Django REST framework

Lookup for vulnerabilities affecting packages.

Vulnerability_id VCID-2zwf-1hng-1qhv

Summary HTTPie is a command-line HTTP client. HTTPie has the practical concept of sessions, which help users to persistently store some of the state that belongs to the outgoing requests and incoming responses on the disk for further usage. Before 3.1.0, HTTPie didnâ€˜t distinguish between cookies and hosts they belonged. This behavior resulted in the exposure of some cookies when there are redirects originating from the actual host to a third party website. Users are advised to upgrade. There are no known workarounds.

Aliases

alias	CVE-2022-24737

alias	GHSA-9w4w-cpc8-h2fq

alias	PYSEC-2022-34

Fixed_packages

url	pkg:pypi/httpie@3.1.0
purl	pkg:pypi/httpie@3.1.0
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:pypi/httpie@3.1.0

Affected_packages

url pkg:pypi/httpie@0.1

purl pkg:pypi/httpie@0.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-21mn-an3r-9kc5

vulnerability	VCID-2zwf-1hng-1qhv

vulnerability	VCID-gh63-eg4m-bbcr

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/httpie@0.1

url pkg:pypi/httpie@0.1.1

purl pkg:pypi/httpie@0.1.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-21mn-an3r-9kc5

vulnerability	VCID-2zwf-1hng-1qhv

vulnerability	VCID-gh63-eg4m-bbcr

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/httpie@0.1.1

url pkg:pypi/httpie@0.1.2

purl pkg:pypi/httpie@0.1.2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-21mn-an3r-9kc5

vulnerability	VCID-2zwf-1hng-1qhv

vulnerability	VCID-gh63-eg4m-bbcr

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/httpie@0.1.2

url pkg:pypi/httpie@0.1.3

purl pkg:pypi/httpie@0.1.3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-21mn-an3r-9kc5

vulnerability	VCID-2zwf-1hng-1qhv

vulnerability	VCID-gh63-eg4m-bbcr

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/httpie@0.1.3

url pkg:pypi/httpie@0.1.4

purl pkg:pypi/httpie@0.1.4

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-21mn-an3r-9kc5

vulnerability	VCID-2zwf-1hng-1qhv

vulnerability	VCID-gh63-eg4m-bbcr

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/httpie@0.1.4

url pkg:pypi/httpie@0.1.5

purl pkg:pypi/httpie@0.1.5

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-21mn-an3r-9kc5

vulnerability	VCID-2zwf-1hng-1qhv

vulnerability	VCID-gh63-eg4m-bbcr

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/httpie@0.1.5

url pkg:pypi/httpie@0.1.6

purl pkg:pypi/httpie@0.1.6

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-21mn-an3r-9kc5

vulnerability	VCID-2zwf-1hng-1qhv

vulnerability	VCID-gh63-eg4m-bbcr

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/httpie@0.1.6

url pkg:pypi/httpie@0.2.0

purl pkg:pypi/httpie@0.2.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-21mn-an3r-9kc5

vulnerability	VCID-2zwf-1hng-1qhv

vulnerability	VCID-gh63-eg4m-bbcr

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/httpie@0.2.0

url pkg:pypi/httpie@0.2.1

purl pkg:pypi/httpie@0.2.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-21mn-an3r-9kc5

vulnerability	VCID-2zwf-1hng-1qhv

vulnerability	VCID-gh63-eg4m-bbcr

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/httpie@0.2.1

url pkg:pypi/httpie@0.2.2

purl pkg:pypi/httpie@0.2.2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-21mn-an3r-9kc5

vulnerability	VCID-2zwf-1hng-1qhv

vulnerability	VCID-gh63-eg4m-bbcr

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/httpie@0.2.2

url pkg:pypi/httpie@0.2.3

purl pkg:pypi/httpie@0.2.3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-21mn-an3r-9kc5

vulnerability	VCID-2zwf-1hng-1qhv

vulnerability	VCID-gh63-eg4m-bbcr

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/httpie@0.2.3

url pkg:pypi/httpie@0.2.4.dev0

purl pkg:pypi/httpie@0.2.4.dev0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-21mn-an3r-9kc5

