Vulnerability Instance
Lookup for vulnerabilities affecting packages.
GET /api/vulnerabilities/35877?format=api
{ "url": "http://public2.vulnerablecode.io/api/vulnerabilities/35877?format=api", "vulnerability_id": "VCID-mff6-1k8j-jbhp", "summary": "ESPHome is a system to control the ESP8266/ESP32. Anyone with web_server enabled and HTTP basic auth configured on version 2021.9.1 or older is vulnerable to an issue in which `web_server` allows over-the-air (OTA) updates without checking user defined basic auth username & password. This issue is patched in version 2021.9.2. As a workaround, one may disable or remove `web_server`.", "aliases": [ { "alias": "CVE-2021-41104" }, { "alias": "GHSA-48mj-p7x2-5jfm" }, { "alias": "PYSEC-2021-351" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/23736?format=api", "purl": "pkg:pypi/esphome@2021.9.2", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/esphome@2021.9.2" } ], "affected_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/23633?format=api", "purl": "pkg:pypi/esphome@1.10.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-mff6-1k8j-jbhp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/esphome@1.10.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/23634?format=api", "purl": "pkg:pypi/esphome@1.11.0b1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-mff6-1k8j-jbhp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/esphome@1.11.0b1" }, { "url": "http://public2.vulnerablecode.io/api/packages/23635?format=api", "purl": "pkg:pypi/esphome@1.11.0b2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-mff6-1k8j-jbhp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/esphome@1.11.0b2" }, { "url": "http://public2.vulnerablecode.io/api/packages/23636?format=api", "purl": "pkg:pypi/esphome@1.11.0b3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-mff6-1k8j-jbhp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/esphome@1.11.0b3" }, { "url": "http://public2.vulnerablecode.io/api/packages/23637?format=api", "purl": "pkg:pypi/esphome@1.11.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-mff6-1k8j-jbhp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/esphome@1.11.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/23638?format=api", "purl": "pkg:pypi/esphome@1.11.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-mff6-1k8j-jbhp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/esphome@1.11.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/23639?format=api", "purl": "pkg:pypi/esphome@1.11.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-mff6-1k8j-jbhp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/esphome@1.11.2" }, { "url": "http://public2.vulnerablecode.io/api/packages/23640?format=api", "purl": "pkg:pypi/esphome@1.12.0b1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-mff6-1k8j-jbhp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/esphome@1.12.0b1" }, { "url": "http://public2.vulnerablecode.io/api/packages/23641?format=api", "purl": "pkg:pypi/esphome@1.12.0b2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-mff6-1k8j-jbhp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/esphome@1.12.0b2" }, { "url": "http://public2.vulnerablecode.io/api/packages/23642?format=api", "purl": "pkg:pypi/esphome@1.12.0b3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-mff6-1k8j-jbhp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/esphome@1.12.0b3" }, { "url": "http://public2.vulnerablecode.io/api/packages/23643?format=api", "purl": "pkg:pypi/esphome@1.12.0b4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-mff6-1k8j-jbhp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/esphome@1.12.0b4" }, { "url": "http://public2.vulnerablecode.io/api/packages/23644?format=api", "purl": "pkg:pypi/esphome@1.12.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-mff6-1k8j-jbhp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/esphome@1.12.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/23645?format=api", "purl": "pkg:pypi/esphome@1.12.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-mff6-1k8j-jbhp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/esphome@1.12.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/23646?format=api", "purl": "pkg:pypi/esphome@1.12.