Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:pypi/chatterbot@0.7.3
Typepypi
Namespace
Namechatterbot
Version0.7.3
Qualifiers
Subpath
Is_vulnerabletrue
Next_non_vulnerable_version1.2.11
Latest_non_vulnerable_version1.2.11
Affected_by_vulnerabilities
0
url VCID-n5hn-4z73-43hk
vulnerability_id VCID-n5hn-4z73-43hk
summary 
ChatterBot Vulnerable to Denial of Service via Database Connection Pool Exhaustion
ChatterBot versions up to 1.2.10 are vulnerable to a denial-of-service condition caused by improper database session and connection pool management. Concurrent invocations of the get_response() method can exhaust the underlying SQLAlchemy connection pool, resulting in persistent service unavailability and requiring a manual restart to recover.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-23842
reference_id
reference_type
scores
0
value 0.00039
scoring_system epss
scoring_elements 0.12227
published_at 2026-06-06T12:55:00Z
1
value 0.00039
scoring_system epss
scoring_elements 0.12129
published_at 2026-06-09T12:55:00Z
2
value 0.00039
scoring_system epss
scoring_elements 0.12116
published_at 2026-06-08T12:55:00Z
3
value 0.00039
scoring_system epss
scoring_elements 0.12193
published_at 2026-06-07T12:55:00Z
4
value 0.00039
scoring_system epss
scoring_elements 0.12229
published_at 2026-06-05T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-23842
1
reference_url https://github.com/gunthercox/ChatterBot
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/gunthercox/ChatterBot
2
reference_url https://github.com/gunthercox/ChatterBot/commit/de89fe648139f8eeacc998ad4524fab291a378cf
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-01-20T20:04:06Z/
url https://github.com/gunthercox/ChatterBot/commit/de89fe648139f8eeacc998ad4524fab291a378cf
3
reference_url https://github.com/gunthercox/ChatterBot/pull/2432
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-01-20T20:04:06Z/
url https://github.com/gunthercox/ChatterBot/pull/2432
4
reference_url https://github.com/gunthercox/ChatterBot/releases/tag/1.2.11
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-01-20T20:04:06Z/
url https://github.com/gunthercox/ChatterBot/releases/tag/1.2.11
5
reference_url https://github.com/user-attachments/assets/4ee845c4-b847-4854-84ec-4b2fb2f7090f
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-01-20T20:04:06Z/
url https://github.com/user-attachments/assets/4ee845c4-b847-4854-84ec-4b2fb2f7090f
6
reference_url https://nvd.nist.gov/vuln/detail/CVE-2026-23842
reference_id CVE-2026-23842
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2026-23842
7
reference_url https://github.com/advisories/GHSA-v4w8-49pv-mf72
reference_id GHSA-v4w8-49pv-mf72
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-v4w8-49pv-mf72
8
reference_url https://github.com/gunthercox/ChatterBot/security/advisories/GHSA-v4w8-49pv-mf72
reference_id GHSA-v4w8-49pv-mf72
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
2
value HIGH
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-01-20T20:04:06Z/
url https://github.com/gunthercox/ChatterBot/security/advisories/GHSA-v4w8-49pv-mf72
fixed_packages
0
url pkg:pypi/chatterbot@1.2.11
purl pkg:pypi/chatterbot@1.2.11
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/chatterbot@1.2.11
aliases CVE-2026-23842, GHSA-v4w8-49pv-mf72
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-n5hn-4z73-43hk
Fixing_vulnerabilities
Risk_score4.0
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:pypi/chatterbot@0.7.3