Django REST framework

Lookup for vulnerabilities affecting packages.

Vulnerability_id VCID-cmy6-8sjv-n3h1

Summary

Exposure of Sensitive Information to an Unauthorized Actor
The diffie_hellman_sha256 function in kex.c in libssh2 improperly truncates secrets to bits, which makes it easier for man-in-the-middle attackers to decrypt or intercept SSH sessions via unspecified vectors, aka a "bits/bytes confusion bug."

Aliases

alias	CVE-2016-0787

Fixed_packages

url	pkg:apk/alpine/libssh2@1.7.0-r0?arch=armhf&distroversion=v3.4&reponame=main
purl	pkg:apk/alpine/libssh2@1.7.0-r0?arch=armhf&distroversion=v3.4&reponame=main
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/libssh2@1.7.0-r0%3Farch=armhf&distroversion=v3.4&reponame=main

url	pkg:apk/alpine/libssh2@1.7.0-r0?arch=x86_64&distroversion=v3.4&reponame=main
purl	pkg:apk/alpine/libssh2@1.7.0-r0?arch=x86_64&distroversion=v3.4&reponame=main
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/libssh2@1.7.0-r0%3Farch=x86_64&distroversion=v3.4&reponame=main

url	pkg:apk/alpine/libssh2@1.7.0-r0?arch=x86&distroversion=v3.4&reponame=main
purl	pkg:apk/alpine/libssh2@1.7.0-r0?arch=x86&distroversion=v3.4&reponame=main
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/libssh2@1.7.0-r0%3Farch=x86&distroversion=v3.4&reponame=main

url pkg:deb/debian/libssh2@1.4.2-1.1%2Bdeb7u2

purl pkg:deb/debian/libssh2@1.4.2-1.1%2Bdeb7u2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-97nz-s1q6-x3fc

vulnerability	VCID-bcba-qntz-gkez

vulnerability	VCID-chdt-29cx-dyas

vulnerability	VCID-cmy6-8sjv-n3h1

vulnerability	VCID-f1me-9vqd-j7f6

vulnerability	VCID-grd5-zwxv-cqfw

vulnerability	VCID-gv2u-298u-jkcv

vulnerability	VCID-jp7j-dwbq-zkgk

vulnerability	VCID-k1js-k8q3-ekb2

vulnerability	VCID-mevw-g6yq-eqa8

vulnerability	VCID-qjzc-2hvn-2qg3

vulnerability	VCID-rv81-jwkz-w7b5

vulnerability	VCID-sy5b-nfqk-6ucm

vulnerability	VCID-wka6-6yn3-ubb1

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libssh2@1.4.2-1.1%252Bdeb7u2

url pkg:deb/debian/libssh2@1.4.3-4.1%2Bdeb8u1

purl pkg:deb/debian/libssh2@1.4.3-4.1%2Bdeb8u1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-97nz-s1q6-x3fc

vulnerability	VCID-bcba-qntz-gkez

vulnerability	VCID-cmy6-8sjv-n3h1

vulnerability	VCID-f1me-9vqd-j7f6

vulnerability	VCID-grd5-zwxv-cqfw

vulnerability	VCID-gv2u-298u-jkcv

vulnerability	VCID-jp7j-dwbq-zkgk

vulnerability	VCID-k1js-k8q3-ekb2

vulnerability	VCID-mevw-g6yq-eqa8

vulnerability	VCID-qjzc-2hvn-2qg3

vulnerability	VCID-rv81-jwkz-w7b5

vulnerability	VCID-sy5b-nfqk-6ucm

vulnerability	VCID-wka6-6yn3-ubb1

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libssh2@1.4.3-4.1%252Bdeb8u1

url	pkg:deb/debian/libssh2@1.5.0-2.1?distro=trixie
purl	pkg:deb/debian/libssh2@1.5.0-2.1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libssh2@1.5.0-2.1%3Fdistro=trixie

url pkg:deb/debian/libssh2@1.7.0-1%2Bdeb9u1

purl pkg:deb/debian/libssh2@1.7.0-1%2Bdeb9u1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-97nz-s1q6-x3fc

