Django REST framework

Lookup for vulnerabilities affecting packages.

Vulnerability_id VCID-zdjb-98e7-6bgn

Summary Microsoft Security Advisory CVE-2018-8292: .NET Core Information Disclosure Vulnerability

Aliases

alias	CVE-2018-8292

alias	GHSA-7jgj-8wvc-jh57

Fixed_packages

url pkg:nuget/Microsoft.AspNetCore.All@2.1.1

purl pkg:nuget/Microsoft.AspNetCore.All@2.1.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1gtv-nubh-73a9

vulnerability	VCID-aqyy-zs6z-v7ar

vulnerability	VCID-cja1-29th-9qbf

vulnerability	VCID-ct2x-rftj-tydp

vulnerability	VCID-j761-wgke-97d8

vulnerability	VCID-mrdj-nvz7-xyet

vulnerability	VCID-n3cs-wjun-vfhe

vulnerability	VCID-pa95-mtgb-yuf2

vulnerability	VCID-wzeg-jdcg-tfct

vulnerability	VCID-z54f-eupv-n7be

resource_url http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.AspNetCore.All@2.1.1

url	pkg:nuget/System.Net.Http@4.3.4
purl	pkg:nuget/System.Net.Http@4.3.4
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:nuget/System.Net.Http@4.3.4

Affected_packages

url pkg:nuget/Microsoft.AspNetCore.All@1.0.0

purl pkg:nuget/Microsoft.AspNetCore.All@1.0.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-bmf7-rsbm-3fb1

vulnerability	VCID-kn85-7zpm-rqcp

vulnerability	VCID-r262-q86s-pue7

vulnerability	VCID-stea-61x4-xua6

vulnerability	VCID-ucc7-eecy-6qgq

vulnerability	VCID-vavn-24a8-e7d4

vulnerability	VCID-zdjb-98e7-6bgn

resource_url http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.AspNetCore.All@1.0.0

url pkg:nuget/Microsoft.AspNetCore.All@2.0.0-preview1-final

purl pkg:nuget/Microsoft.AspNetCore.All@2.0.0-preview1-final

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-kn85-7zpm-rqcp

vulnerability	VCID-r262-q86s-pue7

vulnerability	VCID-ucc7-eecy-6qgq

vulnerability	VCID-vavn-24a8-e7d4

vulnerability	VCID-zdjb-98e7-6bgn

resource_url http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.AspNetCore.All@2.0.0-preview1-final

url pkg:nuget/Microsoft.AspNetCore.All@2.0.0-preview2-final

purl pkg:nuget/Microsoft.AspNetCore.All@2.0.0-preview2-final

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-kn85-7zpm-rqcp

vulnerability	VCID-r262-q86s-pue7

vulnerability	VCID-ucc7-eecy-6qgq

vulnerability	VCID-vavn-24a8-e7d4

vulnerability	VCID-zdjb-98e7-6bgn

resource_url http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.AspNetCore.All@2.0.0-preview2-final

url pkg:nuget/Microsoft.AspNetCore.All@2.0.0

purl pkg:nuget/Microsoft.AspNetCore.All@2.0.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1t9f-878v-x3h1

vulnerability	VCID-7q42-unw8-kufd

vulnerability	VCID-bmf7-rsbm-3fb1

vulnerability	VCID-ct2x-rftj-tydp

vulnerability	VCID-kn85-7zpm-rqcp

vulnerability	VCID-r262-q86s-pue7

vulnerability	VCID-stea-61x4-xua6

vulnerability	VCID-u9fp-mh5e-6ygh

vulnerability	VCID-ucc7-eecy-6qgq

vulnerability	VCID-vavn-24a8-e7d4

vulnerability	VCID-vyrd-u846-8kdu

vulnerability	VCID-zdjb-98e7-6bgn

resource_url http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.AspNetCore.All@2.0.0

url pkg:nuget/Microsoft.AspNetCore.All@2.0.3

purl pkg:nuget/Microsoft.AspNetCore.All@2.0.3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-ct2x-rftj-tydp

vulnerability	VCID-vyrd-u846-8kdu

vulnerability	VCID-zdjb-98e7-6bgn

resource_url http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.AspNetCore.All@2.0.3

url pkg:nuget/Microsoft.AspNetCore.All@2.0.5

purl pkg:nuget/Microsoft.AspNetCore.All@2.0.5

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-ct2x-rftj-tydp

vulnerability	VCID-vyrd-u846-8kdu

vulnerability	VCID-zdjb-98e7-6bgn

resource_url http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.AspNetCore.All@2.0.5

url pkg:nuget/Microsoft.AspNetCore.All@2.0.6

purl pkg:nuget/Microsoft.AspNetCore.All@2.0.6

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-ct2x-rftj-tydp

vulnerability	VCID-vyrd-u846-8kdu

vulnerability	VCID-zdjb-98e7-6bgn

resource_url http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.AspNetCore.All@2.0.6

