Django REST framework

Vulnerability Instance

Lookup for vulnerabilities affecting packages.

Vulnerability_idVCID-ac31-t3u6-cfap
SummarySalt 2015.8.x before 2015.8.4 does not properly handle clear messages on the minion, which allows man-in-the-middle attackers to execute arbitrary code by inserting packets into the minion-master data stream.
Aliases
0
alias CVE-2016-1866
1
alias GHSA-vqh4-crjf-jjxx
2
alias PYSEC-2016-23
Fixed_packages
0
url pkg:pypi/salt@2015.8.4
purl pkg:pypi/salt@2015.8.4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2ds7-ga65-r3b6
1
vulnerability VCID-2h9s-fgnc-1qeg
2
vulnerability VCID-3xs9-ym4e-fyag
3
vulnerability VCID-47u4-vdsp-c3ct
4
vulnerability VCID-48tt-fe7z-ybfb
5
vulnerability VCID-58p2-6c4u-tybp
6
vulnerability VCID-5hr1-5aec-43h3
7
vulnerability VCID-65p4-5x86-y3fj
8
vulnerability VCID-6cfw-9xe8-43d6
9
vulnerability VCID-7mam-gwcp-8kdm
10
vulnerability VCID-8ghn-kbm9-sfas
11
vulnerability VCID-8mpz-ke16-fbej
12
vulnerability VCID-a8kw-uehx-xfg5
13
vulnerability VCID-bxh1-y9mk-3ygg
14
vulnerability VCID-ce2x-ehyk-nufk
15
vulnerability VCID-cubj-wrbp-1qbu
16
vulnerability VCID-e6kv-phwy-vfef
17
vulnerability VCID-e8qc-mktf-gyam
18
vulnerability VCID-gafc-bb59-9yhb
19
vulnerability VCID-h4tm-9wqz-1qge
20
vulnerability VCID-hgv6-czxs-cfbc
21
vulnerability VCID-j5th-837s-fkft
22
vulnerability VCID-jbea-m4ak-tqd7
23
vulnerability VCID-jyxg-h3a9-8ygv
24
vulnerability VCID-k1gu-khda-jyeb
25
vulnerability VCID-kapu-yvhn-ybhw
26
vulnerability VCID-mbpz-g2vs-tqc1
27
vulnerability VCID-neby-tsrt-ryg5
28
vulnerability VCID-nehw-r7zm-j7bb
29
vulnerability VCID-p4xa-ks7v-wbay
30
vulnerability VCID-qgqk-f1g2-7fbz
31
vulnerability VCID-reer-fk1f-tkbj
32
vulnerability VCID-saff-gz5j-8kex
33
vulnerability VCID-v43a-k2bg-wkbz
34
vulnerability VCID-w2qv-hbsf-xyfh
35
vulnerability VCID-xccs-pwhb-nuce
36
vulnerability VCID-znn9-qud3-wqat
37
vulnerability VCID-zter-3e3b-7yfb
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/salt@2015.8.4
Affected_packages
0
url pkg:pypi/salt@2015.8.0rc1
purl pkg:pypi/salt@2015.8.0rc1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2ds7-ga65-r3b6
1
vulnerability VCID-2h9s-fgnc-1qeg
2
vulnerability VCID-3xs9-ym4e-fyag
3
vulnerability VCID-47u4-vdsp-c3ct
4
vulnerability VCID-48tt-fe7z-ybfb
5
vulnerability VCID-58p2-6c4u-tybp
6
vulnerability VCID-5hr1-5aec-43h3
7
vulnerability VCID-65p4-5x86-y3fj
8
vulnerability VCID-6cfw-9xe8-43d6
9
vulnerability VCID-7mam-gwcp-8kdm
10
vulnerability VCID-8ghn-kbm9-sfas
11
vulnerability VCID-8mpz-ke16-fbej
12
vulnerability VCID-a8kw-uehx-xfg5
13
vulnerability VCID-ac31-t3u6-cfap
14
vulnerability VCID-az3x-2atn-pqh4
15
vulnerability VCID-ce2x-ehyk-nufk
16
vulnerability VCID-cubj-wrbp-1qbu
17
vulnerability VCID-e6kv-phwy-vfef
18
vulnerability VCID-e8qc-mktf-gyam
19
vulnerability VCID-gafc-bb59-9yhb
20
vulnerability VCID-h4tm-9wqz-1qge
21
vulnerability VCID-hgv6-czxs-cfbc
22
vulnerability VCID-j5th-837s-fkft
23
vulnerability VCID-jbea-m4ak-tqd7
24
vulnerability VCID-jyxg-h3a9-8ygv
25
vulnerability VCID-k1gu-khda-jyeb
26
