Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:pypi/paste@1.4.1
Typepypi
Namespace
Namepaste
Version1.4.1
Qualifiers
Subpath
Is_vulnerabletrue
Next_non_vulnerable_version1.7.5.1
Latest_non_vulnerable_version1.7.5.1
Affected_by_vulnerabilities
0
url VCID-f12u-sb2b-zfbd
vulnerability_id VCID-f12u-sb2b-zfbd
summary Multiple cross-site scripting (XSS) vulnerabilities in the paste.httpexceptions implementation in Paste before 1.7.4 allow remote attackers to inject arbitrary web script or HTML via vectors involving a 404 status code, related to (1) paste.urlparser.StaticURLParser, (2) paste.urlparser.PkgResourcesParser, (3) paste.urlmap.URLMap, and (4) HTTPNotFound.
references
0
reference_url http://bitbucket.org/ianb/paste/changeset/fcae59df8b56
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url http://bitbucket.org/ianb/paste/changeset/fcae59df8b56
1
reference_url http://groups.google.com/group/paste-users/browse_thread/thread/3b3fff3dadd0b1e5?pli=1
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url http://groups.google.com/group/paste-users/browse_thread/thread/3b3fff3dadd0b1e5?pli=1
2
reference_url http://groups.google.com/group/pylons-discuss/msg/8c256dc076a408d8?dmode=source&output=gplain
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url http://groups.google.com/group/pylons-discuss/msg/8c256dc076a408d8?dmode=source&output=gplain
3
reference_url http://marc.info/?l=oss-security&m=127785414818815&w=2
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url http://marc.info/?l=oss-security&m=127785414818815&w=2
4
reference_url http://marc.info/?l=oss-security&m=127792576822169&w=2
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url http://marc.info/?l=oss-security&m=127792576822169&w=2
5
reference_url http://pylonshq.com/articles/archives/2010/6/paste_174_released_addresses_xss_security_hole
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url http://pylonshq.com/articles/archives/2010/6/paste_174_released_addresses_xss_security_hole
6
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-2477.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-2477.json
7
reference_url https://api.first.org/data/v1/epss?cve=CVE-2010-2477
reference_id
reference_type
scores
0
value 0.0052
scoring_system epss
scoring_elements 0.67275
published_at 2026-06-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2010-2477
8
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2477
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2477
9
reference_url http://secunia.com/advisories/42500
reference_id
reference_type
scores
url http://secunia.com/advisories/42500
10
reference_url https://github.com/advisories/GHSA-7gfc-2v6g-6w9f
reference_id
reference_type
scores
url https://github.com/advisories/GHSA-7gfc-2v6g-6w9f
11
reference_url https://github.com/cdent/paste
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/cdent/paste
12
reference_url https://github.com/cdent/paste/commit/4910493c62f369a3222357af09450930e4c93f5e
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/cdent/paste/commit/4910493c62f369a3222357af09450930e4c93f5e
13
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/paste/PYSEC-2010-29.yaml
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/paste/PYSEC-2010-29.yaml
14
reference_url https://nvd.nist.gov/vuln/detail/CVE-2010-2477
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2010-2477
15
reference_url https://web.archive.org/web/20111227133546/http://secunia.com/advisories/42500
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20111227133546/http://secunia.com/advisories/42500
16
reference_url https://web.archive.org/web/20120527154041/http://www.securityfocus.com/bid/41160
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20120527154041/http://www.securityfocus.com/bid/41160
17
reference_url http://www.securityfocus.com/bid/41160
reference_id
reference_type
scores
url http://www.securityfocus.com/bid/41160
18
reference_url http://www.ubuntu.com/usn/USN-1026-1
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.ubuntu.com/usn/USN-1026-1
19
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=651633
reference_id 651633
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=651633
20
reference_url https://usn.ubuntu.com/1026-1/
reference_id USN-1026-1
reference_type
scores
url https://usn.ubuntu.com/1026-1/
fixed_packages
0
url pkg:pypi/paste@1.7.4
purl pkg:pypi/paste@1.7.4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-sdxu-uyxy-fyhj
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/paste@1.7.4
aliases CVE-2010-2477, GHSA-7gfc-2v6g-6w9f, PYSEC-2010-29
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-f12u-sb2b-zfbd
1
url VCID-sdxu-uyxy-fyhj
vulnerability_id VCID-sdxu-uyxy-fyhj
summary Paste Script 1.7.5 and earlier does not properly set group memberships during execution with root privileges, which might allow remote attackers to bypass intended file-access restrictions by leveraging a web application that uses the local filesystem.
