Vulnerability Instance
Lookup for vulnerabilities affecting packages.
GET /api/vulnerabilities/5694?format=api
{ "url": "http://public2.vulnerablecode.io/api/vulnerabilities/5694?format=api", "vulnerability_id": "VCID-rrau-77nx-mybd", "summary": "uWSGI before 2.0.17 mishandles a DOCUMENT_ROOT check during use of the --php-docroot option, allowing directory traversal.", "aliases": [ { "alias": "CVE-2018-7490" }, { "alias": "GHSA-h2vm-c85r-5vh5" }, { "alias": "PYSEC-2018-78" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/399224?format=api", "purl": "pkg:apk/alpine/uwsgi@2.0.17-r0?arch=aarch64&distroversion=v3.6&reponame=main", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/uwsgi@2.0.17-r0%3Farch=aarch64&distroversion=v3.6&reponame=main" }, { "url": "http://public2.vulnerablecode.io/api/packages/399225?format=api", "purl": "pkg:apk/alpine/uwsgi@2.0.17-r0?arch=armhf&distroversion=v3.6&reponame=main", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/uwsgi@2.0.17-r0%3Farch=armhf&distroversion=v3.6&reponame=main" }, { "url": "http://public2.vulnerablecode.io/api/packages/399226?format=api", "purl": "pkg:apk/alpine/uwsgi@2.0.17-r0?arch=ppc64le&distroversion=v3.6&reponame=main", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/uwsgi@2.0.17-r0%3Farch=ppc64le&distroversion=v3.6&reponame=main" }, { "url": "http://public2.vulnerablecode.io/api/packages/399227?format=api", "purl": "pkg:apk/alpine/uwsgi@2.0.17-r0?arch=s390x&distroversion=v3.6&reponame=main", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/uwsgi@2.0.17-r0%3Farch=s390x&distroversion=v3.6&reponame=main" }, { "url": "http://public2.vulnerablecode.io/api/packages/399228?format=api", "purl": "pkg:apk/alpine/uwsgi@2.0.17-r0?arch=x86&distroversion=v3.6&reponame=main", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/uwsgi@2.0.17-r0%3Farch=x86&distroversion=v3.6&reponame=main" }, { "url": "http://public2.vulnerablecode.io/api/packages/399229?format=api", "purl": "pkg:apk/alpine/uwsgi@2.0.17-r0?arch=x86_64&distroversion=v3.6&reponame=main", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/uwsgi@2.0.17-r0%3Farch=x86_64&distroversion=v3.6&reponame=main" }, { "url": "http://public2.vulnerablecode.io/api/packages/467491?format=api", "purl": "pkg:apk/alpine/uwsgi@2.0.17-r0?arch=armhf&distroversion=v3.4&reponame=main", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/uwsgi@2.0.17-r0%3Farch=armhf&distroversion=v3.4&reponame=main" }, { "url": "http://public2.vulnerablecode.io/api/packages/467492?format=api", "purl": "pkg:apk/alpine/uwsgi@2.0.17-r0?arch=x86&distroversion=v3.4&reponame=main", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/uwsgi@2.0.17-r0%3Farch=x86&distroversion=v3.4&reponame=main" }, { "url": "http://public2.vulnerablecode.io/api/packages/467493?format=api", "purl": "pkg:apk/alpine/uwsgi@2.0.17-r0?arch=x86_64&distroversion=v3.4&reponame=main", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/uwsgi@2.0.17-r0%3Farch=x86_64&distroversion=v3.4&reponame=main" }, { "url": "http://public2.vulnerablecode.io/api/packages/496061?format=api", "purl": "pkg:apk/alpine/uwsgi@2.0.17-r0?arch=aarch64&distroversion=v3.5&reponame=main", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/uwsgi@2.0.17-r0%3Farch=aarch64&distroversion=v3.5&reponame=main" }, { "url": "http://public2.vulnerablecode.io/api/packages/496062?format=api", "purl": "pkg:apk/alpine/uwsgi@2.0.17-r0?arch=armhf&distroversion=v3.5&reponame=main", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/uwsgi@2.0.17-r0%3Farch=armhf&distroversion=v3.5&reponame=main" }, { "url": "http://public2.vulnerablecode.io/api/packages/496063?format=api", "purl": "pkg:apk/alpine/uwsgi@2.0.17-r0?arch=x86&distroversion=v3.5&reponame=main", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/uwsgi@2.0.17-r0%3Farch=x86&distroversion=v3.5&reponame=main" }, { "url": "http://public2.vulnerablecode.io/api/packages/496064?format=api", "purl": "pkg:apk/alpine/uwsgi@2.0.17-r0?arch=x86_64&distroversion=v3.5&reponame=main", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/uwsgi@2.0.17-r0%3Farch=x86_64&distroversion=v3.5&reponame=main" }, { "url": "http://public2.vulnerablecode.io/api/packages/965389?format=api", "purl": "pkg:apk/alpine/uwsgi@2.0.17-r0?arch=armhf&distroversion=v3.7&reponame=main", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/uwsgi@2.0.17-r0%3Farch=armhf&distroversion=v3.7&reponame=main" }, { "url": "http://public2.vulnerablecode.io/api/packages/965390?format=api", "purl": "pkg:apk/alpine/uwsgi@2.0.17-r0?arch=ppc64le&distroversion=v3.7&reponame=main", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