Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:maven/org.springframework/spring-webflux@5.0.0.RELEASE
Typemaven
Namespaceorg.springframework
Namespring-webflux
Version5.0.0.RELEASE
Qualifiers
Subpath
Is_vulnerabletrue
Next_non_vulnerable_version5.0.5.RELEASE
Latest_non_vulnerable_version5.3.18
Affected_by_vulnerabilities
0
url VCID-dakn-kfyh-syab
vulnerability_id VCID-dakn-kfyh-syab
summary 
Uncontrolled Resource Consumption
Spring Framework provides support for range requests when serving static resources through the `ResourceHttpRequestHandler`. A malicious user (or attacker) can add a range header with a high number of ranges, or with wide ranges that overlap, or both, for a denial of service attack.
references
0
reference_url http://www.securityfocus.com/bid/105703
reference_id
reference_type
scores
url http://www.securityfocus.com/bid/105703
1
reference_url https://nvd.nist.gov/vuln/detail/CVE-2018-15756
reference_id CVE-2018-15756
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2018-15756
2
reference_url https://pivotal.io/security/cve-2018-15756
reference_id CVE-2018-15756
reference_type
scores
url https://pivotal.io/security/cve-2018-15756
fixed_packages
0
url pkg:maven/org.springframework/spring-webflux@5.0.10.RELEASE
purl pkg:maven/org.springframework/spring-webflux@5.0.10.RELEASE
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.springframework/spring-webflux@5.0.10.RELEASE
1
url pkg:maven/org.springframework/spring-webflux@5.1.1.RELEASE
purl pkg:maven/org.springframework/spring-webflux@5.1.1.RELEASE
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.springframework/spring-webflux@5.1.1.RELEASE
aliases CVE-2018-15756
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-dakn-kfyh-syab
Fixing_vulnerabilities
Risk_scorenull
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:maven/org.springframework/spring-webflux@5.0.0.RELEASE