vulnerability	VCID-bcba-qntz-gkez

vulnerability	VCID-f1me-9vqd-j7f6

vulnerability	VCID-grd5-zwxv-cqfw

vulnerability	VCID-gv2u-298u-jkcv

vulnerability	VCID-jp7j-dwbq-zkgk

vulnerability	VCID-k1js-k8q3-ekb2

vulnerability	VCID-mevw-g6yq-eqa8

vulnerability	VCID-qjzc-2hvn-2qg3

vulnerability	VCID-rv81-jwkz-w7b5

vulnerability	VCID-sy5b-nfqk-6ucm

vulnerability	VCID-wka6-6yn3-ubb1

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libssh2@1.7.0-1%252Bdeb9u1

url	pkg:deb/debian/libssh2@1.9.0-2%2Bdeb11u1?distro=trixie
purl	pkg:deb/debian/libssh2@1.9.0-2%2Bdeb11u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libssh2@1.9.0-2%252Bdeb11u1%3Fdistro=trixie

url	pkg:deb/debian/libssh2@1.10.0-3?distro=trixie
purl	pkg:deb/debian/libssh2@1.10.0-3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libssh2@1.10.0-3%3Fdistro=trixie

url	pkg:deb/debian/libssh2@1.11.1-1?distro=trixie
purl	pkg:deb/debian/libssh2@1.11.1-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libssh2@1.11.1-1%3Fdistro=trixie

url	pkg:deb/debian/libssh2@1.11.1-2?distro=trixie
purl	pkg:deb/debian/libssh2@1.11.1-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libssh2@1.11.1-2%3Fdistro=trixie

url	pkg:ebuild/net-libs/libssh@0.7.3
purl	pkg:ebuild/net-libs/libssh@0.7.3
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/net-libs/libssh@0.7.3

url	pkg:ebuild/net-libs/libssh2@0.7.3
purl	pkg:ebuild/net-libs/libssh2@0.7.3
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/net-libs/libssh2@0.7.3

url	pkg:ebuild/net-libs/libssh2@1.7.0
purl	pkg:ebuild/net-libs/libssh2@1.7.0
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/net-libs/libssh2@1.7.0

url pkg:nuget/libssh2-vc141_xp@1.8.2

purl pkg:nuget/libssh2-vc141_xp@1.8.2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-grd5-zwxv-cqfw

vulnerability	VCID-jp7j-dwbq-zkgk

resource_url http://public2.vulnerablecode.io/packages/pkg:nuget/libssh2-vc141_xp@1.8.2

Affected_packages

url pkg:deb/debian/libssh2@0.18-1

purl pkg:deb/debian/libssh2@0.18-1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-97nz-s1q6-x3fc

vulnerability	VCID-bcba-qntz-gkez

vulnerability	VCID-chdt-29cx-dyas

vulnerability	VCID-cmy6-8sjv-n3h1

vulnerability	VCID-f1me-9vqd-j7f6

vulnerability	VCID-grd5-zwxv-cqfw

vulnerability	VCID-gv2u-298u-jkcv

vulnerability	VCID-jp7j-dwbq-zkgk

vulnerability	VCID-k1js-k8q3-ekb2

vulnerability	VCID-mevw-g6yq-eqa8

vulnerability	VCID-qjzc-2hvn-2qg3

vulnerability	VCID-rv81-jwkz-w7b5

vulnerability	VCID-sy5b-nfqk-6ucm

vulnerability	VCID-wka6-6yn3-ubb1

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libssh2@0.18-1

url pkg:deb/debian/libssh2@1.2.6-1

purl pkg:deb/debian/libssh2@1.2.6-1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-97nz-s1q6-x3fc

vulnerability	VCID-bcba-qntz-gkez

vulnerability	VCID-chdt-29cx-dyas

vulnerability	VCID-cmy6-8sjv-n3h1

vulnerability	VCID-f1me-9vqd-j7f6

vulnerability	VCID-grd5-zwxv-cqfw

vulnerability	VCID-gv2u-298u-jkcv

vulnerability	VCID-jp7j-dwbq-zkgk

vulnerability	VCID-k1js-k8q3-ekb2

vulnerability	VCID-mevw-g6yq-eqa8

vulnerability	VCID-qjzc-2hvn-2qg3

vulnerability	VCID-rv81-jwkz-w7b5

vulnerability	VCID-sy5b-nfqk-6ucm

vulnerability	VCID-wka6-6yn3-ubb1

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libssh2@1.2.6-1

url pkg:deb/debian/libssh2@1.2.6-1%2Bdeb6u2

purl pkg:deb/debian/libssh2@1.2.6-1%2Bdeb6u2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-97nz-s1q6-x3fc

