Vulnerability Instance
Lookup for vulnerabilities affecting packages.
GET /api/vulnerabilities/36859?format=api
{ "url": "http://public2.vulnerablecode.io/api/vulnerabilities/36859?format=api", "vulnerability_id": "VCID-3ev2-cjep-w3fd", "summary": "Indico is an event management system that uses Flask-Multipass, a multi-backend authentication system for Flask. In Indico prior to version 3.3.4, corresponding to Flask-Multipass prior to version 0.5.5, there is a Cross-Site-Scripting vulnerability during account creation when redirecting to the `next` URL. Exploitation requires initiating the account creation process with a maliciously crafted link, and then finalizing the signup process. Because of this, it can only target newly created (and thus unprivileged) Indico users. Indico 3.3.4 upgrades the dependency on Flask-Multipass to version 0.5.5, which fixes the issue. Those who build the Indico package themselves and cannot upgrade can update the `flask-multipass` dependency to `>=0.5.5` which fixes the vulnerability. Otherwise one could configure one's web server to disallow requests containing a query string with a `next` parameter that starts with `javascript:`.", "aliases": [ { "alias": "CVE-2024-45399" }, { "alias": "GHSA-rrqf-w74j-24ff" }, { "alias": "PYSEC-2024-90" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/42580?format=api", "purl": "pkg:pypi/indico@3.3.4", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/indico@3.3.4" } ], "affected_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/20630?format=api", "purl": "pkg:pypi/indico@0.98rc1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3ev2-cjep-w3fd" }, { "vulnerability": "VCID-n2kf-a5f2-h7d2" }, { "vulnerability": "VCID-u63h-ajt2-tbft" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/indico@0.98rc1" }, { "url": "http://public2.vulnerablecode.io/api/packages/20631?format=api", "purl": "pkg:pypi/indico@0.98.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3ev2-cjep-w3fd" }, { "vulnerability": "VCID-n2kf-a5f2-h7d2" }, { "vulnerability": "VCID-u63h-ajt2-tbft" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/indico@0.98.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/20632?format=api", "purl": "pkg:pypi/indico@0.98.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3ev2-cjep-w3fd" }, { "vulnerability": "VCID-n2kf-a5f2-h7d2" }, { "vulnerability": "VCID-u63h-ajt2-tbft" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/indico@0.98.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/20633?format=api", "purl": "pkg:pypi/indico@0.98.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3ev2-cjep-w3fd" }, { "vulnerability": "VCID-n2kf-a5f2-h7d2" }, { "vulnerability": "VCID-u63h-ajt2-tbft" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/indico@0.98.2" }, { "url": "http://public2.vulnerablecode.io/api/packages/20634?format=api", "purl": "pkg:pypi/indico@0.99", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3ev2-cjep-w3fd" }, { "vulnerability": "VCID-n2kf-a5f2-h7d2" }, { "vulnerability": "VCID-u63h-ajt2-tbft" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/indico@0.99" }, { "url": "http://public2.vulnerablecode.io/api/packages/20635?format=api", "purl": "pkg:pypi/indico@1.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3ev2-cjep-w3fd" }, { "vulnerability": "VCID-n2kf-a5f2-h7d2" }, { "vulnerability": "VCID-u63h-ajt2-tbft" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/indico@1.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/20636?format=api", "purl": "pkg:pypi/indico@1.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3ev2-cjep-w3fd" }, { "vulnerability": "VCID-n2kf-a5f2-h7d2" }, { "vulnerability": "VCID-u63h-ajt2-tbft" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/indico@1.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/20637?format=api", "purl": "pkg:pypi/indico@1.1.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3ev2-cjep-w3fd" }, { "vulnerability": "VCID-n2kf-a5f2-h7d2" }, { "vulnerability": "VCID-u63h-ajt2-tbft" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/indico@1.1.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/20638?format=api", "purl": "pkg:pypi/indico@1.1.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3ev2-cjep-w3fd" }, { "vulnerability": "VCID-n2kf-a5f2-h7d2" }, { "vulnerability": "VCID-u63h-ajt2-tbft" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/indico@1.1.2" }, { "url": "http://public2.vulnerablecode.io/api/packages/20639?format=api", "purl": "pkg:pypi/indico@1.