/uwsgi@2.0.17-r0%3Farch=ppc64le&distroversion=v3.7&reponame=main" }, { "url": "http://public2.vulnerablecode.io/api/packages/965391?format=api", "purl": "pkg:apk/alpine/uwsgi@2.0.17-r0?arch=s390x&distroversion=v3.7&reponame=main", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/uwsgi@2.0.17-r0%3Farch=s390x&distroversion=v3.7&reponame=main" }, { "url": "http://public2.vulnerablecode.io/api/packages/965392?format=api", "purl": "pkg:apk/alpine/uwsgi@2.0.17-r0?arch=x86&distroversion=v3.7&reponame=main", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/uwsgi@2.0.17-r0%3Farch=x86&distroversion=v3.7&reponame=main" }, { "url": "http://public2.vulnerablecode.io/api/packages/965393?format=api", "purl": "pkg:apk/alpine/uwsgi@2.0.17-r0?arch=x86_64&distroversion=v3.7&reponame=main", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/uwsgi@2.0.17-r0%3Farch=x86_64&distroversion=v3.7&reponame=main" }, { "url": "http://public2.vulnerablecode.io/api/packages/965388?format=api", "purl": "pkg:apk/alpine/uwsgi@2.0.17-r0?arch=aarch64&distroversion=v3.7&reponame=main", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/uwsgi@2.0.17-r0%3Farch=aarch64&distroversion=v3.7&reponame=main" }, { "url": "http://public2.vulnerablecode.io/api/packages/1036763?format=api", "purl": "pkg:deb/debian/uwsgi@2.0.7-1%2Bdeb8u2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-redt-eznr-43fv" }, { "vulnerability": "VCID-rrau-77nx-mybd" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/uwsgi@2.0.7-1%252Bdeb8u2" }, { "url": "http://public2.vulnerablecode.io/api/packages/1037091?format=api", "purl": "pkg:deb/debian/uwsgi@2.0.14%2B20161117-3%2Bdeb9u2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-redt-eznr-43fv" }, { "vulnerability": "VCID-rrau-77nx-mybd" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/uwsgi@2.0.14%252B20161117-3%252Bdeb9u2" }, { "url": "http://public2.vulnerablecode.io/api/packages/941986?format=api", "purl": "pkg:deb/debian/uwsgi@2.0.15-10.4?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/uwsgi@2.0.15-10.4%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1052091?format=api", "purl": "pkg:deb/debian/uwsgi@2.0.18-1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/uwsgi@2.0.18-1" }, { "url": "http://public2.vulnerablecode.io/api/packages/941982?format=api", "purl": "pkg:deb/debian/uwsgi@2.0.19.1-7.1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/uwsgi@2.0.19.1-7.1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/941980?format=api", "purl": "pkg:deb/debian/uwsgi@2.0.21-5.1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/uwsgi@2.0.21-5.1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/941985?format=api", "purl": "pkg:deb/debian/uwsgi@2.0.28-9?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/uwsgi@2.0.28-9%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/941983?format=api", "purl": "pkg:deb/debian/uwsgi@2.0.31-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/uwsgi@2.0.31-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/941984?format=api", "purl": "pkg:deb/debian/uwsgi@2.0.31-4?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/uwsgi@2.0.31-4%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/5771?format=api", "purl": "pkg:pypi/uwsgi@2.0.17", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4c3m-m6ku-kbhq" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/uwsgi@2.0.17" } ], "affected_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1036761?format=api", "purl": "pkg:deb/debian/uwsgi@1.2.3%2Bdfsg-5%2Bdeb7u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-redt-eznr-43fv" }, { "vulnerability": "VCID-rrau-77nx-mybd" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/uwsgi@1.2.3%252Bdfsg-5%252Bdeb7u1" }, { "url": "http://public2.vulnerablecode.io/api/packages/1036762?format=api", "purl": "pkg:deb/debian/uwsgi@2.0.7-1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-redt-eznr-43fv" }, { "vulnerability": "VCID-rrau-77nx-mybd" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/uwsgi@2.0.7-1" }, { "url": "http://public2.vulnerablecode.io/api/packages/1036763?format=api", "purl": "pkg:deb/debian/uwsgi@2.0.7-1%2Bdeb8u2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-redt-eznr-43fv" }, { "vulnerability": "VCID-rrau-77nx-mybd" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/uwsgi@2.0.7-1%252Bdeb8u2" }, { "url": "http://public2.vulnerablecode.io/api/packages/1037091?format=api", "purl": "pkg:deb/debian/uwsgi@2.0.14%2B20161117-3%2Bdeb9u2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-redt-eznr-43fv" }, { "vulnerability": "VCID-rrau-