Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:pypi/geonode@2.0b4
Typepypi
Namespace
Namegeonode
Version2.0b4
Qualifiers
Subpath
Is_vulnerabletrue
Next_non_vulnerable_version4.4.5
Latest_non_vulnerable_version5.0.2
Affected_by_vulnerabilities
0
url VCID-kvfp-4b99-7ufe
vulnerability_id VCID-kvfp-4b99-7ufe
summary GeoNode is an open source platform that facilitates the creation, sharing, and collaborative use of geospatial data. GeoNode is vulnerable to an XML External Entity (XXE) injection in the style upload functionality of GeoServer leading to Arbitrary File Read. This issue has been patched in version 4.0.3.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2023-26043
reference_id
reference_type
scores
0
value 0.00234
scoring_system epss
scoring_elements 0.46411
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2023-26043
1
reference_url https://github.com/GeoNode/geonode
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/GeoNode/geonode
2
reference_url https://github.com/GeoNode/geonode/commit/2fdfe919f299b21f1609bf898f9dcfde58770ac0
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/GeoNode/geonode/commit/2fdfe919f299b21f1609bf898f9dcfde58770ac0
3
reference_url https://github.com/GeoNode/geonode/security/advisories/GHSA-mcmc-c59m-pqq8
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/GeoNode/geonode/security/advisories/GHSA-mcmc-c59m-pqq8
4
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/geonode/PYSEC-2023-15.yaml
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/geonode/PYSEC-2023-15.yaml
5
reference_url https://nvd.nist.gov/vuln/detail/CVE-2023-26043
reference_id CVE-2023-26043
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2023-26043
6
reference_url https://github.com/advisories/GHSA-mcmc-c59m-pqq8
reference_id GHSA-mcmc-c59m-pqq8
reference_type
scores
url https://github.com/advisories/GHSA-mcmc-c59m-pqq8
fixed_packages
0
url pkg:pypi/geonode@4.0.3
purl pkg:pypi/geonode@4.0.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3112-xnvn-gyen
1
vulnerability VCID-y7sz-snam-5ycz
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/geonode@4.0.3
aliases CVE-2023-26043, GHSA-mcmc-c59m-pqq8, PYSEC-2023-15
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-kvfp-4b99-7ufe
Fixing_vulnerabilities
Risk_score4.0
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:pypi/geonode@2.0b4