Django REST framework

Vulnerability Instance

Lookup for vulnerabilities affecting packages.

Vulnerability_idVCID-5yz3-8ygc-eydj
SummaryLadon since 0.6.1 (since ebef0aae48af78c159b6fce81bc6f5e7e0ddb059) is affected by: XML External Entity (XXE). The impact is: Information Disclosure, reading files and reaching internal network endpoints. The component is: SOAP request handlers. For instance: https://bitbucket.org/jakobsg/ladon/src/42944fc012a3a48214791c120ee5619434505067/src/ladon/interfaces/soap.py#lines-688. The attack vector is: Send a specially crafted SOAP call.
Aliases
0
alias CVE-2019-1010268
1
alias GHSA-vg35-vc9f-q7x2
2
alias PYSEC-2019-184
Fixed_packages
0
url pkg:pypi/ladon@1.0.0
purl pkg:pypi/ladon@1.0.0
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/ladon@1.0.0
Affected_packages
0
url pkg:pypi/ladon@0.8.2
purl pkg:pypi/ladon@0.8.2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-5yz3-8ygc-eydj
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/ladon@0.8.2
1
url pkg:pypi/ladon@0.8.3
purl pkg:pypi/ladon@0.8.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-5yz3-8ygc-eydj
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/ladon@0.8.3
2
url pkg:pypi/ladon@0.8.4
purl pkg:pypi/ladon@0.8.4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-5yz3-8ygc-eydj
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/ladon@0.8.4
3
url pkg:pypi/ladon@0.8.5
purl pkg:pypi/ladon@0.8.5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-5yz3-8ygc-eydj
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/ladon@0.8.5
4
url pkg:pypi/ladon@0.8.6
purl pkg:pypi/ladon@0.8.6
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-5yz3-8ygc-eydj
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/ladon@0.8.6
5
url pkg:pypi/ladon@0.8.7
purl pkg:pypi/ladon@0.8.7
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-5yz3-8ygc-eydj
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/ladon@0.8.7
6
url pkg:pypi/ladon@0.8.8
purl pkg:pypi/ladon@0.8.8
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-5yz3-8ygc-eydj
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/ladon@0.8.8
7
url pkg:pypi/ladon@0.8.9
purl pkg:pypi/ladon@0.8.9
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-5yz3-8ygc-eydj
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/ladon@0.8.9
8
url pkg:pypi/ladon@0.9.0
purl pkg:pypi/ladon@0.9.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-5yz3-8ygc-eydj
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/ladon@0.9.0
9
url pkg:pypi/ladon@0.9.1
purl pkg:pypi/ladon@0.9.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-5yz3-8ygc-eydj
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/ladon@0.9.1
10
url pkg:pypi/ladon@0.9.3
purl pkg:pypi/ladon@0.9.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-5yz3-8ygc-eydj
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/ladon@0.9.3
11
url pkg:pypi/ladon@0.9.8
purl pkg:pypi/ladon@0.9.8
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-5yz3-8ygc-eydj
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/ladon@0.9.8
12
url pkg:pypi/ladon@0.9.9
purl pkg:pypi/ladon@0.9.9
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-5yz3-8ygc-eydj
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/ladon@0.9.9
13
url pkg:pypi/ladon@0.9.10
purl pkg:pypi/ladon@0.9.10
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-5yz3-8ygc-eydj
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/ladon@0.9.10
14
url pkg:pypi/ladon@0.9.11
purl pkg:pypi/ladon@0.9.11
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-5yz3-8ygc-eydj
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/ladon@0.9.11
15
url pkg:pypi/ladon@0.9.12
purl pkg:pypi/ladon@0.9.12
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-5yz3-8ygc-eydj
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/ladon@0.9.12
16
url pkg:pypi/ladon@0.9.13
purl pkg:pypi/ladon@0.9.13
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-5yz3-8ygc-eydj
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/ladon@0.9.13
17
url pkg:pypi/ladon@0.9.15
purl pkg:pypi/ladon@0.9.15
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-5yz3-8ygc-eydj
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/ladon@0.9.15
18
url pkg:pypi/ladon@0.9.16
purl pkg:pypi/ladon@0.9.16
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-5yz3-8ygc-eydj
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/ladon@0.9.16
19
url pkg:pypi/ladon@0.9.17
purl pkg:pypi/ladon@0.9.17
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-5yz3-8ygc-eydj
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/ladon@0.9.17
20
url pkg:pypi/ladon@0.9.18
purl pkg:pypi/ladon@0.9.18
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-5yz3-8ygc-eydj
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/ladon@0.9.18
21