77nx-mybd" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/uwsgi@2.0.14%252B20161117-3%252Bdeb9u2" }, { "url": "http://public2.vulnerablecode.io/api/packages/5722?format=api", "purl": "pkg:pypi/uwsgi@1.4.9", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4c3m-m6ku-kbhq" }, { "vulnerability": "VCID-rrau-77nx-mybd" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/uwsgi@1.4.9" }, { "url": "http://public2.vulnerablecode.io/api/packages/5723?format=api", "purl": "pkg:pypi/uwsgi@1.4.10", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4c3m-m6ku-kbhq" }, { "vulnerability": "VCID-rrau-77nx-mybd" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/uwsgi@1.4.10" }, { "url": "http://public2.vulnerablecode.io/api/packages/5724?format=api", "purl": "pkg:pypi/uwsgi@1.9", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4c3m-m6ku-kbhq" }, { "vulnerability": "VCID-rrau-77nx-mybd" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/uwsgi@1.9" }, { "url": "http://public2.vulnerablecode.io/api/packages/5725?format=api", "purl": "pkg:pypi/uwsgi@1.9.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4c3m-m6ku-kbhq" }, { "vulnerability": "VCID-rrau-77nx-mybd" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/uwsgi@1.9.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/5726?format=api", "purl": "pkg:pypi/uwsgi@1.9.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4c3m-m6ku-kbhq" }, { "vulnerability": "VCID-rrau-77nx-mybd" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/uwsgi@1.9.2" }, { "url": "http://public2.vulnerablecode.io/api/packages/5727?format=api", "purl": "pkg:pypi/uwsgi@1.9.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4c3m-m6ku-kbhq" }, { "vulnerability": "VCID-rrau-77nx-mybd" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/uwsgi@1.9.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/5728?format=api", "purl": "pkg:pypi/uwsgi@1.9.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4c3m-m6ku-kbhq" }, { "vulnerability": "VCID-rrau-77nx-mybd" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/uwsgi@1.9.4" }, { "url": "http://public2.vulnerablecode.io/api/packages/5729?format=api", "purl": "pkg:pypi/uwsgi@1.9.5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4c3m-m6ku-kbhq" }, { "vulnerability": "VCID-rrau-77nx-mybd" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/uwsgi@1.9.5" }, { "url": "http://public2.vulnerablecode.io/api/packages/5730?format=api", "purl": "pkg:pypi/uwsgi@1.9.6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4c3m-m6ku-kbhq" }, { "vulnerability": "VCID-rrau-77nx-mybd" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/uwsgi@1.9.6" }, { "url": "http://public2.vulnerablecode.io/api/packages/5731?format=api", "purl": "pkg:pypi/uwsgi@1.9.7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4c3m-m6ku-kbhq" }, { "vulnerability": "VCID-rrau-77nx-mybd" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/uwsgi@1.9.7" }, { "url": "http://public2.vulnerablecode.io/api/packages/5732?format=api", "purl": "pkg:pypi/uwsgi@1.9.8", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4c3m-m6ku-kbhq" }, { "vulnerability": "VCID-rrau-77nx-mybd" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/uwsgi@1.9.8" }, { "url": "http://public2.vulnerablecode.io/api/packages/5733?format=api", "purl": "pkg:pypi/uwsgi@1.9.9", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4c3m-m6ku-kbhq" }, { "vulnerability": "VCID-rrau-77nx-mybd" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/uwsgi@1.9.9" }, { "url": "http://public2.vulnerablecode.io/api/packages/5734?format=api", "purl": "pkg:pypi/uwsgi@1.9.10", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4c3m-m6ku-kbhq" }, { "vulnerability": "VCID-rrau-77nx-mybd" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/uwsgi@1.9.10" }, { "url": "http://public2.vulnerablecode.io/api/packages/5735?format=api", "purl": "pkg:pypi/uwsgi@1.9.11", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4c3m-m6ku-kbhq" }, { "vulnerability": "VCID-rrau-77nx-mybd" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/uwsgi@1.9.11" }, { "url": "http://public2.vulnerablecode.io/api/packages/5736?format=api", "purl": "pkg:pypi/uwsgi@1.9.12", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4c3m-m6ku-kbhq" }, { "vulnerability": "VCID-rrau-77nx-mybd" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/uwsgi@1.9.12" }, { "url": "http://public2.vulnerablecode.io/api/packages/5737?format=api", "purl": "pkg:pypi/uwsgi@1.9.13", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4c3m-m6ku-kbhq" }, { "vulnerability": "VCID-rrau-77nx-mybd" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/uwsgi@1.9.13" }, { "url": "http://public2.vulnerablecode.io/api/packages/5738?format=api", "purl": "pkg:pypi/uwsgi@1.9.14", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4c3m-m6ku-kbhq" }, { "vulnerability": "VCID-rrau-77nx-mybd" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/uwsgi@1.9.14" }, { "url": "http://public2.vulnerablecode.io/api/packages/5739?format=api", "purl": "pkg:pypi/uwsgi@1.9.15", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4c3m-m6ku-kbhq" }, { "vulnerability": "VCID-rrau-77nx-mybd" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/uwsgi@1.9.15" }, { "url": "http://public2.vulnerablecode.io/api/packages/5740?format=api", "purl": "pkg:pypi/uwsgi@1.9.16", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4c3m-m6ku-kbhq" }, { "vulnerability": "VCID-rrau-77nx-mybd" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/uwsgi@1.9.16" }, { "url": "http://public2.vulnerablecode.io/api/packages/5741?format=api", "purl": "pkg:pypi/uwsgi@1.9.17", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4c3m-m6ku-kbhq" }, { "vulnerability": "VCID-rrau-77nx-mybd" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/uwsgi@1.9.17" }, { "url": "http://public2.vulnerablecode.io/api/packages/5742?format=api", "purl": "pkg:pypi/uwsgi@1.9.17.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4c3m-m6ku-kbhq" }, { "vulnerability": "VCID-rrau-77nx-mybd" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/uwsgi@1.9.17.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/5743?format=api", "purl": "pkg:pypi/uwsgi@1.9.18", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4c3m-m6ku-kbhq" }, { "vulnerability": "VCID-rrau-77nx-mybd" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/uwsgi@1.9.18" }, { "url": "http://public2.vulnerablecode.io/api/packages/5744?format=api", "purl": "pkg:pypi/uwsgi@1.9.18.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4c3m-m6ku-kbhq" }, { "vulnerability": "VCID-rrau-77nx-mybd" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/uwsgi@1.9.18.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/5745?format=api", "purl": "pkg:pypi/uwsgi@1.9.18.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4c3m-m6ku-kbhq" }, { "vulnerability": "VCID-rrau-77nx-mybd" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/uwsgi@1.9.18.2" }, { "url": "http://public2.vulnerablecode.io/api/packages/5746?format=api", "purl": "pkg:pypi/uwsgi@1.9.19", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4c3m-m6ku-kbhq" }, { "vulnerability": "VCID-rrau-77nx-mybd" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/uwsgi@1.9.19" }, { "url": "http://public2.vulnerablecode.io/api/packages/5747?format=api", "purl": "pkg:pypi/uwsgi@1.9.20", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4c3m-m6ku-kbhq" }, { "vulnerability": "VCID-rrau-77nx-mybd" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/uwsgi@1.9.20" }, { "url": "http://public2.vulnerablecode.io/api/packages/5748?format=api", "purl": "pkg:pypi/uwsgi@1.9.21", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4c3m-m6ku-kbhq" }, { "vulnerability": "VCID-rrau-77nx-mybd" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/uwsgi@1.9.21" }, { "url": "http://public2.vulnerablecode.io/api/packages/5749?format=api", "purl": "pkg:pypi/uwsgi@1.9.21.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4c3m-m6ku-kbhq" }, { "vulnerability": "VCID-rrau-77nx-mybd" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/uwsgi@1.9.21.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/5750?format=api", "purl": "pkg:pypi/uwsgi@2.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4c3m-m6ku-kbhq" }, { "vulnerability": "VCID-rrau-77nx-mybd" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/uwsgi@2.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/5751?format=api", "purl": "pkg:pypi/uwsgi@2.0.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4c3m-m6ku-kbhq" }, { "vulnerability": "VCID-rrau-77nx-mybd" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/uwsgi@2.0.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/5752?format=api", "purl": "pkg:pypi/uwsgi@2.0.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4c3m-m6ku-kbhq" }, { "vulnerability": "VCID-rrau-77nx-mybd" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/uwsgi@2.0.2" }, { "url": "http://public2.vulnerablecode.io/api/packages/5753?format=api", "purl": "pkg:pypi/uwsgi@2.0.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4c3m-m6ku-kbhq" }, { "vulnerability": "VCID-rrau-77nx-mybd" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/uwsgi@2.0.