Django REST framework
Api Root
Package List
Package Instance
Format
json
api
admin
Package Instance
Lookup for vulnerable packages by Package URL.
Purl
pkg:pypi/knowledge-repo@0.7.2
Type
pypi
Namespace
Name
knowledge-repo
Version
0.7.2
Qualifiers
Subpath
Is_vulnerable
true
Next_non_vulnerable_version
0.7.5
Latest_non_vulnerable_version
0.9.0
Affected_by_vulnerabilities
0
url
VCID-zu7d-9h7s-c7b6
vulnerability_id
VCID-zu7d-9h7s-c7b6
summary
Cross-site scripting (XSS) vulnerability in Airbnb Knowledge Repo 0.7.4 allows remote attackers to inject arbitrary web scripts or HTML via the post comments functionality, as demonstrated by the post/posts/new_report.kp URI.
references
0
reference_url
https://github.com/airbnb/knowledge-repo
reference_id
reference_type
scores
url
https://github.com/airbnb/knowledge-repo
1
reference_url
https://github.com/airbnb/knowledge-repo/commit/f026ad2afea14e0ffc91f1aa0eaedcdc72c63167
reference_id
reference_type
scores
url
https://github.com/airbnb/knowledge-repo/commit/f026ad2afea14e0ffc91f1aa0eaedcdc72c63167
2
reference_url
https://github.com/airbnb/knowledge-repo/issues/254
reference_id
reference_type
scores
url
https://github.com/airbnb/knowledge-repo/issues/254
3
reference_url
https://github.com/airbnb/knowledge-repo/issues/431
reference_id
reference_type
scores
url
https://github.com/airbnb/knowledge-repo/issues/431
4
reference_url
https://github.com/airbnb/knowledge-repo/pull/558
reference_id
reference_type
scores
url
https://github.com/airbnb/knowledge-repo/pull/558
5
reference_url
https://github.com/pypa/advisory-database/tree/main/vulns/knowledge-repo/PYSEC-2018-116.yaml
reference_id
reference_type
scores
url
https://github.com/pypa/advisory-database/tree/main/vulns/knowledge-repo/PYSEC-2018-116.yaml
6
reference_url
https://nvd.nist.gov/vuln/detail/CVE-2018-12104
reference_id
reference_type
scores
url
https://nvd.nist.gov/vuln/detail/CVE-2018-12104
7
reference_url
https://pypi.org/project/knowledge-repo
reference_id
reference_type
scores
url
https://pypi.org/project/knowledge-repo
8
reference_url
https://web.archive.org/web/20200227121013/http://www.securityfocus.com/bid/104487
reference_id
reference_type
scores
url
https://web.archive.org/web/20200227121013/http://www.securityfocus.com/bid/104487
9
reference_url
http://www.securityfocus.com/bid/104487
reference_id
reference_type
scores
url
http://www.securityfocus.com/bid/104487
10
reference_url
https://github.com/advisories/GHSA-xmw7-848p-p95w
reference_id
GHSA-xmw7-848p-p95w
reference_type
scores
url
https://github.com/advisories/GHSA-xmw7-848p-p95w
fixed_packages
0
url
pkg:pypi/knowledge-repo@0.7.5
purl
pkg:pypi/knowledge-repo@0.7.5
is_vulnerable
false
affected_by_vulnerabilities
resource_url
http://public2.vulnerablecode.io/packages/pkg:pypi/knowledge-repo@0.7.5
1
url
pkg:pypi/knowledge-repo@0.9.0
purl
pkg:pypi/knowledge-repo@0.9.0
is_vulnerable
false
affected_by_vulnerabilities
resource_url
http://public2.vulnerablecode.io/packages/pkg:pypi/knowledge-repo@0.9.0
aliases
CVE-2018-12104, GHSA-xmw7-848p-p95w, PYSEC-2018-116
risk_score
null
exploitability
null
weighted_severity
null
resource_url
http://public2.vulnerablecode.io/vulnerabilities/VCID-zu7d-9h7s-c7b6
Fixing_vulnerabilities
Risk_score
null
Resource_url
http://public2.vulnerablecode.io/packages/pkg:pypi/knowledge-repo@0.7.2
×
Create
None
×
Edit
None