url pkg:nuget/Microsoft.AspNetCore.All@2.0.7

purl pkg:nuget/Microsoft.AspNetCore.All@2.0.7

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-ct2x-rftj-tydp

vulnerability	VCID-vyrd-u846-8kdu

vulnerability	VCID-zdjb-98e7-6bgn

resource_url http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.AspNetCore.All@2.0.7

url pkg:nuget/Microsoft.AspNetCore.All@2.0.8

purl pkg:nuget/Microsoft.AspNetCore.All@2.0.8

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-ct2x-rftj-tydp

vulnerability	VCID-zdjb-98e7-6bgn

resource_url http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.AspNetCore.All@2.0.8

url pkg:nuget/Microsoft.AspNetCore.All@2.0.9

purl pkg:nuget/Microsoft.AspNetCore.All@2.0.9

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-zdjb-98e7-6bgn

resource_url http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.AspNetCore.All@2.0.9

url pkg:nuget/Microsoft.AspNetCore.All@2.1.0-preview1-final

purl pkg:nuget/Microsoft.AspNetCore.All@2.1.0-preview1-final

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-zdjb-98e7-6bgn

resource_url http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.AspNetCore.All@2.1.0-preview1-final

url pkg:nuget/Microsoft.AspNetCore.All@2.1.0-preview2-final

purl pkg:nuget/Microsoft.AspNetCore.All@2.1.0-preview2-final

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-zdjb-98e7-6bgn

resource_url http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.AspNetCore.All@2.1.0-preview2-final

url pkg:nuget/Microsoft.AspNetCore.All@2.1.0-rc1-final

purl pkg:nuget/Microsoft.AspNetCore.All@2.1.0-rc1-final

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-zdjb-98e7-6bgn

resource_url http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.AspNetCore.All@2.1.0-rc1-final

url pkg:nuget/Microsoft.AspNetCore.All@2.1.0

purl pkg:nuget/Microsoft.AspNetCore.All@2.1.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1gtv-nubh-73a9

vulnerability	VCID-41c2-23ch-x7ft

vulnerability	VCID-5crw-96ay-a7b7

vulnerability	VCID-9zu6-5d4v-f3ht

vulnerability	VCID-aqyy-zs6z-v7ar

vulnerability	VCID-cja1-29th-9qbf

vulnerability	VCID-ct2x-rftj-tydp

vulnerability	VCID-eeub-ree5-dyez

vulnerability	VCID-fm28-azef-buh6

vulnerability	VCID-j761-wgke-97d8

vulnerability	VCID-mrdj-nvz7-xyet

vulnerability	VCID-n3cs-wjun-vfhe

vulnerability	VCID-pa95-mtgb-yuf2

vulnerability	VCID-wzeg-jdcg-tfct

vulnerability	VCID-z54f-eupv-n7be

vulnerability	VCID-zdjb-98e7-6bgn

resource_url http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.AspNetCore.All@2.1.0

url pkg:nuget/System.Net.Http@2.0.20126.16343

purl pkg:nuget/System.Net.Http@2.0.20126.16343

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-zdjb-98e7-6bgn

resource_url http://public2.vulnerablecode.io/packages/pkg:nuget/System.Net.Http@2.0.20126.16343

url pkg:nuget/System.Net.Http@2.0.20505

purl pkg:nuget/System.Net.Http@2.0.20505

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-zdjb-98e7-6bgn

resource_url http://public2.vulnerablecode.io/packages/pkg:nuget/System.Net.Http@2.0.20505

url pkg:nuget/System.Net.Http@2.0.20710

purl pkg:nuget/System.Net.Http@2.0.20710

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-zdjb-98e7-6bgn

resource_url http://public2.vulnerablecode.io/packages/pkg:nuget/System.Net.Http@2.0.20710

url pkg:nuget/System.Net.Http@4.0.0-beta-22231

purl pkg:nuget/System.Net.Http@4.0.0-beta-22231

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-zdjb-98e7-6bgn

resource_url http://public2.vulnerablecode.io/packages/pkg:nuget/System.Net.Http@4.0.0-beta-22231

url pkg:nuget/System.Net.Http@4.0.0-beta-22416

purl pkg:nuget/System.Net.Http@4.0.0-beta-22416

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-zdjb-98e7-6bgn

resource_url http://public2.vulnerablecode.io/packages/pkg:nuget/System.Net.Http@4.0.0-beta-22416

url pkg:nuget/System.Net.Http@4.0.0-beta-22605

purl pkg:nuget/System.Net.Http@4.0.0-beta-22605

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-zdjb-98e7-6bgn

resource_url http://public2.vulnerablecode.io/packages/pkg:nuget/System.Net.Http@4.0.0-beta-22605

