Django REST framework

Lookup for vulnerabilities affecting packages.

Vulnerability_id VCID-6ue4-nzqy-yfbj

Summary Fugue is a unified interface for distributed computing that lets users execute Python, Pandas, and SQL code on Spark, Dask, and Ray with minimal rewrites. In version 0.9.2 and prior, there is a remote code execution vulnerability by pickle deserialization via FlaskRPCServer. The Fugue framework implements an RPC server system for distributed computing operations. In the core functionality of the RPC server implementation, I found that the _decode() function in fugue/rpc/flask.py directly uses cloudpickle.loads() to deserialize data without any sanitization. This creates a remote code execution vulnerability when malicious pickle data is processed by the RPC server. The vulnerability exists in the RPC communication mechanism where the client can send arbitrary serialized Python objects that will be deserialized on the server side, allowing attackers to execute arbitrary code on the victim's machine. This issue has been patched via commit 6f25326.

Aliases

alias	CVE-2025-62703

alias	GHSA-xv5p-fjw5-vrj6

Fixed_packages

Affected_packages

url pkg:pypi/fugue@0.0.2

purl pkg:pypi/fugue@0.0.2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-6ue4-nzqy-yfbj

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/fugue@0.0.2

url pkg:pypi/fugue@0.4.0

purl pkg:pypi/fugue@0.4.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-6ue4-nzqy-yfbj

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/fugue@0.4.0

url pkg:pypi/fugue@0.4.1

purl pkg:pypi/fugue@0.4.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-6ue4-nzqy-yfbj

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/fugue@0.4.1

url pkg:pypi/fugue@0.4.2

purl pkg:pypi/fugue@0.4.2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-6ue4-nzqy-yfbj

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/fugue@0.4.2

url pkg:pypi/fugue@0.4.3

purl pkg:pypi/fugue@0.4.3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-6ue4-nzqy-yfbj

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/fugue@0.4.3

url pkg:pypi/fugue@0.4.5

purl pkg:pypi/fugue@0.4.5

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-6ue4-nzqy-yfbj

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/fugue@0.4.5

url pkg:pypi/fugue@0.4.6

purl pkg:pypi/fugue@0.4.6

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-6ue4-nzqy-yfbj

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/fugue@0.4.6

url pkg:pypi/fugue@0.4.7

purl pkg:pypi/fugue@0.4.7

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-6ue4-nzqy-yfbj

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/fugue@0.4.7

url pkg:pypi/fugue@0.4.8

purl pkg:pypi/fugue@0.4.8

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-6ue4-nzqy-yfbj

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/fugue@0.4.8

url pkg:pypi/fugue@0.4.9

purl pkg:pypi/fugue@0.4.9

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-6ue4-nzqy-yfbj

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/fugue@0.4.9

url pkg:pypi/fugue@0.5.0.dev0

purl pkg:pypi/fugue@0.5.0.dev0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-6ue4-nzqy-yfbj

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/fugue@0.5.0.dev0

url pkg:pypi/fugue@0.5.0.dev1

purl pkg:pypi/fugue@0.5.0.dev1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-6ue4-nzqy-yfbj

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/fugue@0.5.0.dev1

url pkg:pypi/fugue@0.5.0.dev2

purl pkg:pypi/fugue@0.5.0.dev2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-6ue4-nzqy-yfbj

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/fugue@0.5.0.dev2

url pkg:pypi/fugue@0.5.0

purl pkg:pypi/fugue@0.5.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-6ue4-nzqy-yfbj

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/fugue@0.5.0

url pkg:pypi/fugue@0.5.1.dev0

purl pkg:pypi/fugue@0.5.1.dev0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-6ue4-nzqy-yfbj

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/fugue@0.5.1.dev0

url pkg:pypi/fugue@0.5.1.dev1

purl pkg:pypi/fugue@0.5.1.dev1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-6ue4-nzqy-yfbj

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/fugue@0.5.1.dev1

url pkg:pypi/fugue@0.5.1.dev2

purl pkg:pypi/fugue@0.5.1.dev2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-6ue4-nzqy-yfbj

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/fugue@0.5.1.dev2

url pkg:pypi/fugue@0.5.1.dev3

purl pkg:pypi/fugue@0.5.1.dev3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-6ue4-nzqy-yfbj