vulnerability	VCID-bcba-qntz-gkez

vulnerability	VCID-chdt-29cx-dyas

vulnerability	VCID-cmy6-8sjv-n3h1

vulnerability	VCID-f1me-9vqd-j7f6

vulnerability	VCID-grd5-zwxv-cqfw

vulnerability	VCID-gv2u-298u-jkcv

vulnerability	VCID-jp7j-dwbq-zkgk

vulnerability	VCID-k1js-k8q3-ekb2

vulnerability	VCID-mevw-g6yq-eqa8

vulnerability	VCID-qjzc-2hvn-2qg3

vulnerability	VCID-rv81-jwkz-w7b5

vulnerability	VCID-sy5b-nfqk-6ucm

vulnerability	VCID-wka6-6yn3-ubb1

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libssh2@1.2.6-1%252Bdeb6u2

url pkg:deb/debian/libssh2@1.4.2-1.1%2Bdeb7u2

purl pkg:deb/debian/libssh2@1.4.2-1.1%2Bdeb7u2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-97nz-s1q6-x3fc

vulnerability	VCID-bcba-qntz-gkez

vulnerability	VCID-chdt-29cx-dyas

vulnerability	VCID-cmy6-8sjv-n3h1

vulnerability	VCID-f1me-9vqd-j7f6

vulnerability	VCID-grd5-zwxv-cqfw

vulnerability	VCID-gv2u-298u-jkcv

vulnerability	VCID-jp7j-dwbq-zkgk

vulnerability	VCID-k1js-k8q3-ekb2

vulnerability	VCID-mevw-g6yq-eqa8

vulnerability	VCID-qjzc-2hvn-2qg3

vulnerability	VCID-rv81-jwkz-w7b5

vulnerability	VCID-sy5b-nfqk-6ucm

vulnerability	VCID-wka6-6yn3-ubb1

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libssh2@1.4.2-1.1%252Bdeb7u2

url pkg:deb/debian/libssh2@1.4.3-4.1

purl pkg:deb/debian/libssh2@1.4.3-4.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-97nz-s1q6-x3fc

vulnerability	VCID-bcba-qntz-gkez

vulnerability	VCID-cmy6-8sjv-n3h1

vulnerability	VCID-f1me-9vqd-j7f6

vulnerability	VCID-grd5-zwxv-cqfw

vulnerability	VCID-gv2u-298u-jkcv

vulnerability	VCID-jp7j-dwbq-zkgk

vulnerability	VCID-k1js-k8q3-ekb2

vulnerability	VCID-mevw-g6yq-eqa8

vulnerability	VCID-qjzc-2hvn-2qg3

vulnerability	VCID-rv81-jwkz-w7b5

vulnerability	VCID-sy5b-nfqk-6ucm

vulnerability	VCID-wka6-6yn3-ubb1

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libssh2@1.4.3-4.1

url pkg:deb/debian/libssh2@1.4.3-4.1%2Bdeb8u1

purl pkg:deb/debian/libssh2@1.4.3-4.1%2Bdeb8u1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-97nz-s1q6-x3fc

vulnerability	VCID-bcba-qntz-gkez

vulnerability	VCID-cmy6-8sjv-n3h1

vulnerability	VCID-f1me-9vqd-j7f6

vulnerability	VCID-grd5-zwxv-cqfw

vulnerability	VCID-gv2u-298u-jkcv

vulnerability	VCID-jp7j-dwbq-zkgk

vulnerability	VCID-k1js-k8q3-ekb2

vulnerability	VCID-mevw-g6yq-eqa8

vulnerability	VCID-qjzc-2hvn-2qg3

vulnerability	VCID-rv81-jwkz-w7b5

vulnerability	VCID-sy5b-nfqk-6ucm

vulnerability	VCID-wka6-6yn3-ubb1

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libssh2@1.4.3-4.1%252Bdeb8u1

url pkg:nuget/libssh2-vc141_xp@1.6.0

purl pkg:nuget/libssh2-vc141_xp@1.6.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-cmy6-8sjv-n3h1

resource_url http://public2.vulnerablecode.io/packages/pkg:nuget/libssh2-vc141_xp@1.6.0

url pkg:rpm/redhat/libssh2@1.4.2-2.el6_7?arch=1

purl pkg:rpm/redhat/libssh2@1.4.2-2.el6_7?arch=1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-cmy6-8sjv-n3h1

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/libssh2@1.4.2-2.el6_7%3Farch=1

url pkg:rpm/redhat/libssh2@1.4.3-10.el7_2?arch=1

purl pkg:rpm/redhat/libssh2@1.4.3-10.el7_2?arch=1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-cmy6-8sjv-n3h1

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/libssh2@1.4.3-10.el7_2%3Farch=1