url pkg:nuget/System.Net.Http@4.0.0-beta-22816

purl pkg:nuget/System.Net.Http@4.0.0-beta-22816

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-zdjb-98e7-6bgn

resource_url http://public2.vulnerablecode.io/packages/pkg:nuget/System.Net.Http@4.0.0-beta-22816

url pkg:nuget/System.Net.Http@4.0.0-beta-23019

purl pkg:nuget/System.Net.Http@4.0.0-beta-23019

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-zdjb-98e7-6bgn

resource_url http://public2.vulnerablecode.io/packages/pkg:nuget/System.Net.Http@4.0.0-beta-23019

url pkg:nuget/System.Net.Http@4.0.0-beta-23109

purl pkg:nuget/System.Net.Http@4.0.0-beta-23109

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-zdjb-98e7-6bgn

resource_url http://public2.vulnerablecode.io/packages/pkg:nuget/System.Net.Http@4.0.0-beta-23109

url pkg:nuget/System.Net.Http@4.0.0

purl pkg:nuget/System.Net.Http@4.0.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-zdjb-98e7-6bgn

resource_url http://public2.vulnerablecode.io/packages/pkg:nuget/System.Net.Http@4.0.0

url pkg:nuget/System.Net.Http@4.0.1-beta-23225

purl pkg:nuget/System.Net.Http@4.0.1-beta-23225

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-zdjb-98e7-6bgn

resource_url http://public2.vulnerablecode.io/packages/pkg:nuget/System.Net.Http@4.0.1-beta-23225

url pkg:nuget/System.Net.Http@4.0.1-beta-23409

purl pkg:nuget/System.Net.Http@4.0.1-beta-23409

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-zdjb-98e7-6bgn

resource_url http://public2.vulnerablecode.io/packages/pkg:nuget/System.Net.Http@4.0.1-beta-23409

url pkg:nuget/System.Net.Http@4.0.1-beta-23516

purl pkg:nuget/System.Net.Http@4.0.1-beta-23516

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-zdjb-98e7-6bgn

resource_url http://public2.vulnerablecode.io/packages/pkg:nuget/System.Net.Http@4.0.1-beta-23516

url pkg:nuget/System.Net.Http@4.0.1-rc2-24027

purl pkg:nuget/System.Net.Http@4.0.1-rc2-24027

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-zdjb-98e7-6bgn

resource_url http://public2.vulnerablecode.io/packages/pkg:nuget/System.Net.Http@4.0.1-rc2-24027

url pkg:nuget/System.Net.Http@4.1.0

purl pkg:nuget/System.Net.Http@4.1.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-zdjb-98e7-6bgn

resource_url http://public2.vulnerablecode.io/packages/pkg:nuget/System.Net.Http@4.1.0

url pkg:nuget/System.Net.Http@4.1.1

purl pkg:nuget/System.Net.Http@4.1.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-axvm-3dh9-3kf6

vulnerability	VCID-b2mg-kc6t-z7ht

vulnerability	VCID-j4d8-wr24-63d3

vulnerability	VCID-mrpr-pw4n-bfae

vulnerability	VCID-zdjb-98e7-6bgn

resource_url http://public2.vulnerablecode.io/packages/pkg:nuget/System.Net.Http@4.1.1

url pkg:nuget/System.Net.Http@4.1.2

purl pkg:nuget/System.Net.Http@4.1.2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-zdjb-98e7-6bgn

resource_url http://public2.vulnerablecode.io/packages/pkg:nuget/System.Net.Http@4.1.2

url pkg:nuget/System.Net.Http@4.1.3

purl pkg:nuget/System.Net.Http@4.1.3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-zdjb-98e7-6bgn

resource_url http://public2.vulnerablecode.io/packages/pkg:nuget/System.Net.Http@4.1.3

url pkg:nuget/System.Net.Http@4.1.4

purl pkg:nuget/System.Net.Http@4.1.4

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-zdjb-98e7-6bgn

resource_url http://public2.vulnerablecode.io/packages/pkg:nuget/System.Net.Http@4.1.4

url pkg:nuget/System.Net.Http@4.3.0-preview1-24530-04

purl pkg:nuget/System.Net.Http@4.3.0-preview1-24530-04

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-zdjb-98e7-6bgn

resource_url http://public2.vulnerablecode.io/packages/pkg:nuget/System.Net.Http@4.3.0-preview1-24530-04

url pkg:nuget/System.Net.Http@4.3.0

purl pkg:nuget/System.Net.Http@4.3.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-zdjb-98e7-6bgn

resource_url http://public2.vulnerablecode.io/packages/pkg:nuget/System.Net.Http@4.3.0