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/5754?format=api", "purl": "pkg:pypi/uwsgi@2.0.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4c3m-m6ku-kbhq" }, { "vulnerability": "VCID-rrau-77nx-mybd" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/uwsgi@2.0.4" }, { "url": "http://public2.vulnerablecode.io/api/packages/5755?format=api", "purl": "pkg:pypi/uwsgi@2.0.5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4c3m-m6ku-kbhq" }, { "vulnerability": "VCID-rrau-77nx-mybd" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/uwsgi@2.0.5" }, { "url": "http://public2.vulnerablecode.io/api/packages/5756?format=api", "purl": "pkg:pypi/uwsgi@2.0.5.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4c3m-m6ku-kbhq" }, { "vulnerability": "VCID-rrau-77nx-mybd" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/uwsgi@2.0.5.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/5757?format=api", "purl": "pkg:pypi/uwsgi@2.0.6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4c3m-m6ku-kbhq" }, { "vulnerability": "VCID-rrau-77nx-mybd" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/uwsgi@2.0.6" }, { "url": "http://public2.vulnerablecode.io/api/packages/5758?format=api", "purl": "pkg:pypi/uwsgi@2.0.7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4c3m-m6ku-kbhq" }, { "vulnerability": "VCID-rrau-77nx-mybd" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/uwsgi@2.0.7" }, { "url": "http://public2.vulnerablecode.io/api/packages/5759?format=api", "purl": "pkg:pypi/uwsgi@2.0.8", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4c3m-m6ku-kbhq" }, { "vulnerability": "VCID-rrau-77nx-mybd" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/uwsgi@2.0.8" }, { "url": "http://public2.vulnerablecode.io/api/packages/5760?format=api", "purl": "pkg:pypi/uwsgi@2.0.9", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4c3m-m6ku-kbhq" }, { "vulnerability": "VCID-rrau-77nx-mybd" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/uwsgi@2.0.9" }, { "url": "http://public2.vulnerablecode.io/api/packages/5761?format=api", "purl": "pkg:pypi/uwsgi@2.0.10", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4c3m-m6ku-kbhq" }, { "vulnerability": "VCID-rrau-77nx-mybd" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/uwsgi@2.0.10" }, { "url": "http://public2.vulnerablecode.io/api/packages/5762?format=api", "purl": "pkg:pypi/uwsgi@2.0.11", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4c3m-m6ku-kbhq" }, { "vulnerability": "VCID-rrau-77nx-mybd" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/uwsgi@2.0.11" }, { "url": "http://public2.vulnerablecode.io/api/packages/5763?format=api", "purl": "pkg:pypi/uwsgi@2.0.11.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4c3m-m6ku-kbhq" }, { "vulnerability": "VCID-rrau-77nx-mybd" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/uwsgi@2.0.11.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/5764?format=api", "purl": "pkg:pypi/uwsgi@2.0.11.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4c3m-m6ku-kbhq" }, { "vulnerability": "VCID-rrau-77nx-mybd" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/uwsgi@2.0.11.2" }, { "url": "http://public2.vulnerablecode.io/api/packages/5765?format=api", "purl": "pkg:pypi/uwsgi@2.0.12", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4c3m-m6ku-kbhq" }, { "vulnerability": "VCID-rrau-77nx-mybd" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/uwsgi@2.0.12" }, { "url": "http://public2.vulnerablecode.io/api/packages/5766?format=api", "purl": "pkg:pypi/uwsgi@2.0.13", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4c3m-m6ku-kbhq" }, { "vulnerability": "VCID-rrau-77nx-mybd" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/uwsgi@2.0.13" }, { "url": "http://public2.vulnerablecode.io/api/packages/5767?format=api", "purl": "pkg:pypi/uwsgi@2.0.13.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4c3m-m6ku-kbhq" }, { "vulnerability": "VCID-rrau-77nx-mybd" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/uwsgi@2.0.13.