Django REST framework

Lookup for vulnerabilities affecting packages.

Vulnerability_id VCID-kzys-kvs5-wqgv

Summary CairoSVG is a Python (pypi) package. CairoSVG is an SVG converter based on Cairo. In CairoSVG before version 2.5.1, there is a regular expression denial of service (REDoS) vulnerability. When processing SVG files, the python package CairoSVG uses two regular expressions which are vulnerable to Regular Expression Denial of Service (REDoS). If an attacker provides a malicious SVG, it can make cairosvg get stuck processing the file for a very long time. This is fixed in version 2.5.1. See Referenced GitHub advisory for more information.

Aliases

alias	CVE-2021-21236

alias	GHSA-hq37-853p-g5cf

alias	PYSEC-2021-5

Fixed_packages

url pkg:pypi/cairosvg@2.5.1

purl pkg:pypi/cairosvg@2.5.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-4rp7-t37q-kff1

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/cairosvg@2.5.1

Affected_packages

url pkg:pypi/cairosvg@0.1

purl pkg:pypi/cairosvg@0.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-4rp7-t37q-kff1

vulnerability	VCID-kzys-kvs5-wqgv

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/cairosvg@0.1

url pkg:pypi/cairosvg@0.1.1

purl pkg:pypi/cairosvg@0.1.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-4rp7-t37q-kff1

vulnerability	VCID-kzys-kvs5-wqgv

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/cairosvg@0.1.1

url pkg:pypi/cairosvg@0.1.2

purl pkg:pypi/cairosvg@0.1.2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-4rp7-t37q-kff1

vulnerability	VCID-kzys-kvs5-wqgv

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/cairosvg@0.1.2

url pkg:pypi/cairosvg@0.2

purl pkg:pypi/cairosvg@0.2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-4rp7-t37q-kff1

vulnerability	VCID-kzys-kvs5-wqgv

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/cairosvg@0.2

url pkg:pypi/cairosvg@0.3

purl pkg:pypi/cairosvg@0.3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-4rp7-t37q-kff1

vulnerability	VCID-kzys-kvs5-wqgv

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/cairosvg@0.3

url pkg:pypi/cairosvg@0.3.1

purl pkg:pypi/cairosvg@0.3.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-4rp7-t37q-kff1

vulnerability	VCID-kzys-kvs5-wqgv

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/cairosvg@0.3.1

url pkg:pypi/cairosvg@0.4

purl pkg:pypi/cairosvg@0.4

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-4rp7-t37q-kff1

vulnerability	VCID-kzys-kvs5-wqgv

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/cairosvg@0.4

url pkg:pypi/cairosvg@0.4.1

purl pkg:pypi/cairosvg@0.4.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-4rp7-t37q-kff1

vulnerability	VCID-kzys-kvs5-wqgv

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/cairosvg@0.4.1

url pkg:pypi/cairosvg@0.4.2

purl pkg:pypi/cairosvg@0.4.2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-4rp7-t37q-kff1

vulnerability	VCID-kzys-kvs5-wqgv

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/cairosvg@0.4.2

url pkg:pypi/cairosvg@0.4.3

purl pkg:pypi/cairosvg@0.4.3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-4rp7-t37q-kff1

vulnerability	VCID-kzys-kvs5-wqgv

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/cairosvg@0.4.3

url pkg:pypi/cairosvg@0.4.4

purl pkg:pypi/cairosvg@0.4.4

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-4rp7-t37q-kff1

vulnerability	VCID-kzys-kvs5-wqgv

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/cairosvg@0.4.4

url pkg:pypi/cairosvg@0.5

purl pkg:pypi/cairosvg@0.5

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-4rp7-t37q-kff1

vulnerability	VCID-kzys-kvs5-wqgv

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/cairosvg@0.5

url pkg:pypi/cairosvg@1.0

purl pkg:pypi/cairosvg@1.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-4rp7-t37q-kff1