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/fugue@0.5.1.dev3

url pkg:pypi/fugue@0.5.1.dev4

purl pkg:pypi/fugue@0.5.1.dev4

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-6ue4-nzqy-yfbj

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/fugue@0.5.1.dev4

url pkg:pypi/fugue@0.5.1.dev5

purl pkg:pypi/fugue@0.5.1.dev5

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-6ue4-nzqy-yfbj

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/fugue@0.5.1.dev5

url pkg:pypi/fugue@0.5.1.dev6

purl pkg:pypi/fugue@0.5.1.dev6

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-6ue4-nzqy-yfbj

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/fugue@0.5.1.dev6

url pkg:pypi/fugue@0.5.1

purl pkg:pypi/fugue@0.5.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-6ue4-nzqy-yfbj

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/fugue@0.5.1

url pkg:pypi/fugue@0.5.2.dev0

purl pkg:pypi/fugue@0.5.2.dev0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-6ue4-nzqy-yfbj

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/fugue@0.5.2.dev0

url pkg:pypi/fugue@0.5.2.dev1

purl pkg:pypi/fugue@0.5.2.dev1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-6ue4-nzqy-yfbj

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/fugue@0.5.2.dev1

url pkg:pypi/fugue@0.5.2.dev2

purl pkg:pypi/fugue@0.5.2.dev2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-6ue4-nzqy-yfbj

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/fugue@0.5.2.dev2

url pkg:pypi/fugue@0.5.2

purl pkg:pypi/fugue@0.5.2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-6ue4-nzqy-yfbj

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/fugue@0.5.2

url pkg:pypi/fugue@0.5.3.dev1

purl pkg:pypi/fugue@0.5.3.dev1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-6ue4-nzqy-yfbj

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/fugue@0.5.3.dev1

url pkg:pypi/fugue@0.5.3

purl pkg:pypi/fugue@0.5.3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-6ue4-nzqy-yfbj

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/fugue@0.5.3

url pkg:pypi/fugue@0.5.4

purl pkg:pypi/fugue@0.5.4

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-6ue4-nzqy-yfbj

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/fugue@0.5.4

url pkg:pypi/fugue@0.5.5.dev1

purl pkg:pypi/fugue@0.5.5.dev1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-6ue4-nzqy-yfbj

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/fugue@0.5.5.dev1

url pkg:pypi/fugue@0.5.5

purl pkg:pypi/fugue@0.5.5

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-6ue4-nzqy-yfbj

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/fugue@0.5.5

url pkg:pypi/fugue@0.5.6.dev1

purl pkg:pypi/fugue@0.5.6.dev1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-6ue4-nzqy-yfbj

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/fugue@0.5.6.dev1

url pkg:pypi/fugue@0.5.6.dev2

purl pkg:pypi/fugue@0.5.6.dev2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-6ue4-nzqy-yfbj

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/fugue@0.5.6.dev2

url pkg:pypi/fugue@0.5.6

purl pkg:pypi/fugue@0.5.6

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-6ue4-nzqy-yfbj

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/fugue@0.5.6

url pkg:pypi/fugue@0.5.7.dev1

purl pkg:pypi/fugue@0.5.7.dev1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-6ue4-nzqy-yfbj

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/fugue@0.5.7.dev1

url pkg:pypi/fugue@0.6.0.dev1

purl pkg:pypi/fugue@0.6.0.dev1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-6ue4-nzqy-yfbj

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/fugue@0.6.0.dev1

url pkg:pypi/fugue@0.6.0.dev2

purl pkg:pypi/fugue@0.6.0.dev2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-6ue4-nzqy-yfbj

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/fugue@0.6.0.dev2

url pkg:pypi/fugue@0.6.0.dev3

purl pkg:pypi/fugue@0.6.0.dev3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-6ue4-nzqy-yfbj

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/fugue@0.6.0.dev3

url pkg:pypi/fugue@0.6.0

purl pkg:pypi/fugue@0.6.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-6ue4-nzqy-yfbj

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/fugue@0.6.0

url pkg:pypi/fugue@0.6.1.dev1

purl pkg:pypi/fugue@0.6.1.dev1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-6ue4-nzqy-yfbj

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/fugue@0.6.1.dev1

url pkg:pypi/fugue@0.6.1.dev2

purl pkg:pypi/fugue@0.6.1.dev2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-6ue4-nzqy-yfbj

