Vulnerability Instance
Lookup for vulnerabilities affecting packages.
GET /api/vulnerabilities/35379?format=api
{ "url": "http://public2.vulnerablecode.io/api/vulnerabilities/35379?format=api", "vulnerability_id": "VCID-5yz3-8ygc-eydj", "summary": "Ladon since 0.6.1 (since ebef0aae48af78c159b6fce81bc6f5e7e0ddb059) is affected by: XML External Entity (XXE). The impact is: Information Disclosure, reading files and reaching internal network endpoints. The component is: SOAP request handlers. For instance: https://bitbucket.org/jakobsg/ladon/src/42944fc012a3a48214791c120ee5619434505067/src/ladon/interfaces/soap.py#lines-688. The attack vector is: Send a specially crafted SOAP call.", "aliases": [ { "alias": "CVE-2019-1010268" }, { "alias": "GHSA-vg35-vc9f-q7x2" }, { "alias": "PYSEC-2019-184" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/13771?format=api", "purl": "pkg:pypi/ladon@1.0.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/ladon@1.0.0" } ], "affected_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/13729?format=api", "purl": "pkg:pypi/ladon@0.8.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-5yz3-8ygc-eydj" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/ladon@0.8.2" }, { "url": "http://public2.vulnerablecode.io/api/packages/13730?format=api", "purl": "pkg:pypi/ladon@0.8.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-5yz3-8ygc-eydj" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/ladon@0.8.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/13731?format=api", "purl": "pkg:pypi/ladon@0.8.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-5yz3-8ygc-eydj" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/ladon@0.8.4" }, { "url": "http://public2.vulnerablecode.io/api/packages/13732?format=api", "purl": "pkg:pypi/ladon@0.8.5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-5yz3-8ygc-eydj" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/ladon@0.8.5" }, { "url": "http://public2.vulnerablecode.io/api/packages/13733?format=api", "purl": "pkg:pypi/ladon@0.8.6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-5yz3-8ygc-eydj" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/ladon@0.8.6" }, { "url": "http://public2.vulnerablecode.io/api/packages/13734?format=api", "purl": "pkg:pypi/ladon@0.8.7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-5yz3-8ygc-eydj" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/ladon@0.8.7" }, { "url": "http://public2.vulnerablecode.io/api/packages/13735?format=api", "purl": "pkg:pypi/ladon@0.8.8", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-5yz3-8ygc-eydj" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/ladon@0.8.8" }, { "url": "http://public2.vulnerablecode.io/api/packages/13736?format=api", "purl": "pkg:pypi/ladon@0.8.9", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-5yz3-8ygc-eydj" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/ladon@0.8.9" }, { "url": "http://public2.vulnerablecode.io/api/packages/13737?format=api", "purl": "pkg:pypi/ladon@0.9.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-5yz3-8ygc-eydj" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/ladon@0.9.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/13738?format=api", "purl": "pkg:pypi/ladon@0.9.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-5yz3-8ygc-eydj" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/ladon@0.9.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/13739?format=api", "purl": "pkg:pypi/ladon@0.9.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-5yz3-8ygc-eydj" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/ladon@0.9.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/13740?format=api", "purl": "pkg:pypi/ladon@0.9.8", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-5yz3-8ygc-eydj" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/ladon@0.9.8" }, { "url": "http://public2.vulnerablecode.io/api/packages/13741?format=api", "purl": "pkg:pypi/ladon@0.9.9", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-5yz3-8ygc-eydj" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/ladon@0.9.9" }, { "url": "http://public2.vulnerablecode.io/api/packages/13742?format=api", "purl": "pkg:pypi/ladon@0.9.10", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-5yz3-8ygc-eydj" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/ladon@0.9.10" }, { "url": "http://public2.vulnerablecode.io/api/packages/13743?format=api", "purl": "pkg:pypi/ladon@0.9.11", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-5yz3-8ygc-eydj" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/ladon@0.9.11" }, { "url": "http://public2.vulnerablecode.io/api/packages/13744?format=api", "purl": "pkg:pypi/ladon@0.9.12", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-5yz3-8ygc-eydj" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/ladon@0.9.12" }, { "url": "http://public2.vulnerablecode.io/api/packages/13745?format=api", "purl": "pkg:pypi/ladon@0.9.13", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-5yz3-8ygc-eydj" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/ladon@0.9.13" }, { "url": "http://public2.vulnerablecode.io/api/packages/13746?format=api", "purl": "pkg:pypi/ladon@0.9.15", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-5yz3-8ygc-eydj" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/ladon@0.9.15" }, { "url": "http://public2.vulnerablecode.io/api/packages/13747?format=api", "purl": "pkg:pypi/ladon@0.9.16", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-5yz3-8ygc-eydj" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/ladon@0.9.16" }, { "url": "http://public2.vulnerablecode.io/api/packages/13748?format=api", "purl": "pkg:pypi/ladon@0.9.17", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-5yz3-8ygc-eydj" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/ladon@0.9.17" }, { "url": "http://public2.vulnerablecode.io/api/packages/13749?format=api", "purl": "pkg:pypi/ladon@0.9.18", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-5yz3-8ygc-eydj" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