vulnerability	VCID-kzys-kvs5-wqgv

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/cairosvg@1.0

url pkg:pypi/cairosvg@1.0.1

purl pkg:pypi/cairosvg@1.0.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-4rp7-t37q-kff1

vulnerability	VCID-kzys-kvs5-wqgv

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/cairosvg@1.0.1

url pkg:pypi/cairosvg@1.0.2

purl pkg:pypi/cairosvg@1.0.2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-4rp7-t37q-kff1

vulnerability	VCID-kzys-kvs5-wqgv

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/cairosvg@1.0.2

url pkg:pypi/cairosvg@1.0.3

purl pkg:pypi/cairosvg@1.0.3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-4rp7-t37q-kff1

vulnerability	VCID-kzys-kvs5-wqgv

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/cairosvg@1.0.3

url pkg:pypi/cairosvg@1.0.4

purl pkg:pypi/cairosvg@1.0.4

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-4rp7-t37q-kff1

vulnerability	VCID-kzys-kvs5-wqgv

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/cairosvg@1.0.4

url pkg:pypi/cairosvg@1.0.5

purl pkg:pypi/cairosvg@1.0.5

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-4rp7-t37q-kff1

vulnerability	VCID-kzys-kvs5-wqgv

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/cairosvg@1.0.5

url pkg:pypi/cairosvg@1.0.6

purl pkg:pypi/cairosvg@1.0.6

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-4rp7-t37q-kff1

vulnerability	VCID-kzys-kvs5-wqgv

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/cairosvg@1.0.6

url pkg:pypi/cairosvg@1.0.7

purl pkg:pypi/cairosvg@1.0.7

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-4rp7-t37q-kff1

vulnerability	VCID-kzys-kvs5-wqgv

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/cairosvg@1.0.7

url pkg:pypi/cairosvg@1.0.8

purl pkg:pypi/cairosvg@1.0.8

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-4rp7-t37q-kff1

vulnerability	VCID-kzys-kvs5-wqgv

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/cairosvg@1.0.8

url pkg:pypi/cairosvg@1.0.9

purl pkg:pypi/cairosvg@1.0.9

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-4rp7-t37q-kff1

vulnerability	VCID-kzys-kvs5-wqgv

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/cairosvg@1.0.9

url pkg:pypi/cairosvg@1.0.10

purl pkg:pypi/cairosvg@1.0.10

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-4rp7-t37q-kff1

vulnerability	VCID-kzys-kvs5-wqgv

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/cairosvg@1.0.10

url pkg:pypi/cairosvg@1.0.11

purl pkg:pypi/cairosvg@1.0.11

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-4rp7-t37q-kff1

vulnerability	VCID-kzys-kvs5-wqgv

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/cairosvg@1.0.11

url pkg:pypi/cairosvg@1.0.12

purl pkg:pypi/cairosvg@1.0.12

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-4rp7-t37q-kff1

vulnerability	VCID-kzys-kvs5-wqgv

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/cairosvg@1.0.12

url pkg:pypi/cairosvg@1.0.13

purl pkg:pypi/cairosvg@1.0.13

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-4rp7-t37q-kff1

vulnerability	VCID-kzys-kvs5-wqgv

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/cairosvg@1.0.13

url pkg:pypi/cairosvg@1.0.14

purl pkg:pypi/cairosvg@1.0.14

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-4rp7-t37q-kff1

vulnerability	VCID-kzys-kvs5-wqgv

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/cairosvg@1.0.14

url pkg:pypi/cairosvg@1.0.15

purl pkg:pypi/cairosvg@1.0.15

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-4rp7-t37q-kff1

vulnerability	VCID-kzys-kvs5-wqgv

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/cairosvg@1.0.15

url pkg:pypi/cairosvg@1.0.16

purl pkg:pypi/cairosvg@1.0.16

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-4rp7-t37q-kff1

vulnerability	VCID-kzys-kvs5-wqgv