references
0
reference_url http://groups.google.com/group/paste-users/browse_thread/thread/2aa651ba331c2471
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url http://groups.google.com/group/paste-users/browse_thread/thread/2aa651ba331c2471
1
reference_url http://rhn.redhat.com/errata/RHSA-2012-1206.html
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2012-1206.html
2
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-0878.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-0878.json
3
reference_url https://api.first.org/data/v1/epss?cve=CVE-2012-0878
reference_id
reference_type
scores
0
value 0.01239
scoring_system epss
scoring_elements 0.79652
published_at 2026-06-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2012-0878
4
reference_url https://bitbucket.org/ianb/pastescript/changeset/a19e462769b4
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://bitbucket.org/ianb/pastescript/changeset/a19e462769b4
5
reference_url https://bitbucket.org/ianb/pastescript/pull-request/3/fix-group-permissions-for-pastescriptserve
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://bitbucket.org/ianb/pastescript/pull-request/3/fix-group-permissions-for-pastescriptserve
6
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=796790
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://bugzilla.redhat.com/show_bug.cgi?id=796790
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0878
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0878
8
reference_url http://secunia.com/advisories/48812
reference_id
reference_type
scores
url http://secunia.com/advisories/48812
9
reference_url http://secunia.com/advisories/50410
reference_id
reference_type
scores
url http://secunia.com/advisories/50410
10
reference_url https://github.com/advisories/GHSA-27px-qpmj-qg38
reference_id
reference_type
scores
url https://github.com/advisories/GHSA-27px-qpmj-qg38
11
reference_url https://github.com/cdent/pastescript/commit/b5f36f2995e1ae117cc53d2bd458d7fb33e4cabe
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/cdent/pastescript/commit/b5f36f2995e1ae117cc53d2bd458d7fb33e4cabe
12
reference_url https://github.com/pasteorg/pastescript
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/pasteorg/pastescript
13
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/paste/PYSEC-2012-15.yaml
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/paste/PYSEC-2012-15.yaml
14
reference_url https://nvd.nist.gov/vuln/detail/CVE-2012-0878
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2012-0878
15
reference_url https://web.archive.org/web/20140723093519/http://secunia.com/advisories/50410
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20140723093519/http://secunia.com/advisories/50410
16
reference_url https://web.archive.org/web/20140803132259/http://secunia.com/advisories/48812
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20140803132259/http://secunia.com/advisories/48812
17
reference_url http://www.openwall.com/lists/oss-security/2012/02/23/1
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2012/02/23/1
18
reference_url http://www.openwall.com/lists/oss-security/2012/02/23/4
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2012/02/23/4
19
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=661061
reference_id 661061
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=661061
20
reference_url https://access.redhat.com/errata/RHSA-2012:1206
reference_id RHSA-2012:1206
reference_type
scores
url https://access.redhat.com/errata/RHSA-2012:1206
fixed_packages
0
url pkg:pypi/paste@1.7.5.1
purl pkg:pypi/paste@1.7.5.1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/paste@1.7.5.1
aliases CVE-2012-0878, GHSA-27px-qpmj-qg38, PYSEC-2012-15
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-sdxu-uyxy-fyhj
Fixing_vulnerabilities
Risk_scorenull
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:pypi/paste@1.4.1