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3ev2-cjep-w3fd" }, { "vulnerability": "VCID-n2kf-a5f2-h7d2" }, { "vulnerability": "VCID-u63h-ajt2-tbft" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/indico@1.2" }, { "url": "http://public2.vulnerablecode.io/api/packages/20640?format=api", "purl": "pkg:pypi/indico@1.2.1rc2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3ev2-cjep-w3fd" }, { "vulnerability": "VCID-n2kf-a5f2-h7d2" }, { "vulnerability": "VCID-u63h-ajt2-tbft" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/indico@1.2.1rc2" }, { "url": "http://public2.vulnerablecode.io/api/packages/20641?format=api", "purl": "pkg:pypi/indico@1.2.1rc4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3ev2-cjep-w3fd" }, { "vulnerability": "VCID-n2kf-a5f2-h7d2" }, { "vulnerability": "VCID-u63h-ajt2-tbft" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/indico@1.2.1rc4" }, { "url": "http://public2.vulnerablecode.io/api/packages/20642?format=api", "purl": "pkg:pypi/indico@1.2.1rc5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3ev2-cjep-w3fd" }, { "vulnerability": "VCID-n2kf-a5f2-h7d2" }, { "vulnerability": "VCID-u63h-ajt2-tbft" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/indico@1.2.1rc5" }, { "url": "http://public2.vulnerablecode.io/api/packages/20643?format=api", "purl": "pkg:pypi/indico@1.2.1rc6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3ev2-cjep-w3fd" }, { "vulnerability": "VCID-n2kf-a5f2-h7d2" }, { "vulnerability": "VCID-u63h-ajt2-tbft" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/indico@1.2.1rc6" }, { "url": "http://public2.vulnerablecode.io/api/packages/20644?format=api", "purl": "pkg:pypi/indico@1.2.1rc7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3ev2-cjep-w3fd" }, { "vulnerability": "VCID-n2kf-a5f2-h7d2" }, { "vulnerability": "VCID-u63h-ajt2-tbft" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/indico@1.2.1rc7" }, { "url": "http://public2.vulnerablecode.io/api/packages/20645?format=api", "purl": "pkg:pypi/indico@1.2.1rc9", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3ev2-cjep-w3fd" }, { "vulnerability": "VCID-n2kf-a5f2-h7d2" }, { "vulnerability": "VCID-u63h-ajt2-tbft" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/indico@1.2.1rc9" }, { "url": "http://public2.vulnerablecode.io/api/packages/20646?format=api", "purl": "pkg:pypi/indico@1.2.1rc10", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3ev2-cjep-w3fd" }, { "vulnerability": "VCID-n2kf-a5f2-h7d2" }, { "vulnerability": "VCID-u63h-ajt2-tbft" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/indico@1.2.1rc10" }, { "url": "http://public2.vulnerablecode.io/api/packages/20647?format=api", "purl": "pkg:pypi/indico@1.2.1rc11", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3ev2-cjep-w3fd" }, { "vulnerability": "VCID-n2kf-a5f2-h7d2" }, { "vulnerability": "VCID-u63h-ajt2-tbft" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/indico@1.2.1rc11" }, { "url": "http://public2.vulnerablecode.io/api/packages/20648?format=api", "purl": "pkg:pypi/indico@1.2.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3ev2-cjep-w3fd" }, { "vulnerability": "VCID-n2kf-a5f2-h7d2" }, { "vulnerability": "VCID-u63h-ajt2-tbft" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/indico@1.2.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/20649?format=api", "purl": "pkg:pypi/indico@1.2.2rc1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3ev2-cjep-w3fd" }, { "vulnerability": "VCID-n2kf-a5f2-h7d2" }, { "vulnerability": "VCID-u63h-ajt2-tbft" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/indico@1.2.2rc1" }, { "url": "http://public2.vulnerablecode.io/api/packages/20650?format=api", "purl": "pkg:pypi/indico@1.2.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3ev2-cjep-w3fd" }, { "vulnerability": "VCID-n2kf-a5f2-h7d2" }, { "vulnerability": "VCID-u63h-ajt2-tbft" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/indico@1.2.2" }, { "url": "http://public2.vulnerablecode.io/api/packages/20651?format=api", "purl": "pkg:pypi/indico@1.9.11.dev3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3ev2-cjep-w3fd" }, { "vulnerability": "VCID-n2kf-a5f2-h7d2" }, { "vulnerability": "VCID-u63h-ajt2-tbft" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/indico@1.9.11.dev3" }, { "url": "http://public2.vulnerablecode.io/api/packages/20652?format=api", "purl": "pkg:pypi/indico@1.9.11.dev4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3ev2-cjep-w3fd" }, { "vulnerability