url pkg:pypi/ladon@0.9.19
purl pkg:pypi/ladon@0.9.19
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-5yz3-8ygc-eydj
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/ladon@0.9.19
22
url pkg:pypi/ladon@0.9.20
purl pkg:pypi/ladon@0.9.20
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-5yz3-8ygc-eydj
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/ladon@0.9.20
23
url pkg:pypi/ladon@0.9.21
purl pkg:pypi/ladon@0.9.21
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-5yz3-8ygc-eydj
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/ladon@0.9.21
24
url pkg:pypi/ladon@0.9.22
purl pkg:pypi/ladon@0.9.22
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-5yz3-8ygc-eydj
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/ladon@0.9.22
25
url pkg:pypi/ladon@0.9.23
purl pkg:pypi/ladon@0.9.23
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-5yz3-8ygc-eydj
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/ladon@0.9.23
26
url pkg:pypi/ladon@0.9.24
purl pkg:pypi/ladon@0.9.24
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-5yz3-8ygc-eydj
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/ladon@0.9.24
27
url pkg:pypi/ladon@0.9.26
purl pkg:pypi/ladon@0.9.26
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-5yz3-8ygc-eydj
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/ladon@0.9.26
28
url pkg:pypi/ladon@0.9.27
purl pkg:pypi/ladon@0.9.27
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-5yz3-8ygc-eydj
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/ladon@0.9.27
29
url pkg:pypi/ladon@0.9.28
purl pkg:pypi/ladon@0.9.28
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-5yz3-8ygc-eydj
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/ladon@0.9.28
30
url pkg:pypi/ladon@0.9.29
purl pkg:pypi/ladon@0.9.29
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-5yz3-8ygc-eydj
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/ladon@0.9.29
31
url pkg:pypi/ladon@0.9.30
purl pkg:pypi/ladon@0.9.30
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-5yz3-8ygc-eydj
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/ladon@0.9.30
32
url pkg:pypi/ladon@0.9.31
purl pkg:pypi/ladon@0.9.31
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-5yz3-8ygc-eydj
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/ladon@0.9.31
33
url pkg:pypi/ladon@0.9.32
purl pkg:pypi/ladon@0.9.32
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-5yz3-8ygc-eydj
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/ladon@0.9.32
34
url pkg:pypi/ladon@0.9.33
purl pkg:pypi/ladon@0.9.33
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-5yz3-8ygc-eydj
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/ladon@0.9.33
35
url pkg:pypi/ladon@0.9.34
purl pkg:pypi/ladon@0.9.34
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-5yz3-8ygc-eydj
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/ladon@0.9.34
36
url pkg:pypi/ladon@0.9.35
purl pkg:pypi/ladon@0.9.35
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-5yz3-8ygc-eydj
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/ladon@0.9.35
37
url pkg:pypi/ladon@0.9.36
purl pkg:pypi/ladon@0.9.36
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-5yz3-8ygc-eydj
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/ladon@0.9.36
38
url pkg:pypi/ladon@0.9.37
purl pkg:pypi/ladon@0.9.37
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-5yz3-8ygc-eydj
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/ladon@0.9.37
39
url pkg:pypi/ladon@0.9.38
purl pkg:pypi/ladon@0.9.38
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-5yz3-8ygc-eydj
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/ladon@0.9.38
40
url pkg:pypi/ladon@0.9.39
purl pkg:pypi/ladon@0.9.39
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-5yz3-8ygc-eydj
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/ladon@0.9.39
41
url pkg:pypi/ladon@0.9.40
purl pkg:pypi/ladon@0.9.40
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-5yz3-8ygc-eydj
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/ladon@0.9.40
References
0
reference_url https://bitbucket.org/jakobsg/ladon/src/42944fc012a3a48214791c120ee5619434505067/src/ladon/interfaces/soap.py#lines-688
reference_id
reference_type
scores
url https://bitbucket.org/jakobsg/ladon/src/42944fc012a3a48214791c120ee5619434505067/src/ladon/interfaces/soap.py#lines-688
1
reference_url https://github.com/advisories/GHSA-vg35-vc9f-q7x2
reference_id
reference_type
scores
url https://github.com/advisories/GHSA-vg35-vc9f-q7x2
2
reference_url https://www.exploit-db.com/exploits/43113
reference_id
reference_type
scores
url https://www.exploit-db.com/exploits/43113
Weaknesses
Exploits
Severity_range_scorenull
Exploitabilitynull
Weighted_severitynull
Risk_scorenull
Resource_urlhttp://public2.vulnerablecode.io/vulnerabilities/VCID-5yz3-8ygc-eydj