Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:pypi/buildbot@0.9.9
Typepypi
Namespace
Namebuildbot
Version0.9.9
Qualifiers
Subpath
Is_vulnerabletrue
Next_non_vulnerable_version1.8.2
Latest_non_vulnerable_version2.3.1
Affected_by_vulnerabilities
0
url VCID-4exh-n9pd-f7dp
vulnerability_id VCID-4exh-n9pd-f7dp
summary Improper Authentication in Buildbot
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2019-12300
reference_id
reference_type
scores
0
value 0.00471
scoring_system epss
scoring_elements 0.65049
published_at 2026-06-11T12:55:00Z
1
value 0.00471
scoring_system epss
scoring_elements 0.65149
published_at 2026-06-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2019-12300
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12300
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12300
2
reference_url https://github.com/buildbot/buildbot
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/buildbot/buildbot
3
reference_url https://github.com/buildbot/buildbot/wiki/OAuth-vulnerability-in-using-submitted-authorization-token-for-authentication
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/buildbot/buildbot/wiki/OAuth-vulnerability-in-using-submitted-authorization-token-for-authentication
4
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/buildbot/PYSEC-2019-6.yaml
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/buildbot/PYSEC-2019-6.yaml
5
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4XLOM2K4M4723BCLHZJEX52KJXZSEVRL
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4XLOM2K4M4723BCLHZJEX52KJXZSEVRL
6
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4XLOM2K4M4723BCLHZJEX52KJXZSEVRL/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4XLOM2K4M4723BCLHZJEX52KJXZSEVRL/
7
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7GXKO7OYLKBTXXXKF4VPHWT7GVYWFVYA
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7GXKO7OYLKBTXXXKF4VPHWT7GVYWFVYA
8
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7GXKO7OYLKBTXXXKF4VPHWT7GVYWFVYA/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7GXKO7OYLKBTXXXKF4VPHWT7GVYWFVYA/
9
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=929849
reference_id 929849
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=929849
10
reference_url https://nvd.nist.gov/vuln/detail/CVE-2019-12300
reference_id CVE-2019-12300
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2019-12300
11
reference_url https://github.com/advisories/GHSA-g86p-hgx5-2pfh
reference_id GHSA-g86p-hgx5-2pfh
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system cvssv3.1_qr
scoring_elements
2
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
3
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/advisories/GHSA-g86p-hgx5-2pfh
fixed_packages
0
url pkg:pypi/buildbot@1.8.2
purl pkg:pypi/buildbot@1.8.2
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/buildbot@1.8.2
1
url pkg:pypi/buildbot@2.3.1
purl pkg:pypi/buildbot@2.3.1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/buildbot@2.3.1
aliases CVE-2019-12300, GHSA-g86p-hgx5-2pfh, PYSEC-2019-6
risk_score 4.5
exploitability 0.5
weighted_severity 9.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-4exh-n9pd-f7dp
1
url VCID-h8z9-z3pm-cff4
vulnerability_id VCID-h8z9-z3pm-cff4
summary www/resource.py in Buildbot before 1.8.1 allows CRLF injection in the Location header of /auth/login and /auth/logout via the redirect parameter. This affects other web sites in the same domain.
references
0
reference_url https://github.com/buildbot/buildbot/wiki/CRLF-injection-in-Buildbot-login-and-logout-redirect-code
reference_id
reference_type
scores
url https://github.com/buildbot/buildbot/wiki/CRLF-injection-in-Buildbot-login-and-logout-redirect-code
fixed_packages
0
url pkg:pypi/buildbot@1.8.1
purl pkg:pypi/buildbot@1.8.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-4exh-n9pd-f7dp
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/buildbot@1.8.1
aliases PYSEC-2019-77
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-h8z9-z3pm-cff4
2
url VCID-qt6j-ya86-wbc2
vulnerability_id VCID-qt6j-ya86-wbc2
summary www/resource.py in Buildbot before 1.8.1 allows CRLF injection in the Location header of /auth/login and /auth/logout via the redirect parameter. This affects other web sites in the same domain.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2019-7313
reference_id
reference_type
scores
0
value 0.00224
scoring_system epss
scoring_elements 0.45268
published_at 2026-06-11T12:55:00Z
1
value 0.00224
scoring_system epss
scoring_elements 0.45417
published_at 2026-06-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2019-7313
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7313
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7313
2
reference_url https://github.com/advisories/GHSA-66x7-2r56-fj77
reference_id
reference_type
scores
url https://github.com/advisories/GHSA-66x7-2r56-fj77
3
reference_url https://github.com/buildbot/buildbot
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/buildbot/buildbot
4
reference_url https://github.com/buildbot/buildbot/commit/e781f110933e05ecdb30abc64327a2c7c9ff9c5a
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/buildbot/buildbot/commit/e781f110933e05ecdb30abc64327a2c7c9ff9c5a
5
reference_url https://github.com/buildbot/buildbot/pull/4584
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/buildbot/buildbot/pull/4584
6
reference_url https://github.com/buildbot/buildbot/wiki/CRLF-injection-in-Buildbot-login-and-logout-redirect-code
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/buildbot/buildbot/wiki/CRLF-injection-in-Buildbot-login-and-logout-redirect-code
7
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/buildbot/PYSEC-2019-7.yaml
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/buildbot/PYSEC-2019-7.yaml
8
reference_url https://nvd.nist.gov/vuln/detail/CVE-2019-7313
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2019-7313
9
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=921271
reference_id 921271
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=921271
fixed_packages
0
url pkg:pypi/buildbot@1.8.1
purl pkg:pypi/buildbot@1.8.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-4exh-n9pd-f7dp
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/buildbot@1.8.1
aliases CVE-2019-7313, GHSA-66x7-2r56-fj77, PYSEC-2019-7
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-qt6j-ya86-wbc2
Fixing_vulnerabilities
Risk_score4.5
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:pypi/buildbot@0.9.9