Django REST framework

Vulnerability Instance

Lookup for vulnerabilities affecting packages.

Vulnerability_idVCID-cac1-6pc9-b7dk
Summarymultiple issues
Aliases
0
alias CVE-2022-28152
Fixed_packages
Affected_packages
0
url pkg:alpm/archlinux/jenkins@0.0.0-1
purl pkg:alpm/archlinux/jenkins@0.0.0-1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1f36-mb19-ekc6
1
vulnerability VCID-1sg5-6gex-cyae
2
vulnerability VCID-2jat-5p7d-5be7
3
vulnerability VCID-6137-xkv6-67fk
4
vulnerability VCID-6f1s-6s41-pbbf
5
vulnerability VCID-6tby-c8m9-8fa4
6
vulnerability VCID-cac1-6pc9-b7dk
7
vulnerability VCID-cwc1-nzpc-fyfr
8
vulnerability VCID-cyfd-9119-2fdw
9
vulnerability VCID-ftw8-nfye-7yhh
10
vulnerability VCID-fz9s-yf99-dfar
11
vulnerability VCID-g87t-gavy-2ya7
12
vulnerability VCID-j9k1-j2jp-4kby
13
vulnerability VCID-k3c2-2pyd-k3gt
14
vulnerability VCID-khxm-1xrt-gkdw
15
vulnerability VCID-mqt9-wg22-v7bu
16
vulnerability VCID-mu1p-vu5x-3uee
17
vulnerability VCID-prpy-d6x8-pyeh
18
vulnerability VCID-re41-2q1a-mqcc
19
vulnerability VCID-rzfx-qvsg-h3bc
20
vulnerability VCID-ufuu-uzwu-t3ch
21
vulnerability VCID-vfhs-gj15-w3ap
22
vulnerability VCID-vndb-qfma-5bck
23
vulnerability VCID-vrpe-ujhk-73a1
24
vulnerability VCID-vuaf-1q4p-ybgm
25
vulnerability VCID-xbmu-pf5c-9yc9
26
vulnerability VCID-xzg7-ks27-kucx
27
vulnerability VCID-zjak-pgjk-9fgm
resource_url http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/jenkins@0.0.0-1
1
url pkg:maven/com.synopsys.jenkinsci/ownership@0.13.0
purl pkg:maven/com.synopsys.jenkinsci/ownership@0.13.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1f36-mb19-ekc6
1
vulnerability VCID-cac1-6pc9-b7dk
2
vulnerability VCID-mqt9-wg22-v7bu
3
vulnerability VCID-xbmu-pf5c-9yc9
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/com.synopsys.jenkinsci/ownership@0.13.0
References
0
reference_url https://www.jenkins.io/security/advisory/2022-03-29/#SECURITY-2062%20(2)
reference_id
reference_type
scores
url https://www.jenkins.io/security/advisory/2022-03-29/#SECURITY-2062%20(2)
1
reference_url http://www.openwall.com/lists/oss-security/2022/03/29/1
reference_id
reference_type
scores
url http://www.openwall.com/lists/oss-security/2022/03/29/1
2
reference_url https://security.archlinux.org/AVG-2678
reference_id AVG-2678
reference_type
scores
0
value High
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-2678
3
reference_url https://nvd.nist.gov/vuln/detail/CVE-2022-28152
reference_id CVE-2022-28152
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2022-28152
Weaknesses
0
cwe_id 1035
name OWASP Top Ten 2017 Category A9 - Using Components with Known Vulnerabilities
description Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2017.
1
cwe_id 352
name Cross-Site Request Forgery (CSRF)
description The web application does not, or can not, sufficiently verify whether a well-formed, valid, consistent request was intentionally provided by the user who submitted the request.
2
cwe_id 937
name OWASP Top Ten 2013 Category A9 - Using Components with Known Vulnerabilities
description Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2013.
Exploits
Severity_range_score7.0 - 8.9
Exploitabilitynull
Weighted_severitynull
Risk_scorenull
Resource_urlhttp://public2.vulnerablecode.io/vulnerabilities/VCID-cac1-6pc9-b7dk