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/5768?format=api", "purl": "pkg:pypi/uwsgi@2.0.14", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4c3m-m6ku-kbhq" }, { "vulnerability": "VCID-rrau-77nx-mybd" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/uwsgi@2.0.14" }, { "url": "http://public2.vulnerablecode.io/api/packages/5769?format=api", "purl": "pkg:pypi/uwsgi@2.0.15", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4c3m-m6ku-kbhq" }, { "vulnerability": "VCID-rrau-77nx-mybd" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/uwsgi@2.0.15" }, { "url": "http://public2.vulnerablecode.io/api/packages/5770?format=api", "purl": "pkg:pypi/uwsgi@2.0.16", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4c3m-m6ku-kbhq" }, { "vulnerability": "VCID-rrau-77nx-mybd" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/uwsgi@2.0.16" } ], "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-7490", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.93301", "scoring_system": "epss", "scoring_elements": "0.99804", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.93301", "scoring_system": "epss", "scoring_elements": "0.99806", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.93301", "scoring_system": "epss", "scoring_elements": "0.99805", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.93301", "scoring_system": "epss", "scoring_elements": "0.99803", "published_at": "2026-04-02T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-7490" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-7490", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-7490" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/uwsgi/PYSEC-2018-78.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "8.7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/uwsgi/PYSEC-2018-78.yaml" }, { "reference_url": "https://github.com/unbit/uwsgi", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "8.7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/unbit/uwsgi" }, { "reference_url": "https://github.com/unbit/uwsgi/commit/0a480f435ea6feb63deb410ad2bf376ed3f05f8a", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "8.7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/unbit/uwsgi/commit/0a480f435ea6feb63deb410ad2bf376ed3f05f8a" }, { "reference_url": "https://uwsgi-docs.readthedocs.io/en/latest/Changelog-2.0.17.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "8.7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://uwsgi-docs.readthedocs.io/en/latest/Changelog-2.0.17.html" }, { "reference_url": "https://www.debian.org/security/2018/dsa-4142", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "8.7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.debian.org/security/2018/dsa-4142" }, { "reference_url": "https://www.exploit-db.com/exploits/44223", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "8.7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.exploit-db.com/exploits/44223" }, { "reference_url": "https://www.exploit-db.com/exploits/44223/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.exploit-db.com/exploits/44223/" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=891639", "reference_id": "891639", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=891639" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/webapps/44223.txt", "reference_id": "CVE-2018-7490", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/webapps/44223.txt" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2018-7490", "reference_id": "CVE-2018-7490", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "8.7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-7490" }, { "reference_url": "https://github.com/advisories/GHSA-h2vm-c85r-5vh5", "reference_id": "GHSA-h2vm-c85r-5vh5", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-h2vm-c85r-5vh5" } ], "weaknesses": [ { "cwe_id": 22, "name": "Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')", "description": "The product uses external input to construct a pathname that is intended to identify a file or directory that is located underneath a restricted parent directory, but the product does not properly neutralize special elements within the pathname that can cause the pathname to resolve to a location that is outside of the restricted directory." }, { "cwe_id": 937, "name": "OWASP Top Ten 2013 Category A9 - Using Components with Known Vulnerabilities", "description": "Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2013." }, { "cwe_id": 1035, "name": "OWASP Top Ten 2017 Category A9 - Using Components with Known Vulnerabilities", "description": "Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2017." } ], "exploits": [ { "date_added": "2018-03-02", "description": "uWSGI < 2.0.17 - Directory Traversal", "required_action": null, "due_date": null, "notes": null, "known_ransomware_campaign_use": true, "source_date_published": "2018-03-02", "exploit_type": "webapps", "platform": "php", "source_date_updated": "2018-03-02", "data_source": "Exploit-DB", "source_url": "" } ], "severity_range_score": "7.0 - 8.9", "exploitability": "2.0", "weighted_severity": "8.0", "risk_score": 10.0, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-rrau-77nx-mybd" }