Django REST framework

Lookup for vulnerable packages by Package URL.

Purl pkg:pypi/c2cciutils@1.1.66

Type pypi

Namespace

Name c2cciutils

Version 1.1.66

Qualifiers

Subpath

Is_vulnerable true

Next_non_vulnerable_version 1.1.67

Latest_non_vulnerable_version 1.1.67

Affected_by_vulnerabilities

url VCID-5etx-bxwu-1qc9

vulnerability_id VCID-5etx-bxwu-1qc9

summary

c2cciutils affected by CVE-2022-40896
Pinned vulnerable version of Pygment [CVE-2022-40896](https://nvd.nist.gov/vuln/detail/CVE-2022-40896)

references

reference_url

https://github.com/camptocamp/c2cciutils

reference_id

reference_type

scores

value	6.8
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/camptocamp/c2cciutils

reference_url

https://github.com/camptocamp/c2cciutils/commit/9d54eab73fcf24d492b339137040400da7ef4076

reference_id

reference_type

scores

value	6.8
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/camptocamp/c2cciutils/commit/9d54eab73fcf24d492b339137040400da7ef4076

reference_url

https://github.com/camptocamp/c2cciutils/security/advisories/GHSA-qc22-xmq4-qg46

reference_id

reference_type

scores

value	MODERATE
scoring_system	cvssv3.1_qr
scoring_elements

value	6.8
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/camptocamp/c2cciutils/security/advisories/GHSA-qc22-xmq4-qg46

reference_url

https://github.com/advisories/GHSA-mrwq-x4v8-fh7p

reference_id

GHSA-mrwq-x4v8-fh7p

reference_type

scores

value	6.8
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/advisories/GHSA-mrwq-x4v8-fh7p

reference_url

https://github.com/advisories/GHSA-qc22-xmq4-qg46

reference_id

GHSA-qc22-xmq4-qg46

reference_type

scores

value	MODERATE
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-qc22-xmq4-qg46

fixed_packages

url	pkg:pypi/c2cciutils@1.1.67
purl	pkg:pypi/c2cciutils@1.1.67
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:pypi/c2cciutils@1.1.67

aliases GHSA-qc22-xmq4-qg46

risk_score 3.1

exploitability 0.5

weighted_severity 6.2

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-5etx-bxwu-1qc9

Fixing_vulnerabilities

url VCID-sgms-jqun-rkcr

vulnerability_id VCID-sgms-jqun-rkcr

summary

C2C CI utils is vulnerable to DoS via pyasn dependency (CVE-2026-30922)
Pin vulnerable version of pyasn, see: See: https://github.com/advisories/GHSA-jr27-m4p2-rc6r

references

reference_url

https://github.com/camptocamp/c2cciutils

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/camptocamp/c2cciutils

reference_url

https://github.com/camptocamp/c2cciutils/commit/1ab415014817d7d1cf09ad56cc8a7dec2a1108d8

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/camptocamp/c2cciutils/commit/1ab415014817d7d1cf09ad56cc8a7dec2a1108d8

reference_url

https://github.com/camptocamp/c2cciutils/security/advisories/GHSA-wcjx-v2wj-xg87

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	cvssv3.1_qr
scoring_elements

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/camptocamp/c2cciutils/security/advisories/GHSA-wcjx-v2wj-xg87

reference_url

https://github.com/advisories/GHSA-wcjx-v2wj-xg87

reference_id

GHSA-wcjx-v2wj-xg87

reference_type

scores

value	HIGH
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-wcjx-v2wj-xg87

fixed_packages

url pkg:pypi/c2cciutils@1.1.66

purl pkg:pypi/c2cciutils@1.1.66

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5etx-bxwu-1qc9

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/c2cciutils@1.1.66

aliases GHSA-wcjx-v2wj-xg87

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-sgms-jqun-rkcr

Risk_score 3.1

Resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/c2cciutils@1.1.66

Package Instance