Django REST framework

Vulnerability Instance

Lookup for vulnerabilities affecting packages.

Vulnerability_idVCID-hvuh-numa-73am
Summary
Authentication Bypass by Spoofing
Github Electron is vulnerable to a URL Spoofing problem when opening PDFs in PDFium resulting loading arbitrary PDFs that a hacker can control.
Aliases
0
alias CVE-2017-1000424
1
alias GHSA-6h98-cf9g-vmg2
Fixed_packages
0
url pkg:npm/electron@1.6.12
purl pkg:npm/electron@1.6.12
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1x44-uf31-1ydv
1
vulnerability VCID-7eu1-94qk-nuar
2
vulnerability VCID-a795-r67e-p3ck
3
vulnerability VCID-a84t-cjcb-tqcw
4
vulnerability VCID-f81v-9fv8-93cd
5
vulnerability VCID-fahk-eg3e-x7cu
6
vulnerability VCID-j7d6-zp3s-67fq
7
vulnerability VCID-mhk8-b26h-wqhy
8
vulnerability VCID-nx5d-r4jc-77df
9
vulnerability VCID-p167-yf3n-6qd5
10
vulnerability VCID-q288-pvgc-vkaa
11
vulnerability VCID-qd52-rbd7-qkbn
12
vulnerability VCID-uzwh-4kbj-9kc8
13
vulnerability VCID-w7f7-5frp-n3br
14
vulnerability VCID-xys1-xe1s-jqha
15
vulnerability VCID-ycrz-abm9-hbat
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/electron@1.6.12
1
url pkg:npm/electron@1.7.6
purl pkg:npm/electron@1.7.6
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1x44-uf31-1ydv
1
vulnerability VCID-4s78-xt9y-1kew
2
vulnerability VCID-7eu1-94qk-nuar
3
vulnerability VCID-a795-r67e-p3ck
4
vulnerability VCID-a84t-cjcb-tqcw
5
vulnerability VCID-f81v-9fv8-93cd
6
vulnerability VCID-fahk-eg3e-x7cu
7
vulnerability VCID-j7d6-zp3s-67fq
8
vulnerability VCID-mhk8-b26h-wqhy
9
vulnerability VCID-nx5d-r4jc-77df
10
vulnerability VCID-p167-yf3n-6qd5
11
vulnerability VCID-q288-pvgc-vkaa
12
vulnerability VCID-qd52-rbd7-qkbn
13
vulnerability VCID-uzwh-4kbj-9kc8
14
vulnerability VCID-w7f7-5frp-n3br
15
vulnerability VCID-xys1-xe1s-jqha
16
vulnerability VCID-ycrz-abm9-hbat
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/electron@1.7.6
Affected_packages
0
url pkg:npm/electron@1.6.4
purl pkg:npm/electron@1.6.4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1x44-uf31-1ydv
1
vulnerability VCID-7eu1-94qk-nuar
2
vulnerability VCID-a795-r67e-p3ck
3
vulnerability VCID-a84t-cjcb-tqcw
4
vulnerability VCID-dwqm-hym4-xqa9
5
vulnerability VCID-f81v-9fv8-93cd
6
vulnerability VCID-fahk-eg3e-x7cu
7
vulnerability VCID-hvuh-numa-73am
8
vulnerability VCID-j7d6-zp3s-67fq
9
vulnerability VCID-mhk8-b26h-wqhy
10
vulnerability VCID-nx5d-r4jc-77df
11
vulnerability VCID-p167-yf3n-6qd5
12
vulnerability VCID-q288-pvgc-vkaa
13
vulnerability VCID-qd52-rbd7-qkbn
14
vulnerability VCID-uzwh-4kbj-9kc8
15
vulnerability VCID-w7f7-5frp-n3br
16
vulnerability VCID-xys1-xe1s-jqha
17
vulnerability VCID-ycrz-abm9-hbat
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/electron@1.6.4
1
url pkg:npm/electron@1.6.5
purl pkg:npm/electron@1.6.5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1x44-uf31-1ydv
1
vulnerability VCID-7eu1-94qk-nuar
2
vulnerability VCID-a795-r67e-p3ck
3
vulnerability VCID-a84t-cjcb-tqcw
4
vulnerability VCID-dwqm-hym4-xqa9
5
vulnerability VCID-f81v-9fv8-93cd
6
vulnerability VCID-fahk-eg3e-x7cu
7
vulnerability VCID-hvuh-numa-73am
8
vulnerability VCID-j7d6-zp3s-67fq
9
vulnerability VCID-mhk8-b26h-wqhy
10
vulnerability VCID-nx5d-r4jc-77df
11
vulnerability VCID-p167-yf3n-6qd5
12
vulnerability VCID-q288-pvgc-vkaa
13
vulnerability VCID-qd52-rbd7-qkbn