vulnerability	VCID-2zwf-1hng-1qhv

vulnerability	VCID-gh63-eg4m-bbcr

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/httpie@0.2.4.dev0

url pkg:pypi/httpie@0.2.4

purl pkg:pypi/httpie@0.2.4

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-21mn-an3r-9kc5

vulnerability	VCID-2zwf-1hng-1qhv

vulnerability	VCID-gh63-eg4m-bbcr

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/httpie@0.2.4

url pkg:pypi/httpie@0.2.5

purl pkg:pypi/httpie@0.2.5

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-21mn-an3r-9kc5

vulnerability	VCID-2zwf-1hng-1qhv

vulnerability	VCID-gh63-eg4m-bbcr

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/httpie@0.2.5

url pkg:pypi/httpie@0.2.6

purl pkg:pypi/httpie@0.2.6

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-21mn-an3r-9kc5

vulnerability	VCID-2zwf-1hng-1qhv

vulnerability	VCID-gh63-eg4m-bbcr

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/httpie@0.2.6

url pkg:pypi/httpie@0.2.7

purl pkg:pypi/httpie@0.2.7

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-21mn-an3r-9kc5

vulnerability	VCID-2zwf-1hng-1qhv

vulnerability	VCID-gh63-eg4m-bbcr

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/httpie@0.2.7

url pkg:pypi/httpie@0.3.0

purl pkg:pypi/httpie@0.3.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-21mn-an3r-9kc5

vulnerability	VCID-2zwf-1hng-1qhv

vulnerability	VCID-gh63-eg4m-bbcr

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/httpie@0.3.0

url pkg:pypi/httpie@0.3.1

purl pkg:pypi/httpie@0.3.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-21mn-an3r-9kc5

vulnerability	VCID-2zwf-1hng-1qhv

vulnerability	VCID-gh63-eg4m-bbcr

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/httpie@0.3.1

url pkg:pypi/httpie@0.4.0

purl pkg:pypi/httpie@0.4.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-21mn-an3r-9kc5

vulnerability	VCID-2zwf-1hng-1qhv

vulnerability	VCID-gh63-eg4m-bbcr

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/httpie@0.4.0

url pkg:pypi/httpie@0.4.1

purl pkg:pypi/httpie@0.4.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-21mn-an3r-9kc5

vulnerability	VCID-2zwf-1hng-1qhv

vulnerability	VCID-gh63-eg4m-bbcr

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/httpie@0.4.1

url pkg:pypi/httpie@0.5.0

purl pkg:pypi/httpie@0.5.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-21mn-an3r-9kc5

vulnerability	VCID-2zwf-1hng-1qhv

vulnerability	VCID-gh63-eg4m-bbcr

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/httpie@0.5.0

url pkg:pypi/httpie@0.5.1

purl pkg:pypi/httpie@0.5.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-21mn-an3r-9kc5

vulnerability	VCID-2zwf-1hng-1qhv

vulnerability	VCID-gh63-eg4m-bbcr

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/httpie@0.5.1

url pkg:pypi/httpie@0.6.0

purl pkg:pypi/httpie@0.6.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-21mn-an3r-9kc5

vulnerability	VCID-2zwf-1hng-1qhv

vulnerability	VCID-gh63-eg4m-bbcr

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/httpie@0.6.0

url pkg:pypi/httpie@0.7.0

purl pkg:pypi/httpie@0.7.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-21mn-an3r-9kc5

vulnerability	VCID-2zwf-1hng-1qhv

vulnerability	VCID-gh63-eg4m-bbcr

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/httpie@0.7.0

url pkg:pypi/httpie@0.7.2

purl pkg:pypi/httpie@0.7.2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-21mn-an3r-9kc5

vulnerability	VCID-2zwf-1hng-1qhv

vulnerability	VCID-gh63-eg4m-bbcr

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/httpie@0.7.2

url pkg:pypi/httpie@0.8.0

purl pkg:pypi/httpie@0.8.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-21mn-an3r-9kc5

vulnerability	VCID-2zwf-1hng-1qhv

vulnerability	VCID-gh63-eg4m-bbcr

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/httpie@0.8.0

url pkg:pypi/httpie@0.9.0

purl pkg:pypi/httpie@0.9.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-21mn-an3r-9kc5