References

reference_url	http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177980.html
reference_id
reference_type
scores
url	http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177980.html

reference_url	http://lists.fedoraproject.org/pipermail/package-announce/2016-March/178573.html
reference_id
reference_type
scores
url	http://lists.fedoraproject.org/pipermail/package-announce/2016-March/178573.html

reference_url	http://lists.opensuse.org/opensuse-updates/2016-03/msg00008.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-updates/2016-03/msg00008.html

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-0787.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-0787.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2016-0787

reference_id

reference_type

scores

value	0.03147
scoring_system	epss
scoring_elements	0.86912
published_at	2026-04-21T12:55:00Z

value	0.03147
scoring_system	epss
scoring_elements	0.86907
published_at	2026-04-16T12:55:00Z

value	0.03147
scoring_system	epss
scoring_elements	0.86836
published_at	2026-04-01T12:55:00Z

value	0.03147
scoring_system	epss
scoring_elements	0.86846
published_at	2026-04-02T12:55:00Z

value	0.03147
scoring_system	epss
scoring_elements	0.86865
published_at	2026-04-04T12:55:00Z

value	0.03147
scoring_system	epss
scoring_elements	0.86859
published_at	2026-04-07T12:55:00Z

value	0.03147
scoring_system	epss
scoring_elements	0.86879
published_at	2026-04-08T12:55:00Z

value	0.03147
scoring_system	epss
scoring_elements	0.86887
published_at	2026-04-09T12:55:00Z

value	0.03147
scoring_system	epss
scoring_elements	0.869
published_at	2026-04-11T12:55:00Z

value	0.03147
scoring_system	epss
scoring_elements	0.86895
published_at	2026-04-12T12:55:00Z

value	0.03147
scoring_system	epss
scoring_elements	0.8689
published_at	2026-04-13T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2016-0787

reference_url	https://bto.bluecoat.com/security-advisory/sa120
reference_id
reference_type
scores
url	https://bto.bluecoat.com/security-advisory/sa120

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0787
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0787

reference_url	https://kc.mcafee.com/corporate/index?page=content&id=SB10156
reference_id
reference_type
scores
url	https://kc.mcafee.com/corporate/index?page=content&id=SB10156

reference_url	https://puppet.com/security/cve/CVE-2016-0787
reference_id
reference_type
scores
url	https://puppet.com/security/cve/CVE-2016-0787

reference_url	https://www.libssh2.org/adv_20160223.html
reference_id
reference_type
scores
url	https://www.libssh2.org/adv_20160223.html

reference_url	https://www.libssh2.org/CVE-2016-0787.patch
reference_id
reference_type
scores
url	https://www.libssh2.org/CVE-2016-0787.patch

reference_url	http://www.debian.org/security/2016/dsa-3487
reference_id
reference_type
scores
url	http://www.debian.org/security/2016/dsa-3487

reference_url	http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html
reference_id
reference_type
scores
url	http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html

reference_url	http://www.securityfocus.com/bid/82514
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/82514

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1306021
reference_id	1306021
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1306021

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=815662
reference_id	815662
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=815662

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:libssh2:libssh2::::::::
reference_id	cpe:2.3:a:libssh2:libssh2::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:libssh2:libssh2::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:22:::::::*
reference_id	cpe:2.3:o:fedoraproject:fedora:22:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:22:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:23:::::::*
reference_id	cpe:2.3:o:fedoraproject:fedora:23:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:23:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.2:::::::*
reference_id	cpe:2.3:o:opensuse:opensuse:13.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.2:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2016-0787

reference_id

CVE-2016-0787

reference_type

scores

value	4.3
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:P/I:N/A:N

value	5.9
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

url

https://nvd.nist.gov/vuln/detail/CVE-2016-0787

reference_url	https://security.gentoo.org/glsa/201606-12
reference_id	GLSA-201606-12
reference_type
scores
url	https://security.gentoo.org/glsa/201606-12

reference_url	https://access.redhat.com/errata/RHSA-2016:0428
reference_id	RHSA-2016:0428
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:0428

Weaknesses

cwe_id	1035
name	OWASP Top Ten 2017 Category A9 - Using Components with Known Vulnerabilities
description	Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2017.

cwe_id	200
name	Exposure of Sensitive Information to an Unauthorized Actor
description	The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.

cwe_id	937
name	OWASP Top Ten 2013 Category A9 - Using Components with Known Vulnerabilities
description	Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2013.

cwe_id	704
name	Incorrect Type Conversion or Cast
description	The product does not correctly convert an object, resource, or structure from one type to a different type.

Exploits

Severity_range_score 4.3 - 5.9

Exploitability 0.5

Weighted_severity 5.3

Risk_score 2.6

Resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-cmy6-8sjv-n3h1

Vulnerability Instance