Django REST framework

Vulnerability Instance

Lookup for vulnerabilities affecting packages.

Vulnerability_idVCID-pm6p-9arz-7ygs
SummaryA flaw was found in the way Ansible (2.3.x before 2.3.3, and 2.4.x before 2.4.1) passed certain parameters to the jenkins_plugin module. Remote attackers could use this flaw to expose sensitive information from a remote host's logs. This flaw was fixed by not allowing passwords to be specified in the "params" argument, and noting this in the module documentation.
Aliases
0
alias CVE-2017-7550
1
alias PYSEC-2017-4
Fixed_packages
0
url pkg:pypi/ansible@2.3.3.0
purl pkg:pypi/ansible@2.3.3.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1sty-hqbq-63hy
1
vulnerability VCID-2z4k-r21v-rfgx
2
vulnerability VCID-7qnx-1gp2-v7bb
3
vulnerability VCID-833d-up6b-rfe1
4
vulnerability VCID-8u2v-jtqe-dqg3
5
vulnerability VCID-am9g-ba4h-sfhr
6
vulnerability VCID-cuq1-se5h-vygd
7
vulnerability VCID-cxts-25nq-4fcs
8
vulnerability VCID-dkds-s3ad-cufa
9
vulnerability VCID-gm99-68bj-c3cz
10
vulnerability VCID-gxw4-ydnj-fkfe
11
vulnerability VCID-hjc4-jcfm-7be5
12
vulnerability VCID-hpqa-ysnc-b7dw
13
vulnerability VCID-hq4d-92s2-vqg6
14
vulnerability VCID-k8a2-5yfh-j7gp
15
vulnerability VCID-mbj9-3bnb-wbda
16
vulnerability VCID-p4p5-29r5-8qh9
17
vulnerability VCID-pqj1-u787-g3aj
18
vulnerability VCID-subj-aje2-93bk
19
vulnerability VCID-utrp-hfpb-tygj
20
vulnerability VCID-vhxq-1hqq-77bx
21
vulnerability VCID-vsv2-4d8c-m3g1
22
vulnerability VCID-x4mr-vrp9-ufg6
23
vulnerability VCID-ykkx-swgs-vybn
24
vulnerability VCID-yre5-mmmj-q3bn
25
vulnerability VCID-zwrg-9mrq-effd
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/ansible@2.3.3.0
1
url pkg:pypi/ansible@2.4.1.0
purl pkg:pypi/ansible@2.4.1.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1sty-hqbq-63hy
1
vulnerability VCID-2z4k-r21v-rfgx
2
vulnerability VCID-5cgu-g45y-q3cj
3
vulnerability VCID-7qnx-1gp2-v7bb
4
vulnerability VCID-833d-up6b-rfe1
5
vulnerability VCID-8u2v-jtqe-dqg3
6
vulnerability VCID-am9g-ba4h-sfhr
7
vulnerability VCID-cuq1-se5h-vygd
8
vulnerability VCID-cxts-25nq-4fcs
9
vulnerability VCID-dkds-s3ad-cufa
10
vulnerability VCID-gm99-68bj-c3cz
11
vulnerability VCID-gxw4-ydnj-fkfe
12
vulnerability VCID-hjc4-jcfm-7be5
13
vulnerability VCID-hpqa-ysnc-b7dw
14
vulnerability VCID-hq4d-92s2-vqg6
15
vulnerability VCID-k8a2-5yfh-j7gp
16
vulnerability VCID-mbj9-3bnb-wbda
17
vulnerability VCID-p4p5-29r5-8qh9
18
vulnerability VCID-pqj1-u787-g3aj
19
vulnerability VCID-subj-aje2-93bk
20
vulnerability VCID-vhxq-1hqq-77bx
21
vulnerability VCID-vsv2-4d8c-m3g1
22
vulnerability VCID-x4mr-vrp9-ufg6
23
vulnerability VCID-x99c-b7ve-hkdj
24
vulnerability VCID-ykkx-swgs-vybn
25
vulnerability VCID-yre5-mmmj-q3bn
26
vulnerability VCID-zwrg-9mrq-effd
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/ansible@2.4.1.0
Affected_packages
0
url pkg:pypi/ansible@2.3.0
purl pkg:pypi/ansible@2.3.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-pm6p-9arz-7ygs
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/ansible@2.3.0
1