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/cairosvg@1.0.16

url pkg:pypi/cairosvg@1.0.17

purl pkg:pypi/cairosvg@1.0.17

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-4rp7-t37q-kff1

vulnerability	VCID-kzys-kvs5-wqgv

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/cairosvg@1.0.17

url pkg:pypi/cairosvg@1.0.18

purl pkg:pypi/cairosvg@1.0.18

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-4rp7-t37q-kff1

vulnerability	VCID-kzys-kvs5-wqgv

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/cairosvg@1.0.18

url pkg:pypi/cairosvg@1.0.19

purl pkg:pypi/cairosvg@1.0.19

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-4rp7-t37q-kff1

vulnerability	VCID-kzys-kvs5-wqgv

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/cairosvg@1.0.19

url pkg:pypi/cairosvg@1.0.20

purl pkg:pypi/cairosvg@1.0.20

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-4rp7-t37q-kff1

vulnerability	VCID-kzys-kvs5-wqgv

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/cairosvg@1.0.20

url pkg:pypi/cairosvg@1.0.21

purl pkg:pypi/cairosvg@1.0.21

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-4rp7-t37q-kff1

vulnerability	VCID-kzys-kvs5-wqgv

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/cairosvg@1.0.21

url pkg:pypi/cairosvg@1.0.22

purl pkg:pypi/cairosvg@1.0.22

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-4rp7-t37q-kff1

vulnerability	VCID-kzys-kvs5-wqgv

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/cairosvg@1.0.22

url pkg:pypi/cairosvg@2.0.0rc1

purl pkg:pypi/cairosvg@2.0.0rc1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-4rp7-t37q-kff1

vulnerability	VCID-kzys-kvs5-wqgv

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/cairosvg@2.0.0rc1

url pkg:pypi/cairosvg@2.0.0rc2

purl pkg:pypi/cairosvg@2.0.0rc2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-4rp7-t37q-kff1

vulnerability	VCID-kzys-kvs5-wqgv

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/cairosvg@2.0.0rc2

url pkg:pypi/cairosvg@2.0.0rc3

purl pkg:pypi/cairosvg@2.0.0rc3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-4rp7-t37q-kff1

vulnerability	VCID-kzys-kvs5-wqgv

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/cairosvg@2.0.0rc3

url pkg:pypi/cairosvg@2.0.0rc4

purl pkg:pypi/cairosvg@2.0.0rc4

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-4rp7-t37q-kff1

vulnerability	VCID-kzys-kvs5-wqgv

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/cairosvg@2.0.0rc4

url pkg:pypi/cairosvg@2.0.0rc5

purl pkg:pypi/cairosvg@2.0.0rc5

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-4rp7-t37q-kff1

vulnerability	VCID-kzys-kvs5-wqgv

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/cairosvg@2.0.0rc5

url pkg:pypi/cairosvg@2.0.0rc6

purl pkg:pypi/cairosvg@2.0.0rc6

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-4rp7-t37q-kff1

vulnerability	VCID-kzys-kvs5-wqgv

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/cairosvg@2.0.0rc6

url pkg:pypi/cairosvg@2.0.0

purl pkg:pypi/cairosvg@2.0.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-4rp7-t37q-kff1

vulnerability	VCID-kzys-kvs5-wqgv

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/cairosvg@2.0.0

url pkg:pypi/cairosvg@2.0.1

purl pkg:pypi/cairosvg@2.0.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-4rp7-t37q-kff1

vulnerability	VCID-kzys-kvs5-wqgv

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/cairosvg@2.0.1

url pkg:pypi/cairosvg@2.0.2

purl pkg:pypi/cairosvg@2.0.2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-4rp7-t37q-kff1

vulnerability	VCID-kzys-kvs5-wqgv

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/cairosvg@2.0.2

url pkg:pypi/cairosvg@2.0.3

purl pkg:pypi/cairosvg@2.0.3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-4rp7-t37q-kff1