vulnerability	VCID-2zwf-1hng-1qhv

vulnerability	VCID-gh63-eg4m-bbcr

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/httpie@0.9.0

url pkg:pypi/httpie@0.9.1

purl pkg:pypi/httpie@0.9.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-21mn-an3r-9kc5

vulnerability	VCID-2zwf-1hng-1qhv

vulnerability	VCID-gh63-eg4m-bbcr

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/httpie@0.9.1

url pkg:pypi/httpie@0.9.2

purl pkg:pypi/httpie@0.9.2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-21mn-an3r-9kc5

vulnerability	VCID-2zwf-1hng-1qhv

vulnerability	VCID-gh63-eg4m-bbcr

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/httpie@0.9.2

url pkg:pypi/httpie@0.9.3

purl pkg:pypi/httpie@0.9.3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-21mn-an3r-9kc5

vulnerability	VCID-2zwf-1hng-1qhv

vulnerability	VCID-gh63-eg4m-bbcr

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/httpie@0.9.3

url pkg:pypi/httpie@0.9.4

purl pkg:pypi/httpie@0.9.4

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-21mn-an3r-9kc5

vulnerability	VCID-2zwf-1hng-1qhv

vulnerability	VCID-gh63-eg4m-bbcr

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/httpie@0.9.4

url pkg:pypi/httpie@0.9.5

purl pkg:pypi/httpie@0.9.5

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-21mn-an3r-9kc5

vulnerability	VCID-2zwf-1hng-1qhv

vulnerability	VCID-gh63-eg4m-bbcr

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/httpie@0.9.5

url pkg:pypi/httpie@0.9.6

purl pkg:pypi/httpie@0.9.6

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-21mn-an3r-9kc5

vulnerability	VCID-2zwf-1hng-1qhv

vulnerability	VCID-gh63-eg4m-bbcr

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/httpie@0.9.6

url pkg:pypi/httpie@0.9.7

purl pkg:pypi/httpie@0.9.7

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-21mn-an3r-9kc5

vulnerability	VCID-2zwf-1hng-1qhv

vulnerability	VCID-gh63-eg4m-bbcr

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/httpie@0.9.7

url pkg:pypi/httpie@0.9.8

purl pkg:pypi/httpie@0.9.8

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-21mn-an3r-9kc5

vulnerability	VCID-2zwf-1hng-1qhv

vulnerability	VCID-gh63-eg4m-bbcr

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/httpie@0.9.8

url pkg:pypi/httpie@0.9.9

purl pkg:pypi/httpie@0.9.9

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-21mn-an3r-9kc5

vulnerability	VCID-2zwf-1hng-1qhv

vulnerability	VCID-gh63-eg4m-bbcr

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/httpie@0.9.9

url pkg:pypi/httpie@1.0.0

purl pkg:pypi/httpie@1.0.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-21mn-an3r-9kc5

vulnerability	VCID-2zwf-1hng-1qhv

vulnerability	VCID-gh63-eg4m-bbcr

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/httpie@1.0.0

url pkg:pypi/httpie@1.0.2

purl pkg:pypi/httpie@1.0.2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-21mn-an3r-9kc5

vulnerability	VCID-2zwf-1hng-1qhv

vulnerability	VCID-gh63-eg4m-bbcr

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/httpie@1.0.2

url pkg:pypi/httpie@1.0.3

purl pkg:pypi/httpie@1.0.3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2zwf-1hng-1qhv

vulnerability	VCID-gh63-eg4m-bbcr

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/httpie@1.0.3

url pkg:pypi/httpie@2.0.0

purl pkg:pypi/httpie@2.0.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2zwf-1hng-1qhv

vulnerability	VCID-gh63-eg4m-bbcr

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/httpie@2.0.0

url pkg:pypi/httpie@2.1.0

purl pkg:pypi/httpie@2.1.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2zwf-1hng-1qhv

vulnerability	VCID-gh63-eg4m-bbcr

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/httpie@2.1.0

url pkg:pypi/httpie@2.2.0

purl pkg:pypi/httpie@2.2.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2zwf-1hng-1qhv

vulnerability	VCID-gh63-eg4m-bbcr

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/httpie@2.2.0

url pkg:pypi/httpie@2.3.0

purl pkg:pypi/httpie@2.3.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2zwf-1hng-1qhv