url pkg:pypi/ansible@2.3.0.0
purl pkg:pypi/ansible@2.3.0.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1sty-hqbq-63hy
1
vulnerability VCID-2z4k-r21v-rfgx
2
vulnerability VCID-7qnx-1gp2-v7bb
3
vulnerability VCID-833d-up6b-rfe1
4
vulnerability VCID-8u2v-jtqe-dqg3
5
vulnerability VCID-am9g-ba4h-sfhr
6
vulnerability VCID-cuq1-se5h-vygd
7
vulnerability VCID-cxts-25nq-4fcs
8
vulnerability VCID-dkds-s3ad-cufa
9
vulnerability VCID-gm99-68bj-c3cz
10
vulnerability VCID-gxw4-ydnj-fkfe
11
vulnerability VCID-hjc4-jcfm-7be5
12
vulnerability VCID-hpqa-ysnc-b7dw
13
vulnerability VCID-hq4d-92s2-vqg6
14
vulnerability VCID-k8a2-5yfh-j7gp
15
vulnerability VCID-mbj9-3bnb-wbda
16
vulnerability VCID-p4p5-29r5-8qh9
17
vulnerability VCID-pm6p-9arz-7ygs
18
vulnerability VCID-pqj1-u787-g3aj
19
vulnerability VCID-subj-aje2-93bk
20
vulnerability VCID-utrp-hfpb-tygj
21
vulnerability VCID-vhxq-1hqq-77bx
22
vulnerability VCID-vsv2-4d8c-m3g1
23
vulnerability VCID-x4mr-vrp9-ufg6
24
vulnerability VCID-ykkx-swgs-vybn
25
vulnerability VCID-yre5-mmmj-q3bn
26
vulnerability VCID-zwrg-9mrq-effd
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/ansible@2.3.0.0
2
url pkg:pypi/ansible@2.3.1.0
purl pkg:pypi/ansible@2.3.1.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1sty-hqbq-63hy
1
vulnerability VCID-2z4k-r21v-rfgx
2
vulnerability VCID-7qnx-1gp2-v7bb
3
vulnerability VCID-833d-up6b-rfe1
4
vulnerability VCID-8u2v-jtqe-dqg3
5
vulnerability VCID-am9g-ba4h-sfhr
6
vulnerability VCID-cuq1-se5h-vygd
7
vulnerability VCID-cxts-25nq-4fcs
8
vulnerability VCID-dkds-s3ad-cufa
9
vulnerability VCID-gm99-68bj-c3cz
10
vulnerability VCID-gxw4-ydnj-fkfe
11
vulnerability VCID-hjc4-jcfm-7be5
12
vulnerability VCID-hpqa-ysnc-b7dw
13
vulnerability VCID-hq4d-92s2-vqg6
14
vulnerability VCID-k8a2-5yfh-j7gp
15
vulnerability VCID-mbj9-3bnb-wbda
16
vulnerability VCID-p4p5-29r5-8qh9
17
vulnerability VCID-pm6p-9arz-7ygs
18
vulnerability VCID-pqj1-u787-g3aj
19
vulnerability VCID-subj-aje2-93bk
20
vulnerability VCID-vhxq-1hqq-77bx
21
vulnerability VCID-vsv2-4d8c-m3g1
22
vulnerability VCID-x4mr-vrp9-ufg6
23
vulnerability VCID-ykkx-swgs-vybn
24
vulnerability VCID-yre5-mmmj-q3bn
25
vulnerability VCID-zwrg-9mrq-effd
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/ansible@2.3.1.0
3
url pkg:pypi/ansible@2.3.2.0
purl pkg:pypi/ansible@2.3.2.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1sty-hqbq-63hy
1
vulnerability VCID-2z4k-r21v-rfgx
2
vulnerability VCID-7qnx-1gp2-v7bb
3
vulnerability VCID-833d-up6b-rfe1
4
vulnerability VCID-8u2v-jtqe-dqg3
5
vulnerability VCID-am9g-ba4h-sfhr
6
vulnerability VCID-cuq1-se5h-vygd
7
vulnerability VCID-cxts-25nq-4fcs
8
vulnerability VCID-dkds-s3ad-cufa
9
vulnerability VCID-gm99-68bj-c3cz
10
vulnerability VCID-gxw4-ydnj-fkfe
11
vulnerability VCID-hjc4-jcfm-7be5
12
vulnerability VCID-hpqa-ysnc-b7dw
13
vulnerability VCID-hq4d-92s2-vqg6
14
vulnerability VCID-k8a2-5yfh-j7gp
15
vulnerability VCID-mbj9-3bnb-wbda
16
vulnerability VCID-p4p5-29r5-8qh9
17
vulnerability VCID-pm6p-9arz-7ygs
18
vulnerability VCID-pqj1-u787-g3aj
19