vulnerability	VCID-kzys-kvs5-wqgv

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/cairosvg@2.0.3

url pkg:pypi/cairosvg@2.1.0

purl pkg:pypi/cairosvg@2.1.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-4rp7-t37q-kff1

vulnerability	VCID-kzys-kvs5-wqgv

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/cairosvg@2.1.0

url pkg:pypi/cairosvg@2.1.1

purl pkg:pypi/cairosvg@2.1.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-4rp7-t37q-kff1

vulnerability	VCID-kzys-kvs5-wqgv

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/cairosvg@2.1.1

url pkg:pypi/cairosvg@2.1.2

purl pkg:pypi/cairosvg@2.1.2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-4rp7-t37q-kff1

vulnerability	VCID-kzys-kvs5-wqgv

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/cairosvg@2.1.2

url pkg:pypi/cairosvg@2.1.3

purl pkg:pypi/cairosvg@2.1.3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-4rp7-t37q-kff1

vulnerability	VCID-kzys-kvs5-wqgv

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/cairosvg@2.1.3

url pkg:pypi/cairosvg@2.2.0

purl pkg:pypi/cairosvg@2.2.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-4rp7-t37q-kff1

vulnerability	VCID-kzys-kvs5-wqgv

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/cairosvg@2.2.0

url pkg:pypi/cairosvg@2.2.1

purl pkg:pypi/cairosvg@2.2.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-4rp7-t37q-kff1

vulnerability	VCID-kzys-kvs5-wqgv

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/cairosvg@2.2.1

url pkg:pypi/cairosvg@2.3.0

purl pkg:pypi/cairosvg@2.3.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-4rp7-t37q-kff1

vulnerability	VCID-kzys-kvs5-wqgv

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/cairosvg@2.3.0

url pkg:pypi/cairosvg@2.3.1

purl pkg:pypi/cairosvg@2.3.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-4rp7-t37q-kff1

vulnerability	VCID-kzys-kvs5-wqgv

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/cairosvg@2.3.1

url pkg:pypi/cairosvg@2.4.0

purl pkg:pypi/cairosvg@2.4.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-4rp7-t37q-kff1

vulnerability	VCID-kzys-kvs5-wqgv

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/cairosvg@2.4.0

url pkg:pypi/cairosvg@2.4.1

purl pkg:pypi/cairosvg@2.4.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-4rp7-t37q-kff1

vulnerability	VCID-kzys-kvs5-wqgv

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/cairosvg@2.4.1

url pkg:pypi/cairosvg@2.4.2

purl pkg:pypi/cairosvg@2.4.2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-4rp7-t37q-kff1

vulnerability	VCID-kzys-kvs5-wqgv

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/cairosvg@2.4.2

url pkg:pypi/cairosvg@2.5.0

purl pkg:pypi/cairosvg@2.5.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-4rp7-t37q-kff1

vulnerability	VCID-kzys-kvs5-wqgv

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/cairosvg@2.5.0

References

reference_url	https://github.com/Kozea/CairoSVG/commit/cfc9175e590531d90384aa88845052de53d94bf3
reference_id
reference_type
scores
url	https://github.com/Kozea/CairoSVG/commit/cfc9175e590531d90384aa88845052de53d94bf3

reference_url	https://github.com/Kozea/CairoSVG/releases/tag/2.5.1
reference_id
reference_type
scores
url	https://github.com/Kozea/CairoSVG/releases/tag/2.5.1

reference_url	https://github.com/Kozea/CairoSVG/security/advisories/GHSA-hq37-853p-g5cf
reference_id
reference_type
scores
url	https://github.com/Kozea/CairoSVG/security/advisories/GHSA-hq37-853p-g5cf

reference_url	https://pypi.org/project/CairoSVG/
reference_id
reference_type
scores
url	https://pypi.org/project/CairoSVG/

Weaknesses

Exploits

Severity_range_score null

Exploitability null

Weighted_severity null

Risk_score null

Resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-kzys-kvs5-wqgv

Vulnerability Instance