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-mff6-1k8j-jbhp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/esphome@1.12.2" }, { "url": "http://public2.vulnerablecode.io/api/packages/23647?format=api", "purl": "pkg:pypi/esphome@1.13.0b1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-mff6-1k8j-jbhp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/esphome@1.13.0b1" }, { "url": "http://public2.vulnerablecode.io/api/packages/23648?format=api", "purl": "pkg:pypi/esphome@1.13.0b2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-mff6-1k8j-jbhp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/esphome@1.13.0b2" }, { "url": "http://public2.vulnerablecode.io/api/packages/23649?format=api", "purl": "pkg:pypi/esphome@1.13.0b3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-mff6-1k8j-jbhp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/esphome@1.13.0b3" }, { "url": "http://public2.vulnerablecode.io/api/packages/23650?format=api", "purl": "pkg:pypi/esphome@1.13.0b4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-mff6-1k8j-jbhp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/esphome@1.13.0b4" }, { "url": "http://public2.vulnerablecode.io/api/packages/23651?format=api", "purl": "pkg:pypi/esphome@1.13.0b5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-mff6-1k8j-jbhp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/esphome@1.13.0b5" }, { "url": "http://public2.vulnerablecode.io/api/packages/23652?format=api", "purl": "pkg:pypi/esphome@1.13.0b6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-mff6-1k8j-jbhp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/esphome@1.13.0b6" }, { "url": "http://public2.vulnerablecode.io/api/packages/23653?format=api", "purl": "pkg:pypi/esphome@1.13.0b7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-mff6-1k8j-jbhp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/esphome@1.13.0b7" }, { "url": "http://public2.vulnerablecode.io/api/packages/23654?format=api", "purl": "pkg:pypi/esphome@1.13.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-mff6-1k8j-jbhp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/esphome@1.13.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/23655?format=api", "purl": "pkg:pypi/esphome@1.13.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-mff6-1k8j-jbhp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/esphome@1.13.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/23656?format=api", "purl": "pkg:pypi/esphome@1.13.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-mff6-1k8j-jbhp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/esphome@1.13.2" }, { "url": "http://public2.vulnerablecode.io/api/packages/23657?format=api", "purl": "pkg:pypi/esphome@1.13.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-mff6-1k8j-jbhp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/esphome@1.13.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/23658?format=api", "purl": "pkg:pypi/esphome@1.13.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-mff6-1k8j-jbhp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/esphome@1.13.4" }, { "url": "http://public2.vulnerablecode.io/api/packages/23659?format=api", "purl": "pkg:pypi/esphome@1.13.5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-mff6-1k8j-jbhp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/esphome@1.13.5" }, { "url": "http://public2.vulnerablecode.io/api/packages/23660?format=api", "purl": "pkg:pypi/esphome@1.13.6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-mff6-1k8j-jbhp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/esphome@1.13.6" }, { "url": "http://public2.vulnerablecode.io/api/packages/23661?format=api", "purl": "pkg:pypi/esphome@1.14.0b1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-mff6-1k8j-jbhp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/esphome@1.14.0b1" }, { "url": "http://public2.vulnerablecode.io/api/packages/23662?format=api", "purl": "pkg:pypi/esphome@1.14.0b2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-mff6-1k8j-jbhp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/esphome@1.14.0b2" }, { "url": "http://public2.vulnerablecode.io/api/packages/23663?format=api", "purl": "pkg:pypi/esphome@1.14.0b3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-mff6-1k8j-jbhp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/esphome@1.14.0b3" }, { "url": "http://public2.vulnerablecode.io/api/packages/23664?format=api", "purl": "pkg:pypi/esphome@1.14.0b4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-mff6-1k8j-jbhp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/esphome@1.14.0b4" }, { "url": "http://public2.vulnerablecode.io/api/packages/23665?format=api", "purl": "pkg:pypi/esphome@1.14.0b5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-mff6-1k8j-jbhp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/esphome@1.14.0b5" }, { "url": "http://public2.vulnerablecode.io/api/packages/23666?format=api", "purl": "pkg:pypi/esphome@1.14.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-mff6-1k8j-jbhp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/esphome@1.14.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/23667?format=api", "purl": "pkg:pypi/esphome@1.14.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-mff6-1k8j-jbhp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/esphome@1.14.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/23668?format=api", "purl": "pkg:pypi/esphome@1.14.