Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:pypi/pymongo@0.9.2
Typepypi
Namespace
Namepymongo
Version0.9.2
Qualifiers
Subpath
Is_vulnerabletrue
Next_non_vulnerable_version2.5.2
Latest_non_vulnerable_version2.5.2
Affected_by_vulnerabilities
0
url VCID-bstf-w638-8uex
vulnerability_id VCID-bstf-w638-8uex
summary bson/_cbsonmodule.c in the mongo-python-driver (aka. pymongo) before 2.5.2, as used in MongoDB, allows context-dependent attackers to cause a denial of service (NULL pointer dereference and crash) via vectors related to decoding of an "invalid DBRef."
references
0
reference_url http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=710597
reference_id
reference_type
scores
url http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=710597
1
reference_url http://lists.opensuse.org/opensuse-updates/2013-06/msg00180.html
reference_id
reference_type
scores
url http://lists.opensuse.org/opensuse-updates/2013-06/msg00180.html
2
reference_url http://seclists.org/oss-sec/2013/q2/447
reference_id
reference_type
scores
url http://seclists.org/oss-sec/2013/q2/447
3
reference_url https://github.com/advisories/GHSA-x33v-f3gp-gw2c
reference_id
reference_type
scores
url https://github.com/advisories/GHSA-x33v-f3gp-gw2c
4
reference_url https://github.com/mongodb/mongo-python-driver/commit/a060c15ef87e0f0e72974c7c0e57fe811bbd06a2
reference_id
reference_type
scores
url https://github.com/mongodb/mongo-python-driver/commit/a060c15ef87e0f0e72974c7c0e57fe811bbd06a2
5
reference_url https://jira.mongodb.org/browse/PYTHON-532
reference_id
reference_type
scores
url https://jira.mongodb.org/browse/PYTHON-532
6
reference_url http://ubuntu.com/usn/usn-1897-1
reference_id
reference_type
scores
url http://ubuntu.com/usn/usn-1897-1
7
reference_url http://www.debian.org/security/2013/dsa-2705
reference_id
reference_type
scores
url http://www.debian.org/security/2013/dsa-2705
8
reference_url http://www.osvdb.org/93804
reference_id
reference_type
scores
url http://www.osvdb.org/93804
9
reference_url http://www.securityfocus.com/bid/60252
reference_id
reference_type
scores
url http://www.securityfocus.com/bid/60252
fixed_packages
0
url pkg:pypi/pymongo@2.5.2
purl pkg:pypi/pymongo@2.5.2
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/pymongo@2.5.2
aliases CVE-2013-2132, GHSA-x33v-f3gp-gw2c, PYSEC-2013-30
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-bstf-w638-8uex
Fixing_vulnerabilities
Risk_scorenull
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:pypi/pymongo@0.9.2