14
vulnerability VCID-uzwh-4kbj-9kc8
15
vulnerability VCID-w7f7-5frp-n3br
16
vulnerability VCID-xys1-xe1s-jqha
17
vulnerability VCID-ycrz-abm9-hbat
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/electron@1.6.5
2
url pkg:npm/electron@1.6.6
purl pkg:npm/electron@1.6.6
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1x44-uf31-1ydv
1
vulnerability VCID-7eu1-94qk-nuar
2
vulnerability VCID-a795-r67e-p3ck
3
vulnerability VCID-a84t-cjcb-tqcw
4
vulnerability VCID-dwqm-hym4-xqa9
5
vulnerability VCID-f81v-9fv8-93cd
6
vulnerability VCID-fahk-eg3e-x7cu
7
vulnerability VCID-hvuh-numa-73am
8
vulnerability VCID-j7d6-zp3s-67fq
9
vulnerability VCID-mhk8-b26h-wqhy
10
vulnerability VCID-nx5d-r4jc-77df
11
vulnerability VCID-p167-yf3n-6qd5
12
vulnerability VCID-q288-pvgc-vkaa
13
vulnerability VCID-qd52-rbd7-qkbn
14
vulnerability VCID-uzwh-4kbj-9kc8
15
vulnerability VCID-w7f7-5frp-n3br
16
vulnerability VCID-xys1-xe1s-jqha
17
vulnerability VCID-ycrz-abm9-hbat
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/electron@1.6.6
3
url pkg:npm/electron@1.6.7
purl pkg:npm/electron@1.6.7
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1x44-uf31-1ydv
1
vulnerability VCID-7eu1-94qk-nuar
2
vulnerability VCID-a795-r67e-p3ck
3
vulnerability VCID-a84t-cjcb-tqcw
4
vulnerability VCID-dwqm-hym4-xqa9
5
vulnerability VCID-f81v-9fv8-93cd
6
vulnerability VCID-fahk-eg3e-x7cu
7
vulnerability VCID-hvuh-numa-73am
8
vulnerability VCID-j7d6-zp3s-67fq
9
vulnerability VCID-mhk8-b26h-wqhy
10
vulnerability VCID-nx5d-r4jc-77df
11
vulnerability VCID-p167-yf3n-6qd5
12
vulnerability VCID-q288-pvgc-vkaa
13
vulnerability VCID-qd52-rbd7-qkbn
14
vulnerability VCID-uzwh-4kbj-9kc8
15
vulnerability VCID-w7f7-5frp-n3br
16
vulnerability VCID-xys1-xe1s-jqha
17
vulnerability VCID-ycrz-abm9-hbat
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/electron@1.6.7
4
url pkg:npm/electron@1.6.8
purl pkg:npm/electron@1.6.8
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1x44-uf31-1ydv
1
vulnerability VCID-7eu1-94qk-nuar
2
vulnerability VCID-a795-r67e-p3ck
3
vulnerability VCID-a84t-cjcb-tqcw
4
vulnerability VCID-f81v-9fv8-93cd
5
vulnerability VCID-fahk-eg3e-x7cu
6
vulnerability VCID-hvuh-numa-73am
7
vulnerability VCID-j7d6-zp3s-67fq
8
vulnerability VCID-mhk8-b26h-wqhy
9
vulnerability VCID-nx5d-r4jc-77df
10
vulnerability VCID-p167-yf3n-6qd5
11
vulnerability VCID-q288-pvgc-vkaa
12
vulnerability VCID-qd52-rbd7-qkbn
13
vulnerability VCID-uzwh-4kbj-9kc8
14
vulnerability VCID-w7f7-5frp-n3br
15
vulnerability VCID-xys1-xe1s-jqha
16
vulnerability VCID-ycrz-abm9-hbat
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/electron@1.6.8
5
url pkg:npm/electron@1.6.9
purl pkg:npm/electron@1.6.9
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1x44-uf31-1ydv
1
vulnerability VCID-7eu1-94qk-nuar
2
vulnerability VCID-a795-r67e-p3ck
3
vulnerability VCID-a84t-cjcb-tqcw
4
vulnerability VCID-f81v-9fv8-93cd
5
vulnerability VCID-fahk-eg3e-x7cu
6
vulnerability VCID-hvuh-numa-73am
7
vulnerability VCID-j7d6-zp3s-67fq
8
vulnerability VCID-mhk8-b26h-wqhy
9
vulnerability VCID-nx5d-r4jc-77df
10
vulnerability VCID-p167-yf3n-6qd5
11
vulnerability VCID-q288-pvgc-vkaa
12
vulnerability VCID-qd52-rbd7-qkbn
13
vulnerability VCID-uzwh-4kbj-9kc8
14
vulnerability VCID-w7f7-5frp-n3br
15
vulnerability VCID-xys1-xe1s-jqha
16
vulnerability VCID-ycrz-abm9-hbat