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-mff6-1k8j-jbhp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/esphome@1.14.2" }, { "url": "http://public2.vulnerablecode.io/api/packages/23669?format=api", "purl": "pkg:pypi/esphome@1.14.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-mff6-1k8j-jbhp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/esphome@1.14.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/23670?format=api", "purl": "pkg:pypi/esphome@1.14.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-mff6-1k8j-jbhp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/esphome@1.14.4" }, { "url": "http://public2.vulnerablecode.io/api/packages/23671?format=api", "purl": "pkg:pypi/esphome@1.14.5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-mff6-1k8j-jbhp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/esphome@1.14.5" }, { "url": "http://public2.vulnerablecode.io/api/packages/23672?format=api", "purl": "pkg:pypi/esphome@1.15.0b1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-mff6-1k8j-jbhp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/esphome@1.15.0b1" }, { "url": "http://public2.vulnerablecode.io/api/packages/23673?format=api", "purl": "pkg:pypi/esphome@1.15.0b2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-mff6-1k8j-jbhp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/esphome@1.15.0b2" }, { "url": "http://public2.vulnerablecode.io/api/packages/23674?format=api", "purl": "pkg:pypi/esphome@1.15.0b3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-mff6-1k8j-jbhp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/esphome@1.15.0b3" }, { "url": "http://public2.vulnerablecode.io/api/packages/23675?format=api", "purl": "pkg:pypi/esphome@1.15.0b4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-mff6-1k8j-jbhp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/esphome@1.15.0b4" }, { "url": "http://public2.vulnerablecode.io/api/packages/23676?format=api", "purl": "pkg:pypi/esphome@1.15.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-mff6-1k8j-jbhp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/esphome@1.15.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/23677?format=api", "purl": "pkg:pypi/esphome@1.15.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-mff6-1k8j-jbhp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/esphome@1.15.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/23678?format=api", "purl": "pkg:pypi/esphome@1.15.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-mff6-1k8j-jbhp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/esphome@1.15.2" }, { "url": "http://public2.vulnerablecode.io/api/packages/23679?format=api", "purl": "pkg:pypi/esphome@1.15.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-mff6-1k8j-jbhp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/esphome@1.15.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/23680?format=api", "purl": "pkg:pypi/esphome@1.16.0b1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-mff6-1k8j-jbhp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/esphome@1.16.0b1" }, { "url": "http://public2.vulnerablecode.io/api/packages/23681?format=api", "purl": "pkg:pypi/esphome@1.16.0b2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-mff6-1k8j-jbhp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/esphome@1.16.0b2" }, { "url": "http://public2.vulnerablecode.io/api/packages/23682?format=api", "purl": "pkg:pypi/esphome@1.16.0b3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-mff6-1k8j-jbhp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/esphome@1.16.0b3" }, { "url": "http://public2.vulnerablecode.io/api/packages/23683?format=api", "purl": "pkg:pypi/esphome@1.16.0b4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-mff6-1k8j-jbhp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/esphome@1.16.0b4" }, { "url": "http://public2.vulnerablecode.io/api/packages/23684?format=api", "purl": "pkg:pypi/esphome@1.16.0b5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-mff6-1k8j-jbhp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/esphome@1.16.0b5" }, { "url": "http://public2.vulnerablecode.io/api/packages/23685?format=api", "purl": "pkg:pypi/esphome@1.16.0b6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-mff6-1k8j-jbhp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/esphome@1.16.0b6" }, { "url": "http://public2.vulnerablecode.io/api/packages/23686?format=api", "purl": "pkg:pypi/esphome@1.16.0b7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-mff6-1k8j-jbhp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/esphome@1.16.0b7" }, { "url": "http://public2.vulnerablecode.io/api/packages/23687?format=api", "purl": "pkg:pypi/esphome@1.16.0b8", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-mff6-1k8j-jbhp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/esphome@1.16.0b8" }, { "url": "http://public2.vulnerablecode.io/api/packages/23688?format=api", "purl": "pkg:pypi/esphome@1.16.