Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:pypi/blacksheep@0.1.6
Typepypi
Namespace
Nameblacksheep
Version0.1.6
Qualifiers
Subpath
Is_vulnerabletrue
Next_non_vulnerable_version2.4.6
Latest_non_vulnerable_version2.4.6
Affected_by_vulnerabilities
0
url VCID-xnww-n51w-n3dp
vulnerability_id VCID-xnww-n51w-n3dp
summary BlackSheep is an asynchronous web framework to build event based web applications with Python. Prior to 2.4.6, the HTTP Client implementation in BlackSheep is vulnerable to CRLF injection. Missing headers validation makes it possible for an attacker to modify the HTTP requests (e.g. insert a new header) or even create a new HTTP request. Exploitation requires developers to pass unsanitized user input directly into headers.The server part is not affected because BlackSheep delegates to an underlying ASGI server handling of response headers. This vulnerability is fixed in 2.4.6.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-22779
reference_id
reference_type
scores
0
value 0.00026
scoring_system epss
scoring_elements 0.07945
published_at 2026-06-14T12:55:00Z
1
value 0.00026
scoring_system epss
scoring_elements 0.0795
published_at 2026-06-13T12:55:00Z
2
value 0.00027
scoring_system epss
scoring_elements 0.08284
published_at 2026-06-12T12:55:00Z
3
value 0.00052
scoring_system epss
scoring_elements 0.16561
published_at 2026-06-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-22779
1
reference_url https://github.com/Neoteroi/BlackSheep
reference_id
reference_type
scores
0
value 6.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/Neoteroi/BlackSheep
2
reference_url https://github.com/Neoteroi/BlackSheep/commit/bd4ecb9542b5d52442276b5a6907931b90f38d12
reference_id bd4ecb9542b5d52442276b5a6907931b90f38d12
reference_type
scores
0
value 6.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-01-14T21:01:45Z/
url https://github.com/Neoteroi/BlackSheep/commit/bd4ecb9542b5d52442276b5a6907931b90f38d12
3
reference_url https://nvd.nist.gov/vuln/detail/CVE-2026-22779
reference_id CVE-2026-22779
reference_type
scores
0
value 6.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2026-22779
4
reference_url https://github.com/advisories/GHSA-6pw3-h7xf-x4gp
reference_id GHSA-6pw3-h7xf-x4gp
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-6pw3-h7xf-x4gp
5
reference_url https://github.com/Neoteroi/BlackSheep/security/advisories/GHSA-6pw3-h7xf-x4gp
reference_id GHSA-6pw3-h7xf-x4gp
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
1
value 6.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-01-14T21:01:45Z/
url https://github.com/Neoteroi/BlackSheep/security/advisories/GHSA-6pw3-h7xf-x4gp
6
reference_url https://github.com/Neoteroi/BlackSheep/releases/tag/v2.4.6
reference_id v2.4.6
reference_type
scores
0
value 6.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-01-14T21:01:45Z/
url https://github.com/Neoteroi/BlackSheep/releases/tag/v2.4.6
fixed_packages
0
url pkg:pypi/blacksheep@2.4.6
purl pkg:pypi/blacksheep@2.4.6
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/blacksheep@2.4.6
aliases CVE-2026-22779, GHSA-6pw3-h7xf-x4gp
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-xnww-n51w-n3dp
Fixing_vulnerabilities
Risk_score3.1
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:pypi/blacksheep@0.1.6