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/fugue@0.6.1.dev2

url pkg:pypi/fugue@0.6.1.dev3

purl pkg:pypi/fugue@0.6.1.dev3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-6ue4-nzqy-yfbj

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/fugue@0.6.1.dev3

url pkg:pypi/fugue@0.6.1

purl pkg:pypi/fugue@0.6.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-6ue4-nzqy-yfbj

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/fugue@0.6.1

url pkg:pypi/fugue@0.6.2

purl pkg:pypi/fugue@0.6.2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-6ue4-nzqy-yfbj

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/fugue@0.6.2

url pkg:pypi/fugue@0.6.3

purl pkg:pypi/fugue@0.6.3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-6ue4-nzqy-yfbj

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/fugue@0.6.3

url pkg:pypi/fugue@0.6.4.dev1

purl pkg:pypi/fugue@0.6.4.dev1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-6ue4-nzqy-yfbj

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/fugue@0.6.4.dev1

url pkg:pypi/fugue@0.6.4.dev2

purl pkg:pypi/fugue@0.6.4.dev2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-6ue4-nzqy-yfbj

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/fugue@0.6.4.dev2

url pkg:pypi/fugue@0.6.4

purl pkg:pypi/fugue@0.6.4

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-6ue4-nzqy-yfbj

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/fugue@0.6.4

url pkg:pypi/fugue@0.6.5.dev1

purl pkg:pypi/fugue@0.6.5.dev1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-6ue4-nzqy-yfbj

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/fugue@0.6.5.dev1

url pkg:pypi/fugue@0.6.5.dev2

purl pkg:pypi/fugue@0.6.5.dev2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-6ue4-nzqy-yfbj

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/fugue@0.6.5.dev2

url pkg:pypi/fugue@0.6.5.dev3

purl pkg:pypi/fugue@0.6.5.dev3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-6ue4-nzqy-yfbj

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/fugue@0.6.5.dev3

url pkg:pypi/fugue@0.6.5.dev4

purl pkg:pypi/fugue@0.6.5.dev4

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-6ue4-nzqy-yfbj

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/fugue@0.6.5.dev4

url pkg:pypi/fugue@0.6.5.dev5

purl pkg:pypi/fugue@0.6.5.dev5

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-6ue4-nzqy-yfbj

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/fugue@0.6.5.dev5

url pkg:pypi/fugue@0.6.5.dev6

purl pkg:pypi/fugue@0.6.5.dev6

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-6ue4-nzqy-yfbj

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/fugue@0.6.5.dev6

url pkg:pypi/fugue@0.6.5.dev7

purl pkg:pypi/fugue@0.6.5.dev7

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-6ue4-nzqy-yfbj

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/fugue@0.6.5.dev7

url pkg:pypi/fugue@0.6.5.dev8

purl pkg:pypi/fugue@0.6.5.dev8

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-6ue4-nzqy-yfbj

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/fugue@0.6.5.dev8

url pkg:pypi/fugue@0.6.5.dev9

purl pkg:pypi/fugue@0.6.5.dev9

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-6ue4-nzqy-yfbj

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/fugue@0.6.5.dev9

url pkg:pypi/fugue@0.6.5

purl pkg:pypi/fugue@0.6.5

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-6ue4-nzqy-yfbj

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/fugue@0.6.5

url pkg:pypi/fugue@0.6.6.dev1

purl pkg:pypi/fugue@0.6.6.dev1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-6ue4-nzqy-yfbj

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/fugue@0.6.6.dev1

url pkg:pypi/fugue@0.6.6.dev2

purl pkg:pypi/fugue@0.6.6.dev2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-6ue4-nzqy-yfbj

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/fugue@0.6.6.dev2

url pkg:pypi/fugue@0.6.6.dev3

purl pkg:pypi/fugue@0.6.6.dev3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-6ue4-nzqy-yfbj

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/fugue@0.6.6.dev3

url pkg:pypi/fugue@0.6.6

purl pkg:pypi/fugue@0.6.6

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-6ue4-nzqy-yfbj

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/fugue@0.6.6

url pkg:pypi/fugue@0.7.0.dev1

purl pkg:pypi/fugue@0.7.0.dev1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-6ue4-nzqy-yfbj

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/fugue@0.7.0.dev1

url pkg:pypi/fugue@0.7.0.dev2

purl pkg:pypi/fugue@0.7.0.dev2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-6ue4-nzqy-yfbj