": "VCID-n2kf-a5f2-h7d2" }, { "vulnerability": "VCID-u63h-ajt2-tbft" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/indico@1.9.11.dev4" }, { "url": "http://public2.vulnerablecode.io/api/packages/20653?format=api", "purl": "pkg:pypi/indico@1.9.11.dev6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3ev2-cjep-w3fd" }, { "vulnerability": "VCID-n2kf-a5f2-h7d2" }, { "vulnerability": "VCID-u63h-ajt2-tbft" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/indico@1.9.11.dev6" }, { "url": "http://public2.vulnerablecode.io/api/packages/20654?format=api", "purl": "pkg:pypi/indico@1.9.11.dev7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3ev2-cjep-w3fd" }, { "vulnerability": "VCID-n2kf-a5f2-h7d2" }, { "vulnerability": "VCID-u63h-ajt2-tbft" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/indico@1.9.11.dev7" }, { "url": "http://public2.vulnerablecode.io/api/packages/20655?format=api", "purl": "pkg:pypi/indico@1.9.11.dev8", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3ev2-cjep-w3fd" }, { "vulnerability": "VCID-n2kf-a5f2-h7d2" }, { "vulnerability": "VCID-u63h-ajt2-tbft" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/indico@1.9.11.dev8" }, { "url": "http://public2.vulnerablecode.io/api/packages/20656?format=api", "purl": "pkg:pypi/indico@1.9.11.dev9", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3ev2-cjep-w3fd" }, { "vulnerability": "VCID-n2kf-a5f2-h7d2" }, { "vulnerability": "VCID-u63h-ajt2-tbft" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/indico@1.9.11.dev9" }, { "url": "http://public2.vulnerablecode.io/api/packages/20657?format=api", "purl": "pkg:pypi/indico@1.9.11.dev10", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3ev2-cjep-w3fd" }, { "vulnerability": "VCID-n2kf-a5f2-h7d2" }, { "vulnerability": "VCID-u63h-ajt2-tbft" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/indico@1.9.11.dev10" }, { "url": "http://public2.vulnerablecode.io/api/packages/20658?format=api", "purl": "pkg:pypi/indico@1.9.11.dev11", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3ev2-cjep-w3fd" }, { "vulnerability": "VCID-n2kf-a5f2-h7d2" }, { "vulnerability": "VCID-u63h-ajt2-tbft" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/indico@1.9.11.dev11" }, { "url": "http://public2.vulnerablecode.io/api/packages/20659?format=api", "purl": "pkg:pypi/indico@1.9.11.dev12", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3ev2-cjep-w3fd" }, { "vulnerability": "VCID-n2kf-a5f2-h7d2" }, { "vulnerability": "VCID-u63h-ajt2-tbft" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/indico@1.9.11.dev12" }, { "url": "http://public2.vulnerablecode.io/api/packages/20660?format=api", "purl": "pkg:pypi/indico@1.9.11.dev13", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3ev2-cjep-w3fd" }, { "vulnerability": "VCID-n2kf-a5f2-h7d2" }, { "vulnerability": "VCID-u63h-ajt2-tbft" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/indico@1.9.11.dev13" }, { "url": "http://public2.vulnerablecode.io/api/packages/20661?format=api", "purl": "pkg:pypi/indico@1.9.11.dev14", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3ev2-cjep-w3fd" }, { "vulnerability": "VCID-n2kf-a5f2-h7d2" }, { "vulnerability": "VCID-u63h-ajt2-tbft" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/indico@1.9.11.dev14" }, { "url": "http://public2.vulnerablecode.io/api/packages/20662?format=api", "purl": "pkg:pypi/indico@1.9.11.dev15", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3ev2-cjep-w3fd" }, { "vulnerability": "VCID-n2kf-a5f2-h7d2" }, { "vulnerability": "VCID-u63h-ajt2-tbft" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/indico@1.9.11.dev15" }, { "url": "http://public2.vulnerablecode.io/api/packages/20663?format=api", "purl": "pkg:pypi/indico@1.9.11.dev16", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3ev2-cjep-w3fd" }, { "vulnerability": "VCID-n2kf-a5f2-h7d2" }, { "vulnerability": "VCID-u63h-ajt2-tbft" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/indico@1.9.11.dev16" }, { "url": "http://public2.vulnerablecode.io/api/packages/20664?format=api", "purl": "pkg:pypi/indico@1.9.11.dev17", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3ev2-cjep-w3fd" }, { "vulnerability": "VCID-n2kf-a5f2-h7d2" }, { "vulnerability": "VCID-u63h-ajt2-tbft" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/indico@1.9.11.dev17" }, { "url": "http://public2.vulnerablecode.io/api/packages/20665?format=api", "purl": "pkg:pypi/indico@2.0a1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3ev2-cjep-w3fd" }, { "vulnerability": "VCID-n2kf-a5f2-h7d2" }, { "vulnerability": "VCID-u63h-ajt2-tbft" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/indico@2.0a1" }, { "url": "http://public2.vulnerablecode.io/api/packages/20666?format=api", "purl": "pkg:pypi/indico@2.0rc1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3ev2-cjep-w3fd" }, { "vulnerability": "VCID-n2kf-a5f2-h7d2" }, { "vulnerability": "VCID-u63h-ajt2-tbft" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/indico@2.0rc1" }, { "url": "http://public2.vulnerablecode.io/api/packages/20667?format=api", "purl": "pkg:pypi/indico@2.0rc2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3ev2-cjep-w3fd" }, { "vulnerability": "VCID-n2kf-a5f2-h7d2" }, { "vulnerability": "VCID-u63h-ajt2-tbft" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/indico@2.0rc2" }, { "url": "http://public2.vulnerablecode.io/api/packages/20668?format=api", "purl": "pkg:pypi/indico@2.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3ev2-cjep-w3fd" }, { "vulnerability": "VCID-n2kf-a5f2-h7d2" }, { "vulnerability": "VCID-u63h-ajt2-tbft" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/indico@2.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/20669?format=api", "purl": "pkg:pypi/indico@2.0.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3ev2-cjep-w3fd" }, { "vulnerability": "VCID-n2kf-a5f2-h7d2" }, { "vulnerability": "VCID-u63h-ajt2-tbft" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/indico@2.0.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/20670?format=api", "purl": "pkg:pypi/indico@2.0.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3ev2-cjep-w3fd" }, { "vulnerability": "VCID-n2kf-a5f2-h7d2" }, { "vulnerability": "VCID-u63h-ajt2-tbft" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/indico@2.0.2" }, { "url": "http://public2.vulnerablecode.io/api/packages/20671?format=api", "purl": "pkg:pypi/indico@2.0.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3ev2-cjep-w3fd" }, { "vulnerability": "VCID-n2kf-a5f2-h7d2" }, { "vulnerability": "VCID-u63h-ajt2-tbft" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/indico@2.0.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/20672?format=api", "purl": "pkg:pypi/indico@2.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3ev2-cjep-w3fd" }, { "vulnerability": "VCID-n2kf-a5f2-h7d2" }, { "vulnerability": "VCID-u63h-ajt2-tbft" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/indico@2.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/20673?format=api", "purl": "pkg:pypi/indico@2.1.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3ev2-cjep-w3fd" }, { "vulnerability": "VCID-n2kf-a5f2-h7d2" }, { "vulnerability": "VCID-u63h-ajt2-tbft" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/indico@2.1.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/20674?format=api", "purl": "pkg:pypi/indico@2.1.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3ev2-cjep-w3fd" }, { "vulnerability": "VCID-n2kf-a5f2-h7d2" }, { "vulnerability": "VCID-u63h-ajt2-tbft" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/indico@2.1.2" }, { "url": "http://public2.vulnerablecode.io/api/packages/20675?format=api", "purl": "pkg:pypi/indico@2.1.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3ev2-cjep-w3fd" }, { "vulnerability": "VCID-n2kf-a5f2-h7d2" }, { "vulnerability": "VCID-u63h-ajt2-tbft" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/indico@2.1.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/20676?format=api", "purl": "pkg:pypi/indico@2.1.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3ev2-cjep-w3fd" }, { "vulnerability": "VCID-n2kf-a5f2-h7d2" }, { "vulnerability": "VCID-u63h-ajt2-tbft" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/indico@2.1.4" }, { "url": "http://public2.vulnerablecode.io/api/packages/20677?format=api", "purl": "pkg:pypi/indico@2.1.5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3ev2-cjep-w3fd" }, { "vulnerability": "VCID-n2kf-a5f2-h7d2" }, { "vulnerability": "VCID-u63h-ajt2-tbft" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/indico@2.1.5" }, { "url": "http://public2.vulnerablecode.io/api/packages/20678?format=api", "purl": "pkg:pypi/indico@2.1.6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3ev2-cjep-w3fd" }, { "vulnerability": "VCID-n2kf-a5f2-h7d2" }, { "vulnerability": "VCID-u63h-ajt2-tbft" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/indico@2.1.6" }, { "url": "http://public2.vulnerablecode.io/api/packages/20679?format=api", "purl": "pkg:pypi/indico@2.1.7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3ev2-cjep-w3fd" }, { "vulnerability": "VCID-n2kf-a5f2-h7d2" }, { "vulnerability": "VCID-u63h-ajt2-tbft" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/indico@2.1.7" }, { "url": "http://public2.vulnerablecode.io/api/packages/20680?format=api", "purl": "pkg:pypi/indico@2.1.8", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3ev2-cjep-w3fd" }, { "vulnerability": "VCID-n2kf-a5f2-h7d2" }, { "vulnerability": "VCID-u63h-ajt2-tbft" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/indico@2.1.8" }, { "url": "http://public2.vulnerablecode.io/api/packages/20681?format=api", "purl": "pkg:pypi/indico@2.1.9", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3ev2-cjep-w3fd" }, { "vulnerability": "VCID-n2kf-a5f2-h7d2" }, { "vulnerability": "VCID-u63h-ajt2-tbft" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/indico@2.1.9" }, { "url": "http://public2.vulnerablecode.io/api/packages/20682?format=api", "purl": "pkg:pypi/indico@2.1.10", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3ev2-cjep-w3fd" }, { "vulnerability": "VCID-n2kf-a5f2-h7d2" }, { "vulnerability": "VCID-u63h-ajt2-tbft" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/indico@2.1.10" }, { "url": "http://public2.vulnerablecode.io/api/packages/20683?format=api", "purl": "pkg:pypi/indico@2.1.11", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3ev2-cjep-w3fd" }, { "vulnerability": "VCID-n2kf-a5f2-h7d2" }, { "vulnerability": "VCID-u63h-ajt2-tbft" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/indico@2.1.11" }, { "url": "http://public2.vulnerablecode.io/api/packages/20684?format=api", "purl": "pkg:pypi/indico@2.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3ev2-cjep-w3fd" }, { "vulnerability": "VCID-n2kf-a5f2-h7d2" }, { "vulnerability": "VCID-u63h-ajt2-tbft" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/indico@2.2" }, { "url": "http://public2.vulnerablecode.io/api/packages/20685?format=api", "purl": "pkg:pypi/indico@2.2.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3ev2-cjep-w3fd" }, { "vulnerability": "VCID-n2kf-a5f2-h7d2" }, { "vulnerability": "VCID-u63h-ajt2-tbft" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/indico@2.2.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/20686?format=api", "purl": "pkg:pypi/indico@2.2.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3ev2-cjep-w3fd" }, { "vulnerability": "VCID-n2kf-a5f2-h7d2" }, { "vulnerability": "VCID-u63h-ajt2-tbft" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/indico@2.2.2" }, { "url": "http://public2.vulnerablecode.io/api/packages/20687?format=api", "purl": "pkg:pypi/indico@2.2.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3ev2-cjep-w3fd" }, { "vulnerability": "VCID-n2kf-a5f2-h7d2" }, { "vulnerability": "VCID-u63h-ajt2-tbft" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/indico@2.2.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/20688?format=api", "purl": "pkg:pypi/indico@2.2.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3ev2-cjep-w3fd" }, { "vulnerability": "VCID-n2kf-a5f2-h7d2" }, { "vulnerability": "VCID-u63h-ajt2-tbft" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/indico@2.2.4" }, { "url": "http://public2.vulnerablecode.io/api/packages/20689?format=api", "purl": "pkg:pypi/indico@2.2.5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3ev2-cjep-w3fd" }, { "vulnerability": "VCID-n2kf-a5f2-h7d2" }, { "vulnerability": "VCID-u63h-ajt2-tbft" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/indico@2.2.5" }, { "url": "http://public2.vulnerablecode.io/api/packages/20690?format=api", "purl": "pkg:pypi/indico@2.2.6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3ev2-cjep-w3fd" }, { "vulnerability": "VCID-n2kf-a5f2-h7d2" }, { "vulnerability": "VCID-u63h-ajt2-tbft" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/indico@2.2.6" }, { "url": "http://public2.vulnerablecode.io/api/packages/20691?format=api", "purl": "pkg:pypi/indico@2.2.7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3ev2-cjep-w3fd" }, { "vulnerability": "VCID-n2kf-a5f2-h7d2" }, { "vulnerability": "VCID-u63h-ajt2-tbft" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/indico@2.2.7" }, { "url": "http://public2.vulnerablecode.io/api/packages/20692?format=api", "purl": "pkg:pypi/indico@2.2.8", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3ev2-cjep-w3fd" }, { "vulnerability": "VCID-n2kf-a5f2-h7d2" }, { "vulnerability": "VCID-u63h-ajt2-tbft" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/indico@2.2.8" }, { "url": "http://public2.vulnerablecode.io/api/packages/20693?format=api", "purl": "pkg:pypi/indico@2.