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/electron@1.6.9
6
url pkg:npm/electron@1.6.10
purl pkg:npm/electron@1.6.10
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1x44-uf31-1ydv
1
vulnerability VCID-7eu1-94qk-nuar
2
vulnerability VCID-a795-r67e-p3ck
3
vulnerability VCID-a84t-cjcb-tqcw
4
vulnerability VCID-f81v-9fv8-93cd
5
vulnerability VCID-fahk-eg3e-x7cu
6
vulnerability VCID-hvuh-numa-73am
7
vulnerability VCID-j7d6-zp3s-67fq
8
vulnerability VCID-mhk8-b26h-wqhy
9
vulnerability VCID-nx5d-r4jc-77df
10
vulnerability VCID-p167-yf3n-6qd5
11
vulnerability VCID-q288-pvgc-vkaa
12
vulnerability VCID-qd52-rbd7-qkbn
13
vulnerability VCID-uzwh-4kbj-9kc8
14
vulnerability VCID-w7f7-5frp-n3br
15
vulnerability VCID-xys1-xe1s-jqha
16
vulnerability VCID-ycrz-abm9-hbat
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/electron@1.6.10
7
url pkg:npm/electron@1.6.11
purl pkg:npm/electron@1.6.11
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1x44-uf31-1ydv
1
vulnerability VCID-7eu1-94qk-nuar
2
vulnerability VCID-a795-r67e-p3ck
3
vulnerability VCID-a84t-cjcb-tqcw
4
vulnerability VCID-f81v-9fv8-93cd
5
vulnerability VCID-fahk-eg3e-x7cu
6
vulnerability VCID-hvuh-numa-73am
7
vulnerability VCID-j7d6-zp3s-67fq
8
vulnerability VCID-mhk8-b26h-wqhy
9
vulnerability VCID-nx5d-r4jc-77df
10
vulnerability VCID-p167-yf3n-6qd5
11
vulnerability VCID-q288-pvgc-vkaa
12
vulnerability VCID-qd52-rbd7-qkbn
13
vulnerability VCID-uzwh-4kbj-9kc8
14
vulnerability VCID-w7f7-5frp-n3br
15
vulnerability VCID-xys1-xe1s-jqha
16
vulnerability VCID-ycrz-abm9-hbat
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/electron@1.6.11
8
url pkg:npm/electron@1.7.0
purl pkg:npm/electron@1.7.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1x44-uf31-1ydv
1
vulnerability VCID-4s78-xt9y-1kew
2
vulnerability VCID-7eu1-94qk-nuar
3
vulnerability VCID-a795-r67e-p3ck
4
vulnerability VCID-a84t-cjcb-tqcw
5
vulnerability VCID-bxwq-t8nc-m7gu
6
vulnerability VCID-f81v-9fv8-93cd
7
vulnerability VCID-fahk-eg3e-x7cu
8
vulnerability VCID-hvuh-numa-73am
9
vulnerability VCID-j7d6-zp3s-67fq
10
vulnerability VCID-mhk8-b26h-wqhy
11
vulnerability VCID-nx5d-r4jc-77df
12
vulnerability VCID-p167-yf3n-6qd5
13
vulnerability VCID-q288-pvgc-vkaa
14
vulnerability VCID-qd52-rbd7-qkbn
15
vulnerability VCID-uzwh-4kbj-9kc8
16
vulnerability VCID-w7f7-5frp-n3br
17
vulnerability VCID-xys1-xe1s-jqha
18
vulnerability VCID-ycrz-abm9-hbat
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/electron@1.7.0
9
url pkg:npm/electron@1.7.1
purl pkg:npm/electron@1.7.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1x44-uf31-1ydv
1
vulnerability VCID-4s78-xt9y-1kew
2
vulnerability VCID-7eu1-94qk-nuar
3
vulnerability VCID-a795-r67e-p3ck
4
vulnerability VCID-a84t-cjcb-tqcw
5
vulnerability VCID-f81v-9fv8-93cd
6
vulnerability VCID-fahk-eg3e-x7cu
7
vulnerability VCID-hvuh-numa-73am
8
vulnerability VCID-j7d6-zp3s-67fq
9
vulnerability VCID-mhk8-b26h-wqhy
10
vulnerability VCID-nx5d-r4jc-77df
11
vulnerability VCID-p167-yf3n-6qd5
12
vulnerability VCID-q288-pvgc-vkaa
13
vulnerability VCID-qd52-rbd7-qkbn
14
vulnerability VCID-uzwh-4kbj-9kc8
15
vulnerability VCID-w7f7-5frp-n3br
16
vulnerability VCID-xys1-xe1s-jqha
17
vulnerability VCID-ycrz-abm9-hbat
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/electron@1.7.1
10
url pkg:npm/electron@1.7.2
