Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:pypi/lief@0.11.5
Typepypi
Namespace
Namelief
Version0.11.5
Qualifiers
Subpath
Is_vulnerabletrue
Next_non_vulnerable_version0.12.3
Latest_non_vulnerable_version0.17.2
Affected_by_vulnerabilities
0
url VCID-7ks5-ajmj-uqaw
vulnerability_id VCID-7ks5-ajmj-uqaw
summary LIEF commit 365a16a was discovered to contain a reachable assertion abort via the component BinaryStream.hpp.
references
0
reference_url https://github.com/lief-project/LIEF/issues/765
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
url https://github.com/lief-project/LIEF/issues/765
fixed_packages
0
url pkg:pypi/lief@0.12.2
purl pkg:pypi/lief@0.12.2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-bgtn-xx89-1fdk
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/lief@0.12.2
aliases CVE-2022-38496, PYSEC-2022-43137
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-7ks5-ajmj-uqaw
1
url VCID-b25d-2z1r-53eb
vulnerability_id VCID-b25d-2z1r-53eb
summary LIEF commit 5d1d643 was discovered to contain a segmentation violation via the function LIEF::MachO::SegmentCommand::file_offset() at /MachO/SegmentCommand.cpp.
references
0
reference_url https://github.com/lief-project/LIEF/issues/764
reference_id
reference_type
scores
url https://github.com/lief-project/LIEF/issues/764
fixed_packages
0
url pkg:pypi/lief@0.12.1
purl pkg:pypi/lief@0.12.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-7ks5-ajmj-uqaw
1
vulnerability VCID-bgtn-xx89-1fdk
2
vulnerability VCID-yyzu-cawb-aqh4
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/lief@0.12.1
aliases CVE-2022-38307, PYSEC-2022-275
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-b25d-2z1r-53eb
2
url VCID-bgtn-xx89-1fdk
vulnerability_id VCID-bgtn-xx89-1fdk
summary A heap buffer overflow in the LIEF::MachO::BinaryParser::parse_dyldinfo_generic_bind function of LIEF v0.12.1 allows attackers to cause a Denial of Service (DoS) via a crafted MachO file.
references
0
reference_url https://github.com/lief-project/LIEF/issues/782
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
url https://github.com/lief-project/LIEF/issues/782
fixed_packages
0
url pkg:pypi/lief@0.12.3
purl pkg:pypi/lief@0.12.3
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/lief@0.12.3
aliases CVE-2022-43171, GHSA-jvp9-phwp-p738, PYSEC-2022-43140
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-bgtn-xx89-1fdk
3
url VCID-h9u8-1y87-nqde
vulnerability_id VCID-h9u8-1y87-nqde
summary LIEF commit 365a16a was discovered to contain a segmentation violation via the component CoreFile.tcc:69.
references
0
reference_url https://github.com/lief-project/LIEF/issues/766
reference_id
reference_type
scores
url https://github.com/lief-project/LIEF/issues/766
fixed_packages
0
url pkg:pypi/lief@0.12.1
purl pkg:pypi/lief@0.12.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-7ks5-ajmj-uqaw
1
vulnerability VCID-bgtn-xx89-1fdk
2
vulnerability VCID-yyzu-cawb-aqh4
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/lief@0.12.1
aliases CVE-2022-38497, PYSEC-2022-277
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-h9u8-1y87-nqde
4
url VCID-sx9k-k6gj-xycu
vulnerability_id VCID-sx9k-k6gj-xycu
summary LIEF commit 5d1d643 was discovered to contain a heap-buffer overflow in the component /core/CorePrPsInfo.tcc.
references
0
reference_url https://github.com/lief-project/LIEF/issues/763
reference_id
reference_type
scores
url https://github.com/lief-project/LIEF/issues/763
fixed_packages
0
url pkg:pypi/lief@0.12.1
purl pkg:pypi/lief@0.12.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-7ks5-ajmj-uqaw
1
vulnerability VCID-bgtn-xx89-1fdk
2
vulnerability VCID-yyzu-cawb-aqh4
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/lief@0.12.1
aliases CVE-2022-38306, PYSEC-2022-274
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-sx9k-k6gj-xycu
5
url VCID-yyzu-cawb-aqh4
vulnerability_id VCID-yyzu-cawb-aqh4
summary A vulnerability in the LIEF::MachO::BinaryParser::init_and_parse function of LIEF v0.12.1 allows attackers to cause a denial of service (DOS) through a segmentation fault via a crafted MachO file.
references
0
reference_url https://github.com/lief-project/LIEF/issues/781
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
url https://github.com/lief-project/LIEF/issues/781
fixed_packages
0
url pkg:pypi/lief@0.12.2
purl pkg:pypi/lief@0.12.2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-bgtn-xx89-1fdk
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/lief@0.12.2
aliases CVE-2022-40922, GHSA-38hf-c37x-32hv, PYSEC-2022-43138
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-yyzu-cawb-aqh4
6
url VCID-z6tk-ymuh-8be3
vulnerability_id VCID-z6tk-ymuh-8be3
summary LIEF commit 365a16a was discovered to contain a heap-buffer overflow via the function print_binary at /c/macho_reader.c.
references
0
reference_url https://github.com/lief-project/LIEF/issues/767
reference_id
reference_type
scores
url https://github.com/lief-project/LIEF/issues/767
fixed_packages
0
url pkg:pypi/lief@0.12.1
purl pkg:pypi/lief@0.12.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-7ks5-ajmj-uqaw
1
vulnerability VCID-bgtn-xx89-1fdk
2
vulnerability VCID-yyzu-cawb-aqh4
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/lief@0.12.1
aliases CVE-2022-38495, PYSEC-2022-276
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-z6tk-ymuh-8be3
Fixing_vulnerabilities
0
url VCID-n137-244u-suab
vulnerability_id VCID-n137-244u-suab
summary An issue was discovered in LIEF through 0.11.4. A heap-buffer-overflow exists in the function main located in pe_reader.c. It allows an attacker to cause code Execution.
references
0
reference_url https://github.com/lief-project/LIEF/issues/449
reference_id
reference_type
scores
url https://github.com/lief-project/LIEF/issues/449
1
reference_url https://nvd.nist.gov/vuln/detail/CVE-2021-32297
reference_id CVE-2021-32297
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2021-32297
fixed_packages
0
url pkg:pypi/lief@0.11.5
purl pkg:pypi/lief@0.11.5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-7ks5-ajmj-uqaw
1
vulnerability VCID-b25d-2z1r-53eb
2
vulnerability VCID-bgtn-xx89-1fdk
3
vulnerability VCID-h9u8-1y87-nqde
4
vulnerability VCID-sx9k-k6gj-xycu
5
vulnerability VCID-yyzu-cawb-aqh4
6
vulnerability VCID-z6tk-ymuh-8be3
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/lief@0.11.5
aliases CVE-2021-32297, PYSEC-2021-324
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-n137-244u-suab
Risk_scorenull
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:pypi/lief@0.11.5