vulnerability VCID-kapu-yvhn-ybhw
27
vulnerability VCID-mbpz-g2vs-tqc1
28
vulnerability VCID-neby-tsrt-ryg5
29
vulnerability VCID-nehw-r7zm-j7bb
30
vulnerability VCID-p4xa-ks7v-wbay
31
vulnerability VCID-qgqk-f1g2-7fbz
32
vulnerability VCID-reer-fk1f-tkbj
33
vulnerability VCID-saff-gz5j-8kex
34
vulnerability VCID-v43a-k2bg-wkbz
35
vulnerability VCID-w2qv-hbsf-xyfh
36
vulnerability VCID-xccs-pwhb-nuce
37
vulnerability VCID-znn9-qud3-wqat
38
vulnerability VCID-zter-3e3b-7yfb
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/salt@2015.8.0rc1
1
url pkg:pypi/salt@2015.8.0
purl pkg:pypi/salt@2015.8.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2ds7-ga65-r3b6
1
vulnerability VCID-2h9s-fgnc-1qeg
2
vulnerability VCID-3xs9-ym4e-fyag
3
vulnerability VCID-47u4-vdsp-c3ct
4
vulnerability VCID-48tt-fe7z-ybfb
5
vulnerability VCID-58p2-6c4u-tybp
6
vulnerability VCID-5hr1-5aec-43h3
7
vulnerability VCID-65p4-5x86-y3fj
8
vulnerability VCID-6cfw-9xe8-43d6
9
vulnerability VCID-7mam-gwcp-8kdm
10
vulnerability VCID-8ghn-kbm9-sfas
11
vulnerability VCID-8mpz-ke16-fbej
12
vulnerability VCID-a8kw-uehx-xfg5
13
vulnerability VCID-ac31-t3u6-cfap
14
vulnerability VCID-az3x-2atn-pqh4
15
vulnerability VCID-bxh1-y9mk-3ygg
16
vulnerability VCID-ce2x-ehyk-nufk
17
vulnerability VCID-cubj-wrbp-1qbu
18
vulnerability VCID-e6kv-phwy-vfef
19
vulnerability VCID-e8qc-mktf-gyam
20
vulnerability VCID-ft7d-u3qu-7kf8
21
vulnerability VCID-gafc-bb59-9yhb
22
vulnerability VCID-h4tm-9wqz-1qge
23
vulnerability VCID-hgv6-czxs-cfbc
24
vulnerability VCID-j5th-837s-fkft
25
vulnerability VCID-jbea-m4ak-tqd7
26
vulnerability VCID-jyxg-h3a9-8ygv
27
vulnerability VCID-k1gu-khda-jyeb
28
vulnerability VCID-kapu-yvhn-ybhw
29
vulnerability VCID-mbpz-g2vs-tqc1
30
vulnerability VCID-neby-tsrt-ryg5
31
vulnerability VCID-nehw-r7zm-j7bb
32
vulnerability VCID-p4xa-ks7v-wbay
33
vulnerability VCID-qgqk-f1g2-7fbz
34
vulnerability VCID-reer-fk1f-tkbj
35
vulnerability VCID-saff-gz5j-8kex
36
vulnerability VCID-v43a-k2bg-wkbz
37
vulnerability VCID-w2qv-hbsf-xyfh
38
vulnerability VCID-xccs-pwhb-nuce
39
vulnerability VCID-znn9-qud3-wqat
40
vulnerability VCID-zter-3e3b-7yfb
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/salt@2015.8.0
2
url pkg:pypi/salt@2015.8.1
purl pkg:pypi/salt@2015.8.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2ds7-ga65-r3b6
1
vulnerability VCID-2h9s-fgnc-1qeg
2
vulnerability VCID-3xs9-ym4e-fyag
3
vulnerability VCID-47u4-vdsp-c3ct
4
vulnerability VCID-48tt-fe7z-ybfb
5
vulnerability VCID-58p2-6c4u-tybp
6
vulnerability VCID-5hr1-5aec-43h3
7
vulnerability VCID-65p4-5x86-y3fj
8
vulnerability VCID-6cfw-9xe8-43d6
9
vulnerability VCID-7mam-gwcp-8kdm
10
vulnerability VCID-8ghn-kbm9-sfas
11
vulnerability VCID-8mpz-ke16-fbej
12
vulnerability VCID-a8kw-uehx-xfg5
13
vulnerability VCID-ac31-t3u6-cfap
14
vulnerability VCID-az3x-2atn-pqh4
15
vulnerability VCID-bxh1-y9mk-3ygg
16
vulnerability VCID-ce2x-ehyk-nufk
17
vulnerability VCID-cubj-wrbp-1qbu
18
vulnerability VCID-e6kv-phwy-vfef
19
vulnerability VCID-e8qc-mktf-gyam
20
vulnerability VCID-gafc-bb59-9yhb
21