/ladon@0.9.18" }, { "url": "http://public2.vulnerablecode.io/api/packages/13750?format=api", "purl": "pkg:pypi/ladon@0.9.19", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-5yz3-8ygc-eydj" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/ladon@0.9.19" }, { "url": "http://public2.vulnerablecode.io/api/packages/13751?format=api", "purl": "pkg:pypi/ladon@0.9.20", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-5yz3-8ygc-eydj" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/ladon@0.9.20" }, { "url": "http://public2.vulnerablecode.io/api/packages/13752?format=api", "purl": "pkg:pypi/ladon@0.9.21", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-5yz3-8ygc-eydj" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/ladon@0.9.21" }, { "url": "http://public2.vulnerablecode.io/api/packages/13753?format=api", "purl": "pkg:pypi/ladon@0.9.22", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-5yz3-8ygc-eydj" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/ladon@0.9.22" }, { "url": "http://public2.vulnerablecode.io/api/packages/13754?format=api", "purl": "pkg:pypi/ladon@0.9.23", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-5yz3-8ygc-eydj" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/ladon@0.9.23" }, { "url": "http://public2.vulnerablecode.io/api/packages/13755?format=api", "purl": "pkg:pypi/ladon@0.9.24", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-5yz3-8ygc-eydj" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/ladon@0.9.24" }, { "url": "http://public2.vulnerablecode.io/api/packages/13756?format=api", "purl": "pkg:pypi/ladon@0.9.26", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-5yz3-8ygc-eydj" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/ladon@0.9.26" }, { "url": "http://public2.vulnerablecode.io/api/packages/13757?format=api", "purl": "pkg:pypi/ladon@0.9.27", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-5yz3-8ygc-eydj" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/ladon@0.9.27" }, { "url": "http://public2.vulnerablecode.io/api/packages/13758?format=api", "purl": "pkg:pypi/ladon@0.9.28", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-5yz3-8ygc-eydj" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/ladon@0.9.28" }, { "url": "http://public2.vulnerablecode.io/api/packages/13759?format=api", "purl": "pkg:pypi/ladon@0.9.29", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-5yz3-8ygc-eydj" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/ladon@0.9.29" }, { "url": "http://public2.vulnerablecode.io/api/packages/13760?format=api", "purl": "pkg:pypi/ladon@0.9.30", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-5yz3-8ygc-eydj" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/ladon@0.9.30" }, { "url": "http://public2.vulnerablecode.io/api/packages/13761?format=api", "purl": "pkg:pypi/ladon@0.9.31", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-5yz3-8ygc-eydj" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/ladon@0.9.31" }, { "url": "http://public2.vulnerablecode.io/api/packages/13762?format=api", "purl": "pkg:pypi/ladon@0.9.32", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-5yz3-8ygc-eydj" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/ladon@0.9.32" }, { "url": "http://public2.vulnerablecode.io/api/packages/13763?format=api", "purl": "pkg:pypi/ladon@0.9.33", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-5yz3-8ygc-eydj" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/ladon@0.9.33" }, { "url": "http://public2.vulnerablecode.io/api/packages/13764?format=api", "purl": "pkg:pypi/ladon@0.9.34", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-5yz3-8ygc-eydj" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/ladon@0.9.34" }, { "url": "http://public2.vulnerablecode.io/api/packages/13765?format=api", "purl": "pkg:pypi/ladon@0.9.35", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-5yz3-8ygc-eydj" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/ladon@0.9.35" }, { "url": "http://public2.vulnerablecode.io/api/packages/13766?format=api", "purl": "pkg:pypi/ladon@0.9.36", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-5yz3-8ygc-eydj" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/ladon@0.9.36" }, { "url": "http://public2.vulnerablecode.io/api/packages/13767?format=api", "purl": "pkg:pypi/ladon@0.9.37", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-5yz3-8ygc-eydj" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/ladon@0.9.37" }, { "url": "http://public2.vulnerablecode.io/api/packages/13768?format=api", "purl": "pkg:pypi/ladon@0.9.38", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-5yz3-8ygc-eydj" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/ladon@0.9.38" }, { "url": "http://public2.vulnerablecode.io/api/packages/13769?format=api", "purl": "pkg:pypi/ladon@0.9.39", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-5yz3-8ygc-eydj" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/ladon@0.9.39" }, { "url": "http://public2.vulnerablecode.io/api/packages/13770?format=api", "purl": "pkg:pypi/ladon@0.9.40", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-5yz3-8ygc-eydj" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/ladon@0.9.40" } ], "references": [ { "reference_url": "https://bitbucket.org/jakobsg/ladon/src/42944fc012a3a48214791c120ee5619434505067/src/ladon/interfaces/soap.py#lines-688", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bitbucket.org/jakobsg/ladon/src/42944fc012a3a48214791c120ee5619434505067/src/ladon/interfaces/soap.py#lines-688" }, { "reference_url": "https://github.com/advisories/GHSA-vg35-vc9f-q7x2", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/advisories/GHSA-vg35-vc9f-q7x2" }, { "reference_url": "https://www.exploit-db.com/exploits/43113", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.exploit-db.com/exploits/43113" } ], "weaknesses": [], "exploits": [], "severity_range_score": null, "exploitability": null, "weighted_severity": null, "risk_score": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-5yz3-8ygc-eydj" }