Django REST framework

Lookup for vulnerable packages by Package URL.

Purl pkg:pypi/consoleme@1.1.3.dev8

Type pypi

Namespace

Name consoleme

Version 1.1.3.dev8

Qualifiers

Subpath

Is_vulnerable true

Next_non_vulnerable_version 1.2.2

Latest_non_vulnerable_version 1.2.2

Affected_by_vulnerabilities

url VCID-fz1e-bxja-6ben

vulnerability_id VCID-fz1e-bxja-6ben

summary A Python format string issue leading to information disclosure and potentially remote code execution in ConsoleMe for all versions prior to 1.2.2

references

reference_url	https://github.com/advisories/GHSA-74w3-2r77-fw5h
reference_id
reference_type
scores
url	https://github.com/advisories/GHSA-74w3-2r77-fw5h

reference_url	https://github.com/Netflix/security-bulletins/blob/master/advisories/nflx-2022-001.md
reference_id
reference_type
scores
url	https://github.com/Netflix/security-bulletins/blob/master/advisories/nflx-2022-001.md

reference_url	https://nvd.nist.gov/vuln/detail/CVE-2022-27177
reference_id	CVE-2022-27177
reference_type
scores
url	https://nvd.nist.gov/vuln/detail/CVE-2022-27177

fixed_packages

url	pkg:pypi/consoleme@1.2.2
purl	pkg:pypi/consoleme@1.2.2
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:pypi/consoleme@1.2.2

aliases CVE-2022-27177, GHSA-74w3-2r77-fw5h, PYSEC-2022-189

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-fz1e-bxja-6ben

Fixing_vulnerabilities

Risk_score null

Resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/consoleme@1.1.3.dev8

Package Instance