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-mff6-1k8j-jbhp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/esphome@1.16.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/23689?format=api", "purl": "pkg:pypi/esphome@1.16.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-mff6-1k8j-jbhp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/esphome@1.16.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/23690?format=api", "purl": "pkg:pypi/esphome@1.16.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-mff6-1k8j-jbhp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/esphome@1.16.2" }, { "url": "http://public2.vulnerablecode.io/api/packages/23691?format=api", "purl": "pkg:pypi/esphome@1.17.0b1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-mff6-1k8j-jbhp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/esphome@1.17.0b1" }, { "url": "http://public2.vulnerablecode.io/api/packages/23692?format=api", "purl": "pkg:pypi/esphome@1.17.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-mff6-1k8j-jbhp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/esphome@1.17.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/23693?format=api", "purl": "pkg:pypi/esphome@1.17.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-mff6-1k8j-jbhp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/esphome@1.17.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/23694?format=api", "purl": "pkg:pypi/esphome@1.17.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-mff6-1k8j-jbhp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/esphome@1.17.2" }, { "url": "http://public2.vulnerablecode.io/api/packages/23695?format=api", "purl": "pkg:pypi/esphome@1.18.0b1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-mff6-1k8j-jbhp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/esphome@1.18.0b1" }, { "url": "http://public2.vulnerablecode.io/api/packages/23696?format=api", "purl": "pkg:pypi/esphome@1.18.0b2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-mff6-1k8j-jbhp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/esphome@1.18.0b2" }, { "url": "http://public2.vulnerablecode.io/api/packages/23697?format=api", "purl": "pkg:pypi/esphome@1.18.0b3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-mff6-1k8j-jbhp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/esphome@1.18.0b3" }, { "url": "http://public2.vulnerablecode.io/api/packages/23698?format=api", "purl": "pkg:pypi/esphome@1.18.0b4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-mff6-1k8j-jbhp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/esphome@1.18.0b4" }, { "url": "http://public2.vulnerablecode.io/api/packages/23699?format=api", "purl": "pkg:pypi/esphome@1.18.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-mff6-1k8j-jbhp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/esphome@1.18.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/23700?format=api", "purl": "pkg:pypi/esphome@1.19.0b1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-mff6-1k8j-jbhp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/esphome@1.19.0b1" }, { "url": "http://public2.vulnerablecode.io/api/packages/23701?format=api", "purl": "pkg:pypi/esphome@1.19.0b2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-mff6-1k8j-jbhp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/esphome@1.19.0b2" }, { "url": "http://public2.vulnerablecode.io/api/packages/23702?format=api", "purl": "pkg:pypi/esphome@1.19.0b3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-mff6-1k8j-jbhp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/esphome@1.19.0b3" }, { "url": "http://public2.vulnerablecode.io/api/packages/23703?format=api", "purl": "pkg:pypi/esphome@1.19.0b4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-mff6-1k8j-jbhp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/esphome@1.19.0b4" }, { "url": "http://public2.vulnerablecode.io/api/packages/23704?format=api", "purl": "pkg:pypi/esphome@1.19.0b5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-mff6-1k8j-jbhp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/esphome@1.19.0b5" }, { "url": "http://public2.vulnerablecode.io/api/packages/23705?format=api", "purl": "pkg:pypi/esphome@1.19.0b6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-mff6-1k8j-jbhp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/esphome@1.19.0b6" }, { "url": "http://public2.vulnerablecode.io/api/packages/23706?format=api", "purl": "pkg:pypi/esphome@1.19.0b7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-mff6-1k8j-jbhp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/esphome@1.19.0b7" }, { "url": "http://public2.vulnerablecode.io/api/packages/23707?format=api", "purl": "pkg:pypi/esphome@1.19.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-mff6-1k8j-jbhp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/esphome@1.19.