VulnerableCode Package Details - pkg:pypi/sickrage@9.2.22

Search for packages

Vulnerability	Summary	Fixed by
VCID-9ecn-dwux-93b8 Aliases: CVE-2021-25925 GHSA-rmp7-f2vp-3rq4 PYSEC-2021-147	in SiCKRAGE, versions 4.2.0 to 10.0.11.dev1 are vulnerable to Stored Cross-Site-Scripting (XSS) due to user input not being validated properly when processed by the server. Therefore, an attacker can inject arbitrary JavaScript code inside the application, and possibly steal a user’s sensitive information.	10.0.11.dev2 Affected by 3 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} 10.0.12.dev1 Affected by 1 other vulnerability. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }}
VCID-gfj2-4f46-9qft Aliases: CVE-2018-9160 GHSA-jrcv-3c5h-rh3q PYSEC-2018-101	SickRage before v2018.03.09-1 includes cleartext credentials in HTTP responses.	9.3.2 Affected by 2 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} 2018.3.9.post1 Affected by 0 other vulnerabilities.

Vulnerability

Summary

Fixed by

VCID-9ecn-dwux-93b8
Aliases:
CVE-2021-25925
GHSA-rmp7-f2vp-3rq4
PYSEC-2021-147

in SiCKRAGE, versions 4.2.0 to 10.0.11.dev1 are vulnerable to Stored Cross-Site-Scripting (XSS) due to user input not being validated properly when processed by the server. Therefore, an attacker can inject arbitrary JavaScript code inside the application, and possibly steal a user’s sensitive information.

10.0.11.dev2
Affected by 3 other vulnerabilities.

10.0.12.dev1
Affected by 1 other vulnerability.

VCID-gfj2-4f46-9qft
Aliases:
CVE-2018-9160
GHSA-jrcv-3c5h-rh3q
PYSEC-2018-101

SickRage before v2018.03.09-1 includes cleartext credentials in HTTP responses.

9.3.2
Affected by 2 other vulnerabilities.

2018.3.9.post1
Affected by 0 other vulnerabilities.

Vulnerability	Summary	Aliases
This package is not known to fix vulnerabilities.

Vulnerability

Summary

Aliases

This package is not known to fix vulnerabilities.

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-06-01T06:41:03.179106+00:00	GitLab Importer	Affected by	VCID-gfj2-4f46-9qft	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/sickrage/CVE-2018-9160.yml	38.6.0
2026-06-01T06:06:37.388448+00:00	GitLab Importer	Affected by	VCID-9ecn-dwux-93b8	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/sickrage/CVE-2021-25925.yml	38.6.0
2026-05-31T09:39:57.099632+00:00	PyPI Importer	Affected by	VCID-9ecn-dwux-93b8	https://osv-vulnerabilities.storage.googleapis.com/PyPI/all.zip	38.6.0
2026-05-31T09:37:11.761801+00:00	PyPI Importer	Affected by	VCID-gfj2-4f46-9qft	https://osv-vulnerabilities.storage.googleapis.com/PyPI/all.zip	38.6.0
2026-05-30T20:22:31.547710+00:00	Pypa Importer	Affected by	VCID-9ecn-dwux-93b8	https://github.com/pypa/advisory-database/blob/main/vulns/sickrage/PYSEC-2021-147.yaml	38.6.0
2026-05-30T20:17:42.141315+00:00	Pypa Importer	Affected by	VCID-gfj2-4f46-9qft	https://github.com/pypa/advisory-database/blob/main/vulns/sickrage/PYSEC-2018-101.yaml	38.6.0