Django REST framework

Lookup for vulnerabilities affecting packages.

Vulnerability_id VCID-a43t-774n-kbb7

Summary

UnsyncByteArrayOutputStream Denial of Service
This package allows remote attackers to affect availability via unknown vectors related to Security.

Aliases

alias	CVE-2013-5823

Fixed_packages

url	pkg:maven/org.apache.santuario/xmlsec@1.5.3
purl	pkg:maven/org.apache.santuario/xmlsec@1.5.3
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.santuario/xmlsec@1.5.3

Affected_packages

url pkg:maven/org.apache.santuario/xmlsec@1.4-alpha0

purl pkg:maven/org.apache.santuario/xmlsec@1.4-alpha0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-a43t-774n-kbb7

vulnerability	VCID-pfcq-4wxh-ckdv

vulnerability	VCID-qspg-3tg3-p7ep

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.santuario/xmlsec@1.4-alpha0

url pkg:maven/org.apache.santuario/xmlsec@1.4.7

purl pkg:maven/org.apache.santuario/xmlsec@1.4.7

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-a43t-774n-kbb7

vulnerability	VCID-qspg-3tg3-p7ep

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.santuario/xmlsec@1.4.7

url pkg:maven/org.apache.santuario/xmlsec@1.5-alpha0

purl pkg:maven/org.apache.santuario/xmlsec@1.5-alpha0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-a43t-774n-kbb7

vulnerability	VCID-qspg-3tg3-p7ep

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.santuario/xmlsec@1.5-alpha0

url pkg:maven/org.apache.santuario/xmlsec@1.5.2

purl pkg:maven/org.apache.santuario/xmlsec@1.5.2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-a43t-774n-kbb7

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.santuario/xmlsec@1.5.2

References

reference_url	http://hg.openjdk.java.net/jdk7u/jdk7u/jdk/rev/a7758faab30d
reference_id
reference_type
scores
url	http://hg.openjdk.java.net/jdk7u/jdk7u/jdk/rev/a7758faab30d

reference_url	https://issues.apache.org/jira/browse/SANTUARIO-334
reference_id
reference_type
scores
url	https://issues.apache.org/jira/browse/SANTUARIO-334

reference_url	http://svn.apache.org/viewvc?view=revision&revision=1367492
reference_id
reference_type
scores
url	http://svn.apache.org/viewvc?view=revision&revision=1367492

reference_url	https://bugzilla.redhat.com/CVE-2013-5823
reference_id	CVE-2013-5823
reference_type
scores
url	https://bugzilla.redhat.com/CVE-2013-5823

Weaknesses

cwe_id	1035
name	OWASP Top Ten 2017 Category A9 - Using Components with Known Vulnerabilities
description	Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2017.

cwe_id	937
name	OWASP Top Ten 2013 Category A9 - Using Components with Known Vulnerabilities
description	Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2013.

Exploits

Severity_range_score null

Exploitability null

Weighted_severity null

Risk_score null

Resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-a43t-774n-kbb7

Vulnerability Instance