vulnerability VCID-subj-aje2-93bk
20
vulnerability VCID-utrp-hfpb-tygj
21
vulnerability VCID-vhxq-1hqq-77bx
22
vulnerability VCID-vsv2-4d8c-m3g1
23
vulnerability VCID-x4mr-vrp9-ufg6
24
vulnerability VCID-ykkx-swgs-vybn
25
vulnerability VCID-yre5-mmmj-q3bn
26
vulnerability VCID-zwrg-9mrq-effd
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/ansible@2.3.2.0
4
url pkg:pypi/ansible@2.4.0
purl pkg:pypi/ansible@2.4.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-pm6p-9arz-7ygs
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/ansible@2.4.0
5
url pkg:pypi/ansible@2.4.0.0
purl pkg:pypi/ansible@2.4.0.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1sty-hqbq-63hy
1
vulnerability VCID-2z4k-r21v-rfgx
2
vulnerability VCID-5cgu-g45y-q3cj
3
vulnerability VCID-7qnx-1gp2-v7bb
4
vulnerability VCID-833d-up6b-rfe1
5
vulnerability VCID-8u2v-jtqe-dqg3
6
vulnerability VCID-am9g-ba4h-sfhr
7
vulnerability VCID-cuq1-se5h-vygd
8
vulnerability VCID-cxts-25nq-4fcs
9
vulnerability VCID-dkds-s3ad-cufa
10
vulnerability VCID-gm99-68bj-c3cz
11
vulnerability VCID-gxw4-ydnj-fkfe
12
vulnerability VCID-hjc4-jcfm-7be5
13
vulnerability VCID-hpqa-ysnc-b7dw
14
vulnerability VCID-hq4d-92s2-vqg6
15
vulnerability VCID-k8a2-5yfh-j7gp
16
vulnerability VCID-mbj9-3bnb-wbda
17
vulnerability VCID-p4p5-29r5-8qh9
18
vulnerability VCID-pm6p-9arz-7ygs
19
vulnerability VCID-pqj1-u787-g3aj
20
vulnerability VCID-subj-aje2-93bk
21
vulnerability VCID-vhxq-1hqq-77bx
22
vulnerability VCID-vsv2-4d8c-m3g1
23
vulnerability VCID-x4mr-vrp9-ufg6
24
vulnerability VCID-x99c-b7ve-hkdj
25
vulnerability VCID-ykkx-swgs-vybn
26
vulnerability VCID-yre5-mmmj-q3bn
27
vulnerability VCID-zwrg-9mrq-effd
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/ansible@2.4.0.0
References
0
reference_url https://access.redhat.com/errata/RHSA-2017:2966
reference_id
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:2966
1
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1473645
reference_id
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1473645
2
reference_url https://github.com/ansible/ansible/issues/30874
reference_id
reference_type
scores
url https://github.com/ansible/ansible/issues/30874
3
reference_url https://nvd.nist.gov/vuln/detail/CVE-2017-7550
reference_id CVE-2017-7550
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2017-7550
Weaknesses
0
cwe_id 1035
name OWASP Top Ten 2017 Category A9 - Using Components with Known Vulnerabilities
description Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2017.
1
cwe_id 532
name Insertion of Sensitive Information into Log File
description Information written to log files can be of a sensitive nature and give valuable guidance to an attacker or expose sensitive user information.
2
cwe_id 937
name OWASP Top Ten 2013 Category A9 - Using Components with Known Vulnerabilities
description Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2013.
Exploits
Severity_range_scorenull
Exploitabilitynull
Weighted_severitynull
Risk_scorenull
Resource_urlhttp://public2.vulnerablecode.io/vulnerabilities/VCID-pm6p-9arz-7ygs