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/23708?format=api", "purl": "pkg:pypi/esphome@1.19.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-mff6-1k8j-jbhp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/esphome@1.19.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/23709?format=api", "purl": "pkg:pypi/esphome@1.19.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-mff6-1k8j-jbhp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/esphome@1.19.2" }, { "url": "http://public2.vulnerablecode.io/api/packages/23710?format=api", "purl": "pkg:pypi/esphome@1.19.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-mff6-1k8j-jbhp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/esphome@1.19.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/23711?format=api", "purl": "pkg:pypi/esphome@1.19.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-mff6-1k8j-jbhp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/esphome@1.19.4" }, { "url": "http://public2.vulnerablecode.io/api/packages/23712?format=api", "purl": "pkg:pypi/esphome@1.20.0b1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-mff6-1k8j-jbhp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/esphome@1.20.0b1" }, { "url": "http://public2.vulnerablecode.io/api/packages/23713?format=api", "purl": "pkg:pypi/esphome@1.20.0b2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-mff6-1k8j-jbhp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/esphome@1.20.0b2" }, { "url": "http://public2.vulnerablecode.io/api/packages/23714?format=api", "purl": "pkg:pypi/esphome@1.20.0b3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-mff6-1k8j-jbhp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/esphome@1.20.0b3" }, { "url": "http://public2.vulnerablecode.io/api/packages/23715?format=api", "purl": "pkg:pypi/esphome@1.20.0b4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-mff6-1k8j-jbhp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/esphome@1.20.0b4" }, { "url": "http://public2.vulnerablecode.io/api/packages/23716?format=api", "purl": "pkg:pypi/esphome@1.20.0b5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-mff6-1k8j-jbhp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/esphome@1.20.0b5" }, { "url": "http://public2.vulnerablecode.io/api/packages/23717?format=api", "purl": "pkg:pypi/esphome@1.20.0b6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-mff6-1k8j-jbhp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/esphome@1.20.0b6" }, { "url": "http://public2.vulnerablecode.io/api/packages/23718?format=api", "purl": "pkg:pypi/esphome@1.20.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-mff6-1k8j-jbhp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/esphome@1.20.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/23719?format=api", "purl": "pkg:pypi/esphome@1.20.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-mff6-1k8j-jbhp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/esphome@1.20.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/23720?format=api", "purl": "pkg:pypi/esphome@1.20.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-mff6-1k8j-jbhp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/esphome@1.20.2" }, { "url": "http://public2.vulnerablecode.io/api/packages/23721?format=api", "purl": "pkg:pypi/esphome@1.20.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-mff6-1k8j-jbhp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/esphome@1.20.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/23722?format=api", "purl": "pkg:pypi/esphome@1.20.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-mff6-1k8j-jbhp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/esphome@1.20.4" }, { "url": "http://public2.vulnerablecode.io/api/packages/23723?format=api", "purl": "pkg:pypi/esphome@1.21.0b1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-mff6-1k8j-jbhp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/esphome@1.21.0b1" }, { "url": "http://public2.vulnerablecode.io/api/packages/23724?format=api", "purl": "pkg:pypi/esphome@1.21.0b2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-mff6-1k8j-jbhp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/esphome@1.21.0b2" }, { "url": "http://public2.vulnerablecode.io/api/packages/23725?format=api", "purl": "pkg:pypi/esphome@1.21.0b3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-mff6-1k8j-jbhp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/esphome@1.21.0b3" }, { "url": "http://public2.vulnerablecode.io/api/packages/23726?format=api", "purl": "pkg:pypi/esphome@2021.8.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-mff6-1k8j-jbhp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/esphome@2021.8.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/23727?format=api", "purl": "pkg:pypi/esphome@2021.8.