Django REST framework

Lookup for vulnerable packages by Package URL.

Purl pkg:npm/selenium-chromedriver@0.0.2

Type npm

Namespace

Name selenium-chromedriver

Version 0.0.2

Qualifiers

Subpath

Is_vulnerable true

Next_non_vulnerable_version null

Latest_non_vulnerable_version null

Affected_by_vulnerabilities

url VCID-43ga-2r8c-nqcv

vulnerability_id VCID-43ga-2r8c-nqcv

summary

Cryptographic Issues
It may be possible to cause remote code execution (RCE) by swapping out the requested binary with an attacker controlled binary if the attacker is on the network or positioned in between the user and the remote server.

references

reference_url	https://nvd.nist.gov/vuln/detail/CVE-2016-10624
reference_id	CVE-2016-10624
reference_type
scores
url	https://nvd.nist.gov/vuln/detail/CVE-2016-10624

fixed_packages

aliases CVE-2016-10624

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-43ga-2r8c-nqcv

Fixing_vulnerabilities

Risk_score null

Resource_url http://public2.vulnerablecode.io/packages/pkg:npm/selenium-chromedriver@0.0.2

Package Instance