vulnerability VCID-h4tm-9wqz-1qge
22
vulnerability VCID-hgv6-czxs-cfbc
23
vulnerability VCID-j5th-837s-fkft
24
vulnerability VCID-jbea-m4ak-tqd7
25
vulnerability VCID-jyxg-h3a9-8ygv
26
vulnerability VCID-k1gu-khda-jyeb
27
vulnerability VCID-kapu-yvhn-ybhw
28
vulnerability VCID-mbpz-g2vs-tqc1
29
vulnerability VCID-neby-tsrt-ryg5
30
vulnerability VCID-nehw-r7zm-j7bb
31
vulnerability VCID-p4xa-ks7v-wbay
32
vulnerability VCID-qgqk-f1g2-7fbz
33
vulnerability VCID-reer-fk1f-tkbj
34
vulnerability VCID-saff-gz5j-8kex
35
vulnerability VCID-v43a-k2bg-wkbz
36
vulnerability VCID-w2qv-hbsf-xyfh
37
vulnerability VCID-xccs-pwhb-nuce
38
vulnerability VCID-znn9-qud3-wqat
39
vulnerability VCID-zter-3e3b-7yfb
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/salt@2015.8.1
3
url pkg:pypi/salt@2015.8.2
purl pkg:pypi/salt@2015.8.2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2ds7-ga65-r3b6
1
vulnerability VCID-2h9s-fgnc-1qeg
2
vulnerability VCID-3xs9-ym4e-fyag
3
vulnerability VCID-47u4-vdsp-c3ct
4
vulnerability VCID-48tt-fe7z-ybfb
5
vulnerability VCID-58p2-6c4u-tybp
6
vulnerability VCID-5hr1-5aec-43h3
7
vulnerability VCID-65p4-5x86-y3fj
8
vulnerability VCID-6cfw-9xe8-43d6
9
vulnerability VCID-7mam-gwcp-8kdm
10
vulnerability VCID-8ghn-kbm9-sfas
11
vulnerability VCID-8mpz-ke16-fbej
12
vulnerability VCID-a8kw-uehx-xfg5
13
vulnerability VCID-ac31-t3u6-cfap
14
vulnerability VCID-az3x-2atn-pqh4
15
vulnerability VCID-bxh1-y9mk-3ygg
16
vulnerability VCID-ce2x-ehyk-nufk
17
vulnerability VCID-cubj-wrbp-1qbu
18
vulnerability VCID-e6kv-phwy-vfef
19
vulnerability VCID-e8qc-mktf-gyam
20
vulnerability VCID-gafc-bb59-9yhb
21
vulnerability VCID-h4tm-9wqz-1qge
22
vulnerability VCID-hgv6-czxs-cfbc
23
vulnerability VCID-j5th-837s-fkft
24
vulnerability VCID-jbea-m4ak-tqd7
25
vulnerability VCID-jyxg-h3a9-8ygv
26
vulnerability VCID-k1gu-khda-jyeb
27
vulnerability VCID-kapu-yvhn-ybhw
28
vulnerability VCID-mbpz-g2vs-tqc1
29
vulnerability VCID-neby-tsrt-ryg5
30
vulnerability VCID-nehw-r7zm-j7bb
31
vulnerability VCID-p4xa-ks7v-wbay
32
vulnerability VCID-qgqk-f1g2-7fbz
33
vulnerability VCID-reer-fk1f-tkbj
34
vulnerability VCID-saff-gz5j-8kex
35
vulnerability VCID-v43a-k2bg-wkbz
36
vulnerability VCID-w2qv-hbsf-xyfh
37
vulnerability VCID-xccs-pwhb-nuce
38
vulnerability VCID-znn9-qud3-wqat
39
vulnerability VCID-zter-3e3b-7yfb
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/salt@2015.8.2
4
url pkg:pypi/salt@2015.8.3
purl pkg:pypi/salt@2015.8.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2ds7-ga65-r3b6
1
vulnerability VCID-2h9s-fgnc-1qeg
2
vulnerability VCID-3xs9-ym4e-fyag
3
vulnerability VCID-47u4-vdsp-c3ct
4
vulnerability VCID-48tt-fe7z-ybfb
5
vulnerability VCID-58p2-6c4u-tybp
6
vulnerability VCID-5hr1-5aec-43h3
7
vulnerability VCID-65p4-5x86-y3fj
8
vulnerability VCID-6cfw-9xe8-43d6
9
vulnerability VCID-7mam-gwcp-8kdm
10
vulnerability VCID-8ghn-kbm9-sfas
11
vulnerability VCID-8mpz-ke16-fbej
12
vulnerability VCID-a8kw-uehx-xfg5
13
vulnerability VCID-ac31-t3u6-cfap
14
vulnerability VCID-bxh1-y9mk-3ygg
15
vulnerability VCID-ce2x-ehyk-nufk
16