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-mff6-1k8j-jbhp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/esphome@2021.8.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/23728?format=api", "purl": "pkg:pypi/esphome@2021.8.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-mff6-1k8j-jbhp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/esphome@2021.8.2" }, { "url": "http://public2.vulnerablecode.io/api/packages/23729?format=api", "purl": "pkg:pypi/esphome@2021.9.0b1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-mff6-1k8j-jbhp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/esphome@2021.9.0b1" }, { "url": "http://public2.vulnerablecode.io/api/packages/23730?format=api", "purl": "pkg:pypi/esphome@2021.9.0b2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-mff6-1k8j-jbhp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/esphome@2021.9.0b2" }, { "url": "http://public2.vulnerablecode.io/api/packages/23731?format=api", "purl": "pkg:pypi/esphome@2021.9.0b3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-mff6-1k8j-jbhp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/esphome@2021.9.0b3" }, { "url": "http://public2.vulnerablecode.io/api/packages/23732?format=api", "purl": "pkg:pypi/esphome@2021.9.0b4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-mff6-1k8j-jbhp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/esphome@2021.9.0b4" }, { "url": "http://public2.vulnerablecode.io/api/packages/23733?format=api", "purl": "pkg:pypi/esphome@2021.9.0b5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-mff6-1k8j-jbhp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/esphome@2021.9.0b5" }, { "url": "http://public2.vulnerablecode.io/api/packages/23734?format=api", "purl": "pkg:pypi/esphome@2021.9.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-mff6-1k8j-jbhp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/esphome@2021.9.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/23735?format=api", "purl": "pkg:pypi/esphome@2021.9.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-mff6-1k8j-jbhp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/esphome@2021.9.1" } ], "references": [ { "reference_url": "https://github.com/esphome/esphome", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/esphome/esphome" }, { "reference_url": "https://github.com/esphome/esphome/commit/2234f6aacf8cc653307fed80f3750317a82c4f83", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/esphome/esphome/commit/2234f6aacf8cc653307fed80f3750317a82c4f83" }, { "reference_url": "https://github.com/esphome/esphome/commit/be965a60eba6bb769e2a5afdbc8eed132f077a59", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/esphome/esphome/commit/be965a60eba6bb769e2a5afdbc8eed132f077a59" }, { "reference_url": "https://github.com/esphome/esphome/pull/2409", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/esphome/esphome/pull/2409" }, { "reference_url": "https://github.com/esphome/esphome/pull/2409/commits/207cde1667d8c799a197b78ca8a5a14de8d5ca1e", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/esphome/esphome/pull/2409/commits/207cde1667d8c799a197b78ca8a5a14de8d5ca1e" }, { "reference_url": "https://github.com/esphome/esphome/releases/tag/2021.9.2", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/esphome/esphome/releases/tag/2021.9.2" }, { "reference_url": "https://github.com/esphome/esphome/security/advisories/GHSA-48mj-p7x2-5jfm", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/esphome/esphome/security/advisories/GHSA-48mj-p7x2-5jfm" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/esphome/PYSEC-2021-351.yaml", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/esphome/PYSEC-2021-351.yaml" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2021-41104", "reference_id": "CVE-2021-41104", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-41104" }, { "reference_url": "https://github.com/advisories/GHSA-48mj-p7x2-5jfm", "reference_id": "GHSA-48mj-p7x2-5jfm", "reference_type": "", "scores": [], "url": "https://github.com/advisories/GHSA-48mj-p7x2-5jfm" } ], "weaknesses": [ { "cwe_id": 306, "name": "Missing Authentication for Critical Function", "description": "The product does not perform any authentication for functionality that requires a provable user identity or consumes a significant amount of resources." }, { "cwe_id": 937, "name": "OWASP Top Ten 2013 Category A9 - Using Components with Known Vulnerabilities", "description": "Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2013." }, { "cwe_id": 1035, "name": "OWASP Top Ten 2017 Category A9 - Using Components with Known Vulnerabilities", "description": "Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2017." } ], "exploits": [], "severity_range_score": null, "exploitability": null, "weighted_severity": null, "risk_score": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-mff6-1k8j-jbhp" }