purl pkg:npm/electron@1.7.2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1x44-uf31-1ydv
1
vulnerability VCID-4s78-xt9y-1kew
2
vulnerability VCID-7eu1-94qk-nuar
3
vulnerability VCID-a795-r67e-p3ck
4
vulnerability VCID-a84t-cjcb-tqcw
5
vulnerability VCID-f81v-9fv8-93cd
6
vulnerability VCID-fahk-eg3e-x7cu
7
vulnerability VCID-hvuh-numa-73am
8
vulnerability VCID-j7d6-zp3s-67fq
9
vulnerability VCID-mhk8-b26h-wqhy
10
vulnerability VCID-nx5d-r4jc-77df
11
vulnerability VCID-p167-yf3n-6qd5
12
vulnerability VCID-q288-pvgc-vkaa
13
vulnerability VCID-qd52-rbd7-qkbn
14
vulnerability VCID-uzwh-4kbj-9kc8
15
vulnerability VCID-w7f7-5frp-n3br
16
vulnerability VCID-xys1-xe1s-jqha
17
vulnerability VCID-ycrz-abm9-hbat
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/electron@1.7.2
11
url pkg:npm/electron@1.7.3
purl pkg:npm/electron@1.7.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1x44-uf31-1ydv
1
vulnerability VCID-4s78-xt9y-1kew
2
vulnerability VCID-7eu1-94qk-nuar
3
vulnerability VCID-a795-r67e-p3ck
4
vulnerability VCID-a84t-cjcb-tqcw
5
vulnerability VCID-f81v-9fv8-93cd
6
vulnerability VCID-fahk-eg3e-x7cu
7
vulnerability VCID-hvuh-numa-73am
8
vulnerability VCID-j7d6-zp3s-67fq
9
vulnerability VCID-mhk8-b26h-wqhy
10
vulnerability VCID-nx5d-r4jc-77df
11
vulnerability VCID-p167-yf3n-6qd5
12
vulnerability VCID-q288-pvgc-vkaa
13
vulnerability VCID-qd52-rbd7-qkbn
14
vulnerability VCID-uzwh-4kbj-9kc8
15
vulnerability VCID-w7f7-5frp-n3br
16
vulnerability VCID-xys1-xe1s-jqha
17
vulnerability VCID-ycrz-abm9-hbat
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/electron@1.7.3
12
url pkg:npm/electron@1.7.4
purl pkg:npm/electron@1.7.4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1x44-uf31-1ydv
1
vulnerability VCID-4s78-xt9y-1kew
2
vulnerability VCID-7eu1-94qk-nuar
3
vulnerability VCID-a795-r67e-p3ck
4
vulnerability VCID-a84t-cjcb-tqcw
5
vulnerability VCID-f81v-9fv8-93cd
6
vulnerability VCID-fahk-eg3e-x7cu
7
vulnerability VCID-hvuh-numa-73am
8
vulnerability VCID-j7d6-zp3s-67fq
9
vulnerability VCID-mhk8-b26h-wqhy
10
vulnerability VCID-nx5d-r4jc-77df
11
vulnerability VCID-p167-yf3n-6qd5
12
vulnerability VCID-q288-pvgc-vkaa
13
vulnerability VCID-qd52-rbd7-qkbn
14
vulnerability VCID-uzwh-4kbj-9kc8
15
vulnerability VCID-w7f7-5frp-n3br
16
vulnerability VCID-xys1-xe1s-jqha
17
vulnerability VCID-ycrz-abm9-hbat
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/electron@1.7.4
13
url pkg:npm/electron@1.7.5
purl pkg:npm/electron@1.7.5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1x44-uf31-1ydv
1
vulnerability VCID-4s78-xt9y-1kew
2
vulnerability VCID-7eu1-94qk-nuar
3
vulnerability VCID-a795-r67e-p3ck
4
vulnerability VCID-a84t-cjcb-tqcw
5
vulnerability VCID-f81v-9fv8-93cd
6
vulnerability VCID-fahk-eg3e-x7cu
7
vulnerability VCID-hvuh-numa-73am
8
vulnerability VCID-j7d6-zp3s-67fq
9
vulnerability VCID-mhk8-b26h-wqhy
10
vulnerability VCID-nx5d-r4jc-77df
11
vulnerability VCID-p167-yf3n-6qd5
12
vulnerability VCID-q288-pvgc-vkaa
13
vulnerability VCID-qd52-rbd7-qkbn
14
vulnerability VCID-uzwh-4kbj-9kc8
15
vulnerability VCID-w7f7-5frp-n3br
16
vulnerability VCID-xys1-xe1s-jqha
17
vulnerability VCID-ycrz-abm9-hbat
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/electron@1.7.5
References
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2017-1000424
reference_id
reference_type
scores
0
value 0.00273
scoring_system epss
