Lookup for vulnerabilities affecting packages.
| Vulnerability_id | VCID-g36a-kpzd-3bdf |
| Summary | multiple issues |
| Aliases |
| 0 |
|
| 1 |
| alias |
GHSA-pf38-cw3p-22q9 |
|
|
| Fixed_packages |
|
| Affected_packages |
|
| References |
|
| Weaknesses |
| 0 |
| cwe_id |
1035 |
| name |
OWASP Top Ten 2017 Category A9 - Using Components with Known Vulnerabilities |
| description |
Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2017. |
|
| 1 |
| cwe_id |
937 |
| name |
OWASP Top Ten 2013 Category A9 - Using Components with Known Vulnerabilities |
| description |
Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2013. |
|
| 2 |
| cwe_id |
287 |
| name |
Improper Authentication |
| description |
When an actor claims to have a given identity, the product does not prove or insufficiently proves that the claim is correct. |
|
|
| Exploits |
|
| Severity_range_score | 4.0 - 8.9 |
| Exploitability | 0.5 |
| Weighted_severity | 8.0 |
| Risk_score | 4.0 |
| Resource_url | http://public2.vulnerablecode.io/vulnerabilities/VCID-g36a-kpzd-3bdf |