vulnerability	VCID-gh63-eg4m-bbcr

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/httpie@2.3.0

url pkg:pypi/httpie@2.4.0

purl pkg:pypi/httpie@2.4.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2zwf-1hng-1qhv

vulnerability	VCID-gh63-eg4m-bbcr

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/httpie@2.4.0

url pkg:pypi/httpie@2.5.0

purl pkg:pypi/httpie@2.5.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2zwf-1hng-1qhv

vulnerability	VCID-gh63-eg4m-bbcr

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/httpie@2.5.0

url pkg:pypi/httpie@2.6.0

purl pkg:pypi/httpie@2.6.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2zwf-1hng-1qhv

vulnerability	VCID-gh63-eg4m-bbcr

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/httpie@2.6.0

url pkg:pypi/httpie@3.0.0

purl pkg:pypi/httpie@3.0.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2zwf-1hng-1qhv

vulnerability	VCID-gh63-eg4m-bbcr

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/httpie@3.0.0

url pkg:pypi/httpie@3.0.1

purl pkg:pypi/httpie@3.0.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2zwf-1hng-1qhv

vulnerability	VCID-gh63-eg4m-bbcr

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/httpie@3.0.1

url pkg:pypi/httpie@3.0.2

purl pkg:pypi/httpie@3.0.2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2zwf-1hng-1qhv

vulnerability	VCID-gh63-eg4m-bbcr

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/httpie@3.0.2

References

reference_url	https://github.com/httpie/httpie
reference_id
reference_type
scores
url	https://github.com/httpie/httpie

reference_url	https://github.com/httpie/httpie/commit/65ab7d5caaaf2f95e61f9dd65441801c2ddee38b
reference_id
reference_type
scores
url	https://github.com/httpie/httpie/commit/65ab7d5caaaf2f95e61f9dd65441801c2ddee38b

reference_url	https://github.com/httpie/httpie/releases/tag/3.1.0
reference_id
reference_type
scores
url	https://github.com/httpie/httpie/releases/tag/3.1.0

reference_url	https://github.com/httpie/httpie/security/advisories/GHSA-9w4w-cpc8-h2fq
reference_id
reference_type
scores
url	https://github.com/httpie/httpie/security/advisories/GHSA-9w4w-cpc8-h2fq

reference_url	https://github.com/pypa/advisory-database/tree/main/vulns/httpie/PYSEC-2022-34.yaml
reference_id
reference_type
scores
url	https://github.com/pypa/advisory-database/tree/main/vulns/httpie/PYSEC-2022-34.yaml

reference_url	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4QZD2AZOL7XLNZVAV6GDNXYU6MFRU5RS
reference_id
reference_type
scores
url	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4QZD2AZOL7XLNZVAV6GDNXYU6MFRU5RS

reference_url	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R5VYSYKEKVZEVEBIWAADGDXG4Y3EWCQ3
reference_id
reference_type
scores
url	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R5VYSYKEKVZEVEBIWAADGDXG4Y3EWCQ3

reference_url	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TXFCHGTW3V32GD6GXXJZE5QAOSDT3RTY
reference_id
reference_type
scores
url	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TXFCHGTW3V32GD6GXXJZE5QAOSDT3RTY

reference_url	https://nvd.nist.gov/vuln/detail/CVE-2022-24737
reference_id	CVE-2022-24737
reference_type
scores
url	https://nvd.nist.gov/vuln/detail/CVE-2022-24737

reference_url	https://github.com/advisories/GHSA-9w4w-cpc8-h2fq
reference_id	GHSA-9w4w-cpc8-h2fq
reference_type
scores
url	https://github.com/advisories/GHSA-9w4w-cpc8-h2fq

Weaknesses

cwe_id	200
name	Exposure of Sensitive Information to an Unauthorized Actor
description	The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.

cwe_id	937
name	OWASP Top Ten 2013 Category A9 - Using Components with Known Vulnerabilities
description	Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2013.

cwe_id	1035
name	OWASP Top Ten 2017 Category A9 - Using Components with Known Vulnerabilities
description	Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2017.

Exploits

Severity_range_score null

Exploitability null

Weighted_severity null

Risk_score null

Resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-2zwf-1hng-1qhv

Vulnerability Instance