scoring_elements 0.5073
published_at 2026-04-04T12:55:00Z
1
value 0.00273
scoring_system epss
scoring_elements 0.50766
published_at 2026-04-21T12:55:00Z
2
value 0.00273
scoring_system epss
scoring_elements 0.50786
published_at 2026-04-18T12:55:00Z
3
value 0.00273
scoring_system epss
scoring_elements 0.50781
published_at 2026-04-16T12:55:00Z
4
value 0.00273
scoring_system epss
scoring_elements 0.50756
published_at 2026-04-12T12:55:00Z
5
value 0.00273
scoring_system epss
scoring_elements 0.5078
published_at 2026-04-11T12:55:00Z
6
value 0.00273
scoring_system epss
scoring_elements 0.50738
published_at 2026-04-09T12:55:00Z
7
value 0.00273
scoring_system epss
scoring_elements 0.5065
published_at 2026-04-01T12:55:00Z
8
value 0.00273
scoring_system epss
scoring_elements 0.50704
published_at 2026-04-02T12:55:00Z
9
value 0.00273
scoring_system epss
scoring_elements 0.50741
published_at 2026-04-13T12:55:00Z
10
value 0.00273
scoring_system epss
scoring_elements 0.50686
published_at 2026-04-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2017-1000424
1
reference_url https://github.com/electron/electron
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/electron/electron
2
reference_url https://github.com/electron/electron/pull/10008
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/electron/electron/pull/10008
3
reference_url https://github.com/electron/electron/pull/10008/files
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/electron/electron/pull/10008/files
4
reference_url https://github.com/electron/electron/releases/tag/v1.7.6
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/electron/electron/releases/tag/v1.7.6
5
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:atom:electron:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:atom:electron:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:atom:electron:*:*:*:*:*:*:*:*
6
reference_url https://nvd.nist.gov/vuln/detail/CVE-2017-1000424
reference_id CVE-2017-1000424
reference_type
scores
0
value 4.3
scoring_system cvssv2
scoring_elements AV:N/AC:M/Au:N/C:N/I:P/A:N
1
value 4.3
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
2
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
3
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2017-1000424
7
reference_url https://github.com/advisories/GHSA-6h98-cf9g-vmg2
reference_id GHSA-6h98-cf9g-vmg2
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-6h98-cf9g-vmg2
Weaknesses
0
cwe_id 1035
name OWASP Top Ten 2017 Category A9 - Using Components with Known Vulnerabilities
description Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2017.
1
cwe_id 937
name OWASP Top Ten 2013 Category A9 - Using Components with Known Vulnerabilities
description Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2013.
2
cwe_id 290
name Authentication Bypass by Spoofing
description This attack-focused weakness is caused by incorrectly implemented authentication schemes that are subject to spoofing attacks.
3
cwe_id 345
name Insufficient Verification of Data Authenticity
description The product does not sufficiently verify the origin or authenticity of data, in a way that causes it to accept invalid data.
Exploits
Severity_range_score4.0 - 6.9
Exploitability0.5
Weighted_severity6.2
Risk_score3.1
Resource_urlhttp://public2.vulnerablecode.io/vulnerabilities/VCID-hvuh-numa-73am