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3ev2-cjep-w3fd" }, { "vulnerability": "VCID-n2kf-a5f2-h7d2" }, { "vulnerability": "VCID-u63h-ajt2-tbft" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/indico@2.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/20694?format=api", "purl": "pkg:pypi/indico@2.3.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3ev2-cjep-w3fd" }, { "vulnerability": "VCID-n2kf-a5f2-h7d2" }, { "vulnerability": "VCID-u63h-ajt2-tbft" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/indico@2.3.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/20695?format=api", "purl": "pkg:pypi/indico@2.3.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3ev2-cjep-w3fd" }, { "vulnerability": "VCID-n2kf-a5f2-h7d2" }, { "vulnerability": "VCID-u63h-ajt2-tbft" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/indico@2.3.2" }, { "url": "http://public2.vulnerablecode.io/api/packages/20696?format=api", "purl": "pkg:pypi/indico@2.3.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3ev2-cjep-w3fd" }, { "vulnerability": "VCID-n2kf-a5f2-h7d2" }, { "vulnerability": "VCID-u63h-ajt2-tbft" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/indico@2.3.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/20697?format=api", "purl": "pkg:pypi/indico@2.3.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3ev2-cjep-w3fd" }, { "vulnerability": "VCID-n2kf-a5f2-h7d2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/indico@2.3.4" }, { "url": "http://public2.vulnerablecode.io/api/packages/35032?format=api", "purl": "pkg:pypi/indico@2.3.5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3ev2-cjep-w3fd" }, { "vulnerability": "VCID-n2kf-a5f2-h7d2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/indico@2.3.5" }, { "url": "http://public2.vulnerablecode.io/api/packages/35033?format=api", "purl": "pkg:pypi/indico@3.0rc1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3ev2-cjep-w3fd" }, { "vulnerability": "VCID-n2kf-a5f2-h7d2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/indico@3.0rc1" }, { "url": "http://public2.vulnerablecode.io/api/packages/35034?format=api", "purl": "pkg:pypi/indico@3.0rc2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3ev2-cjep-w3fd" }, { "vulnerability": "VCID-n2kf-a5f2-h7d2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/indico@3.0rc2" }, { "url": "http://public2.vulnerablecode.io/api/packages/35035?format=api", "purl": "pkg:pypi/indico@3.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3ev2-cjep-w3fd" }, { "vulnerability": "VCID-n2kf-a5f2-h7d2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/indico@3.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/35036?format=api", "purl": "pkg:pypi/indico@3.0.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3ev2-cjep-w3fd" }, { "vulnerability": "VCID-n2kf-a5f2-h7d2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/indico@3.0.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/35037?format=api", "purl": "pkg:pypi/indico@3.0.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3ev2-cjep-w3fd" }, { "vulnerability": "VCID-n2kf-a5f2-h7d2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/indico@3.0.2" }, { "url": "http://public2.vulnerablecode.io/api/packages/35038?format=api", "purl": "pkg:pypi/indico@3.0.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3ev2-cjep-w3fd" }, { "vulnerability": "VCID-n2kf-a5f2-h7d2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/indico@3.0.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/35039?format=api", "purl": "pkg:pypi/indico@3.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3ev2-cjep-w3fd" }, { "vulnerability": "VCID-n2kf-a5f2-h7d2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/indico@3.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/35040?format=api", "purl": "pkg:pypi/indico@3.1.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3ev2-cjep-w3fd" }, { "vulnerability": "VCID-n2kf-a5f2-h7d2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/indico@3.1.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/35041?format=api", "purl": "pkg:pypi/indico@3.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3ev2-cjep-w3fd" }, { "vulnerability": "VCID-n2kf-a5f2-h7d2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/indico@3.2" }, { "url": "http://public2.vulnerablecode.io/api/packages/35042?format=api", "purl": "pkg:pypi/indico@3.2.