vulnerability VCID-cubj-wrbp-1qbu
17
vulnerability VCID-e6kv-phwy-vfef
18
vulnerability VCID-e8qc-mktf-gyam
19
vulnerability VCID-gafc-bb59-9yhb
20
vulnerability VCID-h4tm-9wqz-1qge
21
vulnerability VCID-hgv6-czxs-cfbc
22
vulnerability VCID-j5th-837s-fkft
23
vulnerability VCID-jbea-m4ak-tqd7
24
vulnerability VCID-jyxg-h3a9-8ygv
25
vulnerability VCID-k1gu-khda-jyeb
26
vulnerability VCID-kapu-yvhn-ybhw
27
vulnerability VCID-mbpz-g2vs-tqc1
28
vulnerability VCID-neby-tsrt-ryg5
29
vulnerability VCID-nehw-r7zm-j7bb
30
vulnerability VCID-p4xa-ks7v-wbay
31
vulnerability VCID-qgqk-f1g2-7fbz
32
vulnerability VCID-reer-fk1f-tkbj
33
vulnerability VCID-saff-gz5j-8kex
34
vulnerability VCID-v43a-k2bg-wkbz
35
vulnerability VCID-w2qv-hbsf-xyfh
36
vulnerability VCID-xccs-pwhb-nuce
37
vulnerability VCID-znn9-qud3-wqat
38
vulnerability VCID-zter-3e3b-7yfb
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/salt@2015.8.3
References
0
reference_url http://lists.opensuse.org/opensuse-updates/2016-03/msg00034.html
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://lists.opensuse.org/opensuse-updates/2016-03/msg00034.html
1
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1866.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1866.json
2
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-1866
reference_id
reference_type
scores
0
value 0.00628
scoring_system epss
scoring_elements 0.70622
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-1866
3
reference_url https://docs.saltstack.com/en/latest/topics/releases/2015.8.4.html
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://docs.saltstack.com/en/latest/topics/releases/2015.8.4.html
4
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/salt/PYSEC-2016-23.yaml
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/salt/PYSEC-2016-23.yaml
5
reference_url https://github.com/saltstack/salt
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/saltstack/salt
6
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1305460
reference_id 1305460
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1305460
7
reference_url https://nvd.nist.gov/vuln/detail/CVE-2016-1866
reference_id CVE-2016-1866
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2016-1866
8
reference_url https://github.com/advisories/GHSA-vqh4-crjf-jjxx
reference_id GHSA-vqh4-crjf-jjxx
reference_type
scores
url https://github.com/advisories/GHSA-vqh4-crjf-jjxx
Weaknesses
0
cwe_id 284
name Improper Access Control
description The product does not restrict or incorrectly restricts access to a resource from an unauthorized actor.
1
cwe_id 937
name OWASP Top Ten 2013 Category A9 - Using Components with Known Vulnerabilities
description Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2013.
2
cwe_id 1035
name OWASP Top Ten 2017 Category A9 - Using Components with Known Vulnerabilities
description Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2017.
Exploits
Severity_range_score7.0 - 8.9
Exploitability0.5
Weighted_severity8.0
Risk_score4.0
Resource_urlhttp://public2.vulnerablecode.io/vulnerabilities/VCID-ac31-t3u6-cfap