pypi/mako@0.1.3

purl pkg:pypi/mako@0.1.3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-7157-v8k4-gbbx

vulnerability	VCID-78vq-wbe5-aygj

vulnerability	VCID-kqgv-6uaw-wbg8

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/mako@0.1.3

url pkg:pypi/mako@0.1.4

purl pkg:pypi/mako@0.1.4

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-7157-v8k4-gbbx

vulnerability	VCID-78vq-wbe5-aygj

vulnerability	VCID-kqgv-6uaw-wbg8

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/mako@0.1.4

url pkg:pypi/mako@0.1.5

purl pkg:pypi/mako@0.1.5

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-7157-v8k4-gbbx

vulnerability	VCID-78vq-wbe5-aygj

vulnerability	VCID-kqgv-6uaw-wbg8

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/mako@0.1.5

url pkg:pypi/mako@0.1.6

purl pkg:pypi/mako@0.1.6

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-7157-v8k4-gbbx

vulnerability	VCID-78vq-wbe5-aygj

vulnerability	VCID-kqgv-6uaw-wbg8

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/mako@0.1.6

url pkg:pypi/mako@0.1.7

purl pkg:pypi/mako@0.1.7

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-7157-v8k4-gbbx

vulnerability	VCID-78vq-wbe5-aygj

vulnerability	VCID-kqgv-6uaw-wbg8

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/mako@0.1.7

url pkg:pypi/mako@0.1.8

purl pkg:pypi/mako@0.1.8

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-7157-v8k4-gbbx

vulnerability	VCID-78vq-wbe5-aygj

vulnerability	VCID-kqgv-6uaw-wbg8

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/mako@0.1.8

url pkg:pypi/mako@0.1.9

purl pkg:pypi/mako@0.1.9

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-7157-v8k4-gbbx

vulnerability	VCID-78vq-wbe5-aygj

vulnerability	VCID-kqgv-6uaw-wbg8

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/mako@0.1.9

url pkg:pypi/mako@0.1.10

purl pkg:pypi/mako@0.1.10

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-7157-v8k4-gbbx

vulnerability	VCID-78vq-wbe5-aygj

vulnerability	VCID-kqgv-6uaw-wbg8

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/mako@0.1.10

url pkg:pypi/mako@0.2.0

purl pkg:pypi/mako@0.2.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-7157-v8k4-gbbx

vulnerability	VCID-78vq-wbe5-aygj

vulnerability	VCID-kqgv-6uaw-wbg8

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/mako@0.2.0

url pkg:pypi/mako@0.2.1

purl pkg:pypi/mako@0.2.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-7157-v8k4-gbbx

vulnerability	VCID-78vq-wbe5-aygj

vulnerability	VCID-kqgv-6uaw-wbg8

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/mako@0.2.1

url pkg:pypi/mako@0.2.2

purl pkg:pypi/mako@0.2.2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-7157-v8k4-gbbx

vulnerability	VCID-78vq-wbe5-aygj

vulnerability	VCID-kqgv-6uaw-wbg8

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/mako@0.2.2

url pkg:pypi/mako@0.2.3

purl pkg:pypi/mako@0.2.3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-7157-v8k4-gbbx

vulnerability	VCID-78vq-wbe5-aygj

vulnerability	VCID-kqgv-6uaw-wbg8

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/mako@0.2.3

url pkg:pypi/mako@0.2.4

purl pkg:pypi/mako@0.2.4

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-7157-v8k4-gbbx

vulnerability	VCID-78vq-wbe5-aygj

vulnerability	VCID-kqgv-6uaw-wbg8

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/mako@0.2.4

url pkg:pypi/mako@0.2.5

purl pkg:pypi/mako@0.2.5

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-7157-v8k4-gbbx

vulnerability	VCID-78vq-wbe5-aygj

vulnerability	VCID-kqgv-6uaw-wbg8

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/mako@0.2.5

url pkg:pypi/mako@0.3.0

purl pkg:pypi/mako@0.3.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-7157-v8k4-gbbx

vulnerability	VCID-78vq-wbe5-aygj

vulnerability	VCID-kqgv-6uaw-wbg8

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/mako@0.3.0

url pkg:pypi/mako@0.3.1

purl pkg:pypi/mako@0.3.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-7157-v8k4-gbbx

vulnerability	VCID-78vq-wbe5-aygj

vulnerability	VCID-kqgv-6uaw-wbg8

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/mako@0.3.1

url pkg:pypi/mako@0.3.2

purl pkg:pypi/mako@0.3.2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-7157-v8k4-gbbx

vulnerability	VCID-78vq-wbe5-aygj

vulnerability	VCID-kqgv-6uaw-wbg8

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/mako@0.3.2

url pkg:pypi/mako@0.3.3

purl pkg:pypi/mako@0.3.3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-7157-v8k4-gbbx

vulnerability	VCID-78vq-wbe5-aygj

vulnerability	VCID-kqgv-6uaw-wbg8

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/mako@0.3.3

References

reference_url	http://bugs.python.org/issue9061
reference_id
reference_type
scores
url	http://bugs.python.org/issue9061

reference_url	http://lists.opensuse.org/opensuse-security-announce/2010-08/msg00001.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2010-08/msg00001.html

reference_url	http://secunia.com/advisories/39935
reference_id
reference_type
scores
url	http://secunia.com/advisories/39935

reference_url	http://www.makotemplates.org/CHANGES
reference_id
reference_type
scores
url	http://www.makotemplates.org/CHANGES

Weaknesses

Exploits

Severity_range_score null

Exploitability null

Weighted_severity null

Risk_score null

Resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-kqgv-6uaw-wbg8

Vulnerability Instance