Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:maven/org.apache.inlong/manager-test@1.4.0
Typemaven
Namespaceorg.apache.inlong
Namemanager-test
Version1.4.0
Qualifiers
Subpath
Is_vulnerabletrue
Next_non_vulnerable_version1.7.0
Latest_non_vulnerable_version1.7.0
Affected_by_vulnerabilities
0
url VCID-phe3-ctkw-jfaw
vulnerability_id VCID-phe3-ctkw-jfaw
summary 
Exposure of Resource to Wrong Sphere Vulnerability in Apache Software Foundation Apache InLong.This issue affects Apache InLong: from 1.4.0 through 1.6.0. 
Attackers can change the immutable name and type of cluster of InLong. Users are advised to upgrade to Apache InLong's 1.7.0 or cherry-pick https://github.com/apache/inlong/pull/7891 https://github.com/apache/inlong/pull/7891 to solve it.
references
0
reference_url https://github.com/apache/inlong/pull/7891
reference_id
reference_type
scores
url https://github.com/apache/inlong/pull/7891
1
reference_url https://lists.apache.org/thread/bv51zhjookcnfbz8b0xsl9wv78sn0j1p
reference_id
reference_type
scores
url https://lists.apache.org/thread/bv51zhjookcnfbz8b0xsl9wv78sn0j1p
2
reference_url https://nvd.nist.gov/vuln/detail/CVE-2023-31103
reference_id CVE-2023-31103
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2023-31103
3
reference_url https://github.com/advisories/GHSA-7mhc-76hf-3jp9
reference_id GHSA-7mhc-76hf-3jp9
reference_type
scores
url https://github.com/advisories/GHSA-7mhc-76hf-3jp9
fixed_packages
0
url pkg:maven/org.apache.inlong/manager-test@1.7.0
purl pkg:maven/org.apache.inlong/manager-test@1.7.0
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.inlong/manager-test@1.7.0
aliases CVE-2023-31103, GHSA-7mhc-76hf-3jp9
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-phe3-ctkw-jfaw
1
url VCID-qfyn-8g2m-ryct
vulnerability_id VCID-qfyn-8g2m-ryct
summary 
Exposure of Resource to Wrong Sphere Vulnerability in Apache Software Foundation Apache InLong.This issue affects Apache InLong: from 1.4.0 through 1.6.0. Attackers can change the immutable name and type of nodes of InLong. Users are advised to upgrade to Apache InLong's 1.7.0 or cherry-pick [1] to solve it.

 [1] https://cveprocess.apache.org/cve5/[1]%C2%A0https://github.com/apache/inlong/pull/7891 https://github.com/apache/inlong/pull/7891 https://github.com/apache/inlong/pull/7891
references
0
reference_url https://github.com/apache/inlong/pull/7891
reference_id
reference_type
scores
url https://github.com/apache/inlong/pull/7891
1
reference_url https://lists.apache.org/thread/qb7zffo785wzpmsobjqcypodngw6kg6x
reference_id
reference_type
scores
url https://lists.apache.org/thread/qb7zffo785wzpmsobjqcypodngw6kg6x
2
reference_url https://nvd.nist.gov/vuln/detail/CVE-2023-31206
reference_id CVE-2023-31206
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2023-31206
3
reference_url https://github.com/advisories/GHSA-f475-jgg3-3jwc
reference_id GHSA-f475-jgg3-3jwc
reference_type
scores
url https://github.com/advisories/GHSA-f475-jgg3-3jwc
fixed_packages
0
url pkg:maven/org.apache.inlong/manager-test@1.7.0
purl pkg:maven/org.apache.inlong/manager-test@1.7.0
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.inlong/manager-test@1.7.0
aliases CVE-2023-31206, GHSA-f475-jgg3-3jwc
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-qfyn-8g2m-ryct
Fixing_vulnerabilities
Risk_scorenull
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:maven/org.apache.inlong/manager-test@1.4.0