Django REST framework

Lookup for vulnerabilities affecting packages.

Vulnerability_id VCID-cjyz-fdnv-b3g4

Summary multiple issues

Aliases

alias	CVE-2021-22945

Fixed_packages

url	pkg:alpm/archlinux/curl@7.79.0-1
purl	pkg:alpm/archlinux/curl@7.79.0-1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/curl@7.79.0-1

url	pkg:alpm/archlinux/lib32-curl@7.79.0-1
purl	pkg:alpm/archlinux/lib32-curl@7.79.0-1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/lib32-curl@7.79.0-1

url	pkg:alpm/archlinux/lib32-libcurl-compat@7.79.0-1
purl	pkg:alpm/archlinux/lib32-libcurl-compat@7.79.0-1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/lib32-libcurl-compat@7.79.0-1

url	pkg:alpm/archlinux/lib32-libcurl-gnutls@7.79.0-1
purl	pkg:alpm/archlinux/lib32-libcurl-gnutls@7.79.0-1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/lib32-libcurl-gnutls@7.79.0-1

url	pkg:alpm/archlinux/libcurl-compat@7.79.0-1
purl	pkg:alpm/archlinux/libcurl-compat@7.79.0-1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/libcurl-compat@7.79.0-1

url	pkg:alpm/archlinux/libcurl-gnutls@7.79.0-1
purl	pkg:alpm/archlinux/libcurl-gnutls@7.79.0-1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/libcurl-gnutls@7.79.0-1

url	pkg:conan/libcurl@7.79.1
purl	pkg:conan/libcurl@7.79.1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:conan/libcurl@7.79.1

Affected_packages

url pkg:alpm/archlinux/curl@7.78.0-1

purl pkg:alpm/archlinux/curl@7.78.0-1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-7yvu-s3p2-sfhc

vulnerability	VCID-cjyz-fdnv-b3g4

vulnerability	VCID-q8tg-prj1-y7b8

resource_url http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/curl@7.78.0-1

url pkg:alpm/archlinux/lib32-curl@7.78.0-1

purl pkg:alpm/archlinux/lib32-curl@7.78.0-1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-7yvu-s3p2-sfhc

vulnerability	VCID-cjyz-fdnv-b3g4

vulnerability	VCID-q8tg-prj1-y7b8

resource_url http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/lib32-curl@7.78.0-1

url pkg:alpm/archlinux/lib32-libcurl-compat@7.78.0-1

purl pkg:alpm/archlinux/lib32-libcurl-compat@7.78.0-1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-7yvu-s3p2-sfhc

vulnerability	VCID-cjyz-fdnv-b3g4

vulnerability	VCID-q8tg-prj1-y7b8

resource_url http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/lib32-libcurl-compat@7.78.0-1

url pkg:alpm/archlinux/lib32-libcurl-gnutls@7.78.0-1

purl pkg:alpm/archlinux/lib32-libcurl-gnutls@7.78.0-1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-7yvu-s3p2-sfhc

vulnerability	VCID-cjyz-fdnv-b3g4

vulnerability	VCID-q8tg-prj1-y7b8

resource_url http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/lib32-libcurl-gnutls@7.78.0-1

url pkg:alpm/archlinux/libcurl-compat@7.78.0-1

purl pkg:alpm/archlinux/libcurl-compat@7.78.0-1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-7yvu-s3p2-sfhc

vulnerability	VCID-cjyz-fdnv-b3g4

vulnerability	VCID-q8tg-prj1-y7b8

resource_url http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/libcurl-compat@7.78.0-1

url pkg:alpm/archlinux/libcurl-gnutls@7.78.0-1

purl pkg:alpm/archlinux/libcurl-gnutls@7.78.0-1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-7yvu-s3p2-sfhc

vulnerability	VCID-cjyz-fdnv-b3g4

vulnerability	VCID-q8tg-prj1-y7b8

resource_url http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/libcurl-gnutls@7.78.0-1

url pkg:conan/libcurl@7.73.0

purl pkg:conan/libcurl@7.73.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-cjyz-fdnv-b3g4

resource_url http://public2.vulnerablecode.io/packages/pkg:conan/libcurl@7.73.0

url pkg:conan/libcurl@7.78.0

purl pkg:conan/libcurl@7.78.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-cjyz-fdnv-b3g4

resource_url http://public2.vulnerablecode.io/packages/pkg:conan/libcurl@7.78.0

References

reference_url

https://security.archlinux.org/AVG-2384

reference_id

AVG-2384

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-2384

reference_url

https://security.archlinux.org/AVG-2385

reference_id

AVG-2385

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-2385

reference_url

https://security.archlinux.org/AVG-2386

reference_id

AVG-2386

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-2386

reference_url

https://security.archlinux.org/AVG-2387

reference_id

AVG-2387

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-2387

reference_url

https://security.archlinux.org/AVG-2388

reference_id

AVG-2388

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-2388

reference_url

https://security.archlinux.org/AVG-2389

reference_id

AVG-2389

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-2389

reference_url	https://nvd.nist.gov/vuln/detail/CVE-2021-22945
reference_id	CVE-2021-22945
reference_type
scores
url	https://nvd.nist.gov/vuln/detail/CVE-2021-22945

Weaknesses

cwe_id	1035
name	OWASP Top Ten 2017 Category A9 - Using Components with Known Vulnerabilities
description	Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2017.

cwe_id	415
name	Double Free
description	The product calls free() twice on the same memory address, potentially leading to modification of unexpected memory locations.

cwe_id	937
name	OWASP Top Ten 2013 Category A9 - Using Components with Known Vulnerabilities
description	Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2013.

Exploits

Severity_range_score 7.0 - 8.9

Exploitability null

Weighted_severity null

Risk_score null

Resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-cjyz-fdnv-b3g4

Vulnerability Instance