Django REST framework

Lookup for vulnerabilities affecting packages.

Vulnerability_id VCID-qdzd-s8a4-3fgm

Summary Transifex command-line client before 0.10 does not validate X.509 certificates for data transfer connections, which allows man-in-the-middle attackers to spoof a Transifex server via an arbitrary certificate. NOTE: this vulnerability exists because of an incomplete fix for CVE-2013-2073.

Aliases

alias	CVE-2013-7110

alias	PYSEC-2014-72

Fixed_packages

url	pkg:pypi/transifex-client@0.11.0
purl	pkg:pypi/transifex-client@0.11.0
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:pypi/transifex-client@0.11.0

Affected_packages

url pkg:pypi/transifex-client@0.1

purl pkg:pypi/transifex-client@0.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-qdzd-s8a4-3fgm

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/transifex-client@0.1

url pkg:pypi/transifex-client@0.2

purl pkg:pypi/transifex-client@0.2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-qdzd-s8a4-3fgm

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/transifex-client@0.2

url pkg:pypi/transifex-client@0.2.1

purl pkg:pypi/transifex-client@0.2.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-qdzd-s8a4-3fgm

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/transifex-client@0.2.1

url pkg:pypi/transifex-client@0.3

purl pkg:pypi/transifex-client@0.3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-qdzd-s8a4-3fgm

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/transifex-client@0.3

url pkg:pypi/transifex-client@0.4

purl pkg:pypi/transifex-client@0.4

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-qdzd-s8a4-3fgm

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/transifex-client@0.4

url pkg:pypi/transifex-client@0.4.1

purl pkg:pypi/transifex-client@0.4.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-qdzd-s8a4-3fgm

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/transifex-client@0.4.1

url pkg:pypi/transifex-client@0.5

purl pkg:pypi/transifex-client@0.5

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-qdzd-s8a4-3fgm

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/transifex-client@0.5

url pkg:pypi/transifex-client@0.5.1

purl pkg:pypi/transifex-client@0.5.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-qdzd-s8a4-3fgm

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/transifex-client@0.5.1

url pkg:pypi/transifex-client@0.5.2

purl pkg:pypi/transifex-client@0.5.2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-qdzd-s8a4-3fgm

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/transifex-client@0.5.2

url pkg:pypi/transifex-client@0.6

purl pkg:pypi/transifex-client@0.6

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-qdzd-s8a4-3fgm

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/transifex-client@0.6

url pkg:pypi/transifex-client@0.6.1

purl pkg:pypi/transifex-client@0.6.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-qdzd-s8a4-3fgm

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/transifex-client@0.6.1

url pkg:pypi/transifex-client@0.7

purl pkg:pypi/transifex-client@0.7

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-qdzd-s8a4-3fgm

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/transifex-client@0.7

url pkg:pypi/transifex-client@0.7.2

purl pkg:pypi/transifex-client@0.7.2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-qdzd-s8a4-3fgm

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/transifex-client@0.7.2

url pkg:pypi/transifex-client@0.7.3

purl pkg:pypi/transifex-client@0.7.3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-qdzd-s8a4-3fgm

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/transifex-client@0.7.3

url pkg:pypi/transifex-client@0.8

purl pkg:pypi/transifex-client@0.8

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-qdzd-s8a4-3fgm

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/transifex-client@0.8

url pkg:pypi/transifex-client@0.9

purl pkg:pypi/transifex-client@0.9

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-qdzd-s8a4-3fgm

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/transifex-client@0.9

url pkg:pypi/transifex-client@0.9.1

purl pkg:pypi/transifex-client@0.9.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-qdzd-s8a4-3fgm

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/transifex-client@0.9.1

url pkg:pypi/transifex-client@0.10

purl pkg:pypi/transifex-client@0.10

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-qdzd-s8a4-3fgm

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/transifex-client@0.10

url pkg:pypi/transifex-client@0.11b0

purl pkg:pypi/transifex-client@0.11b0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-qdzd-s8a4-3fgm

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/transifex-client@0.11b0

url pkg:pypi/transifex-client@0.11b3

purl pkg:pypi/transifex-client@0.11b3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-qdzd-s8a4-3fgm

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/transifex-client@0.11b3

References

reference_url	https://github.com/transifex/transifex-client/issues/42
reference_id
reference_type
scores
url	https://github.com/transifex/transifex-client/issues/42

reference_url	http://www.openwall.com/lists/oss-security/2013/12/13/5
reference_id
reference_type
scores
url	http://www.openwall.com/lists/oss-security/2013/12/13/5

reference_url	http://www.openwall.com/lists/oss-security/2013/12/15/3
reference_id
reference_type
scores
url	http://www.openwall.com/lists/oss-security/2013/12/15/3

Weaknesses

Exploits

Severity_range_score null

Exploitability null

Weighted_severity null

Risk_score null

Resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-qdzd-s8a4-3fgm

Vulnerability Instance