url pkg:nuget/System.Net.Http@4.3.1

purl pkg:nuget/System.Net.Http@4.3.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-axvm-3dh9-3kf6

vulnerability	VCID-b2mg-kc6t-z7ht

vulnerability	VCID-j4d8-wr24-63d3

vulnerability	VCID-mrpr-pw4n-bfae

vulnerability	VCID-zdjb-98e7-6bgn

resource_url http://public2.vulnerablecode.io/packages/pkg:nuget/System.Net.Http@4.3.1

url pkg:nuget/System.Net.Http@4.3.2

purl pkg:nuget/System.Net.Http@4.3.2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-zdjb-98e7-6bgn

resource_url http://public2.vulnerablecode.io/packages/pkg:nuget/System.Net.Http@4.3.2

url pkg:nuget/System.Net.Http@4.3.3

purl pkg:nuget/System.Net.Http@4.3.3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-zdjb-98e7-6bgn

resource_url http://public2.vulnerablecode.io/packages/pkg:nuget/System.Net.Http@4.3.3

url pkg:rpm/redhat/rh-dotnetcore10-dotnetcore@1.0.13-1?arch=el7

purl pkg:rpm/redhat/rh-dotnetcore10-dotnetcore@1.0.13-1?arch=el7

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-zdjb-98e7-6bgn

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/rh-dotnetcore10-dotnetcore@1.0.13-1%3Farch=el7

url pkg:rpm/redhat/rh-dotnetcore11-dotnetcore@1.1.10-1?arch=el7

purl pkg:rpm/redhat/rh-dotnetcore11-dotnetcore@1.1.10-1?arch=el7

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-zdjb-98e7-6bgn

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/rh-dotnetcore11-dotnetcore@1.1.10-1%3Farch=el7

References

reference_url

https://access.redhat.com/errata/RHSA-2018:2902

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://access.redhat.com/errata/RHSA-2018:2902

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-8292.json

reference_id

reference_type

scores

value	7.4
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-8292.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2018-8292

reference_id

reference_type

scores

value	0.06775
scoring_system	epss
scoring_elements	0.91307
published_at	2026-04-13T12:55:00Z

value	0.06775
scoring_system	epss
scoring_elements	0.91308
published_at	2026-04-12T12:55:00Z

value	0.06775
scoring_system	epss
scoring_elements	0.91305
published_at	2026-04-11T12:55:00Z

value	0.06775
scoring_system	epss
scoring_elements	0.91298
published_at	2026-04-09T12:55:00Z

value	0.06775
scoring_system	epss
scoring_elements	0.91292
published_at	2026-04-08T12:55:00Z

value	0.06775
scoring_system	epss
scoring_elements	0.91258
published_at	2026-04-01T12:55:00Z

value	0.06775
scoring_system	epss
scoring_elements	0.9128
published_at	2026-04-07T12:55:00Z

value	0.06775
scoring_system	epss
scoring_elements	0.91263
published_at	2026-04-02T12:55:00Z

value	0.06775
scoring_system	epss
scoring_elements	0.91273
published_at	2026-04-04T12:55:00Z

value	0.06775
scoring_system	epss
scoring_elements	0.91333
published_at	2026-04-21T12:55:00Z

value	0.06775
scoring_system	epss
scoring_elements	0.91332
published_at	2026-04-18T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2018-8292

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

https://github.com/dotnet/announcements/issues/88

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/dotnet/announcements/issues/88

reference_url

http://www.securityfocus.com/bid/105548

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

http://www.securityfocus.com/bid/105548

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1636274
reference_id	1636274
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1636274

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2018-8292

reference_id

CVE-2018-8292

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2018-8292

reference_url

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8292

reference_id

CVE-2018-8292

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8292

reference_url

https://github.com/advisories/GHSA-7jgj-8wvc-jh57

reference_id

GHSA-7jgj-8wvc-jh57

reference_type

scores

value	HIGH
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-7jgj-8wvc-jh57

Weaknesses

cwe_id	1035
name	OWASP Top Ten 2017 Category A9 - Using Components with Known Vulnerabilities
description	Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2017.

cwe_id	200
name	Exposure of Sensitive Information to an Unauthorized Actor
description	The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.

cwe_id	937
name	OWASP Top Ten 2013 Category A9 - Using Components with Known Vulnerabilities
description	Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2013.

cwe_id	201
name	Insertion of Sensitive Information Into Sent Data
description	The code transmits data to another actor, but a portion of the data includes sensitive information that should not be accessible to that actor.

Exploits

Severity_range_score 5.9 - 8.9

Exploitability 0.5

Weighted_severity 8.0

Risk_score 4.0

Resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-zdjb-98e7-6bgn

Vulnerability Instance