Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:npm/binary-parser@1.9.1
Typenpm
Namespace
Namebinary-parser
Version1.9.1
Qualifiers
Subpath
Is_vulnerabletrue
Next_non_vulnerable_version2.3.0
Latest_non_vulnerable_version2.3.0
Affected_by_vulnerabilities
0
url VCID-gd56-zxmy-9kax
vulnerability_id VCID-gd56-zxmy-9kax
summary 
binary-parser library has a code injection vulnerability
A code injection vulnerability in the binary-parser library prior to version 2.3.0 allows arbitrary JavaScript code execution when untrusted values are used in parser field names or encoding parameters. The library directly interpolates these values into dynamically generated code without sanitization, enabling attackers to execute arbitrary code in the context of the Node.js process.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-1245
reference_id
reference_type
scores
0
value 0.00087
scoring_system epss
scoring_elements 0.25126
published_at 2026-06-05T12:55:00Z
1
value 0.00087
scoring_system epss
scoring_elements 0.25013
published_at 2026-06-09T12:55:00Z
2
value 0.00087
scoring_system epss
scoring_elements 0.25004
published_at 2026-06-08T12:55:00Z
3
value 0.00087
scoring_system epss
scoring_elements 0.25061
published_at 2026-06-07T12:55:00Z
4
value 0.00087
scoring_system epss
scoring_elements 0.25114
published_at 2026-06-06T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-1245
1
reference_url https://github.com/keichi/binary-parser
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-01-21T16:44:44Z/
url https://github.com/keichi/binary-parser
2
reference_url https://github.com/keichi/binary-parser/pull/283
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-01-21T16:44:44Z/
url https://github.com/keichi/binary-parser/pull/283
3
reference_url https://kb.cert.org/vuls/id/102648
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-01-21T16:44:44Z/
url https://kb.cert.org/vuls/id/102648
4
reference_url https://www.cve.org/CVERecord?id=CVE-2026-1245
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.cve.org/CVERecord?id=CVE-2026-1245
5
reference_url https://www.kb.cert.org/vuls/id/102648
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.kb.cert.org/vuls/id/102648
6
reference_url https://www.npmjs.com/package/binary-parser
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-01-21T16:44:44Z/
url https://www.npmjs.com/package/binary-parser
7
reference_url https://nvd.nist.gov/vuln/detail/CVE-2026-1245
reference_id CVE-2026-1245
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2026-1245
8
reference_url https://github.com/advisories/GHSA-m39p-34qh-rh3w
reference_id GHSA-m39p-34qh-rh3w
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-m39p-34qh-rh3w
fixed_packages
0
url pkg:npm/binary-parser@2.3.0
purl pkg:npm/binary-parser@2.3.0
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/binary-parser@2.3.0
aliases CVE-2026-1245, GHSA-m39p-34qh-rh3w
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-gd56-zxmy-9kax
Fixing_vulnerabilities
Risk_score3.1
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:npm/binary-parser@1.9.1