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3ev2-cjep-w3fd" }, { "vulnerability": "VCID-n2kf-a5f2-h7d2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/indico@3.2.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/35043?format=api", "purl": "pkg:pypi/indico@3.2.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3ev2-cjep-w3fd" }, { "vulnerability": "VCID-n2kf-a5f2-h7d2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/indico@3.2.2" }, { "url": "http://public2.vulnerablecode.io/api/packages/35044?format=api", "purl": "pkg:pypi/indico@3.2.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3ev2-cjep-w3fd" }, { "vulnerability": "VCID-n2kf-a5f2-h7d2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/indico@3.2.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/35045?format=api", "purl": "pkg:pypi/indico@3.2.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3ev2-cjep-w3fd" }, { "vulnerability": "VCID-n2kf-a5f2-h7d2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/indico@3.2.4" }, { "url": "http://public2.vulnerablecode.io/api/packages/35046?format=api", "purl": "pkg:pypi/indico@3.2.5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3ev2-cjep-w3fd" }, { "vulnerability": "VCID-n2kf-a5f2-h7d2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/indico@3.2.5" }, { "url": "http://public2.vulnerablecode.io/api/packages/35047?format=api", "purl": "pkg:pypi/indico@3.2.6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3ev2-cjep-w3fd" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/indico@3.2.6" }, { "url": "http://public2.vulnerablecode.io/api/packages/42573?format=api", "purl": "pkg:pypi/indico@3.2.7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3ev2-cjep-w3fd" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/indico@3.2.7" }, { "url": "http://public2.vulnerablecode.io/api/packages/42574?format=api", "purl": "pkg:pypi/indico@3.2.8", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3ev2-cjep-w3fd" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/indico@3.2.8" }, { "url": "http://public2.vulnerablecode.io/api/packages/42575?format=api", "purl": "pkg:pypi/indico@3.2.9", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3ev2-cjep-w3fd" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/indico@3.2.9" }, { "url": "http://public2.vulnerablecode.io/api/packages/42576?format=api", "purl": "pkg:pypi/indico@3.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3ev2-cjep-w3fd" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/indico@3.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/42577?format=api", "purl": "pkg:pypi/indico@3.3.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3ev2-cjep-w3fd" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/indico@3.3.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/42578?format=api", "purl": "pkg:pypi/indico@3.3.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3ev2-cjep-w3fd" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/indico@3.3.2" }, { "url": "http://public2.vulnerablecode.io/api/packages/42579?format=api", "purl": "pkg:pypi/indico@3.3.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3ev2-cjep-w3fd" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/indico@3.3.3" } ], "references": [ { "reference_url": "https://github.com/indico/flask-multipass/commit/0bdcf656d469e5f675cb56fd644d82fea3a97c2a", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" } ], "url": "https://github.com/indico/flask-multipass/commit/0bdcf656d469e5f675cb56fd644d82fea3a97c2a" }, { "reference_url": "https://github.com/indico/indico/commit/7dcb573837b9fd09d95f74d1baeae225b164cc8f", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" } ], "url": "https://github.com/indico/indico/commit/7dcb573837b9fd09d95f74d1baeae225b164cc8f" }, { "reference_url": "https://github.com/indico/indico/releases/tag/v3.3.4", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" } ], "url": "https://github.com/indico/indico/releases/tag/v3.3.4" }, { "reference_url": "https://github.com/indico/indico/security/advisories/GHSA-rrqf-w74j-24ff", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" } ], "url": "https://github.com/indico/indico/security/advisories/GHSA-rrqf-w74j-24ff" } ], "weaknesses": [], "exploits": [], "severity_range_score": "6.1 - 6.1", "exploitability": null, "weighted_severity": null, "risk_score": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-3ev2-cjep-w3fd" }