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/fugue@0.7.0.dev2

url pkg:pypi/fugue@0.7.0.dev3

purl pkg:pypi/fugue@0.7.0.dev3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-6ue4-nzqy-yfbj

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/fugue@0.7.0.dev3

url pkg:pypi/fugue@0.7.0.dev4

purl pkg:pypi/fugue@0.7.0.dev4

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-6ue4-nzqy-yfbj

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/fugue@0.7.0.dev4

url pkg:pypi/fugue@0.7.0.dev5

purl pkg:pypi/fugue@0.7.0.dev5

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-6ue4-nzqy-yfbj

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/fugue@0.7.0.dev5

url pkg:pypi/fugue@0.7.0

purl pkg:pypi/fugue@0.7.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-6ue4-nzqy-yfbj

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/fugue@0.7.0

url pkg:pypi/fugue@0.7.1.dev1

purl pkg:pypi/fugue@0.7.1.dev1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-6ue4-nzqy-yfbj

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/fugue@0.7.1.dev1

url pkg:pypi/fugue@0.7.1

purl pkg:pypi/fugue@0.7.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-6ue4-nzqy-yfbj

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/fugue@0.7.1

url pkg:pypi/fugue@0.7.2

purl pkg:pypi/fugue@0.7.2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-6ue4-nzqy-yfbj

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/fugue@0.7.2

url pkg:pypi/fugue@0.7.3.dev0

purl pkg:pypi/fugue@0.7.3.dev0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-6ue4-nzqy-yfbj

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/fugue@0.7.3.dev0

url pkg:pypi/fugue@0.7.3.dev1

purl pkg:pypi/fugue@0.7.3.dev1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-6ue4-nzqy-yfbj

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/fugue@0.7.3.dev1

url pkg:pypi/fugue@0.7.3

purl pkg:pypi/fugue@0.7.3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-6ue4-nzqy-yfbj

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/fugue@0.7.3

url pkg:pypi/fugue@0.7.4.dev0

purl pkg:pypi/fugue@0.7.4.dev0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-6ue4-nzqy-yfbj

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/fugue@0.7.4.dev0

url pkg:pypi/fugue@0.7.4.dev1

purl pkg:pypi/fugue@0.7.4.dev1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-6ue4-nzqy-yfbj

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/fugue@0.7.4.dev1

url pkg:pypi/fugue@0.8.0.dev1

purl pkg:pypi/fugue@0.8.0.dev1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-6ue4-nzqy-yfbj

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/fugue@0.8.0.dev1

url pkg:pypi/fugue@0.8.0.dev2

purl pkg:pypi/fugue@0.8.0.dev2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-6ue4-nzqy-yfbj

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/fugue@0.8.0.dev2

url pkg:pypi/fugue@0.8.0.dev3

purl pkg:pypi/fugue@0.8.0.dev3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-6ue4-nzqy-yfbj

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/fugue@0.8.0.dev3

url pkg:pypi/fugue@0.8.0.dev4

purl pkg:pypi/fugue@0.8.0.dev4

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-6ue4-nzqy-yfbj

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/fugue@0.8.0.dev4

url pkg:pypi/fugue@0.8.0

purl pkg:pypi/fugue@0.8.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-6ue4-nzqy-yfbj

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/fugue@0.8.0

url pkg:pypi/fugue@0.8.1.dev1

purl pkg:pypi/fugue@0.8.1.dev1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-6ue4-nzqy-yfbj

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/fugue@0.8.1.dev1

url pkg:pypi/fugue@0.8.1.dev3

purl pkg:pypi/fugue@0.8.1.dev3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-6ue4-nzqy-yfbj

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/fugue@0.8.1.dev3

url pkg:pypi/fugue@0.8.1.dev4

purl pkg:pypi/fugue@0.8.1.dev4

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-6ue4-nzqy-yfbj

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/fugue@0.8.1.dev4

url pkg:pypi/fugue@0.8.1

purl pkg:pypi/fugue@0.8.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-6ue4-nzqy-yfbj

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/fugue@0.8.1

url pkg:pypi/fugue@0.8.2.dev1

purl pkg:pypi/fugue@0.8.2.dev1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-6ue4-nzqy-yfbj

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/fugue@0.8.2.dev1

url pkg:pypi/fugue@0.8.2.dev2

purl pkg:pypi/fugue@0.8.2.dev2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-6ue4-nzqy-yfbj

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/fugue@0.8.2.dev2

url pkg:pypi/fugue@0.8.2.dev3

purl pkg:pypi/fugue@0.8.2.dev3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-6ue4-nzqy-yfbj

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/fugue@0.8.2.dev3

url pkg:pypi/fugue@0.8.2.dev4

purl pkg:pypi/fugue@0.8.2.dev4

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-6ue4-nzqy-yfbj

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/fugue@0.8.2.dev4

url pkg:pypi/fugue@0.8.2

purl pkg:pypi/fugue@0.8.2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-6ue4-nzqy-yfbj

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/fugue@0.8.2

url pkg:pypi/fugue@0.8.3.dev1

purl pkg:pypi/fugue@0.8.3.dev1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-6ue4-nzqy-yfbj

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/fugue@0.8.3.dev1

url pkg:pypi/fugue@0.8.3

purl pkg:pypi/fugue@0.8.3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-6ue4-nzqy-yfbj

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/fugue@0.8.3

url pkg:pypi/fugue@0.8.4.dev1

purl pkg:pypi/fugue@0.8.4.dev1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-6ue4-nzqy-yfbj

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/fugue@0.8.4.dev1

url pkg:pypi/fugue@0.8.4.dev2

purl pkg:pypi/fugue@0.8.4.dev2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-6ue4-nzqy-yfbj

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/fugue@0.8.4.dev2

url pkg:pypi/fugue@0.8.4

purl pkg:pypi/fugue@0.8.4

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-6ue4-nzqy-yfbj

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/fugue@0.8.4

url pkg:pypi/fugue@0.8.5.dev1

purl pkg:pypi/fugue@0.8.5.dev1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-6ue4-nzqy-yfbj

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/fugue@0.8.5.dev1

url pkg:pypi/fugue@0.8.5

purl pkg:pypi/fugue@0.8.5

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-6ue4-nzqy-yfbj

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/fugue@0.8.5

url pkg:pypi/fugue@0.8.6.dev1

purl pkg:pypi/fugue@0.8.6.dev1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-6ue4-nzqy-yfbj

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/fugue@0.8.6.dev1

url pkg:pypi/fugue@0.8.6.dev2

purl pkg:pypi/fugue@0.8.6.dev2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-6ue4-nzqy-yfbj

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/fugue@0.8.6.dev2

url pkg:pypi/fugue@0.8.6.dev3

purl pkg:pypi/fugue@0.8.6.dev3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-6ue4-nzqy-yfbj

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/fugue@0.8.6.dev3

100

url pkg:pypi/fugue@0.8.6

purl pkg:pypi/fugue@0.8.6

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-6ue4-nzqy-yfbj

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/fugue@0.8.6

101

url pkg:pypi/fugue@0.8.7.dev1

purl pkg:pypi/fugue@0.8.7.dev1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-6ue4-nzqy-yfbj

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/fugue@0.8.7.dev1

102

url pkg:pypi/fugue@0.8.7.dev2

purl pkg:pypi/fugue@0.8.7.dev2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-6ue4-nzqy-yfbj

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/fugue@0.8.7.dev2

103

url pkg:pypi/fugue@0.8.7.dev3

purl pkg:pypi/fugue@0.8.7.dev3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-6ue4-nzqy-yfbj

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/fugue@0.8.7.dev3

104

url pkg:pypi/fugue@0.8.7.dev4

purl pkg:pypi/fugue@0.8.7.dev4

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-6ue4-nzqy-yfbj

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/fugue@0.8.7.dev4

105

url pkg:pypi/fugue@0.8.7.dev5

purl pkg:pypi/fugue@0.8.7.dev5

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-6ue4-nzqy-yfbj

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/fugue@0.8.7.dev5

106

url pkg:pypi/fugue@0.8.7.dev6

purl pkg:pypi/fugue@0.8.7.dev6

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-6ue4-nzqy-yfbj

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/fugue@0.8.7.dev6

107

url pkg:pypi/fugue@0.8.7.dev7

purl pkg:pypi/fugue@0.8.7.dev7

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-6ue4-nzqy-yfbj

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/fugue@0.8.7.dev7

108

url pkg:pypi/fugue@0.8.7.dev8

purl pkg:pypi/fugue@0.8.7.dev8

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-6ue4-nzqy-yfbj

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/fugue@0.8.7.dev8

109

url pkg:pypi/fugue@0.8.7

purl pkg:pypi/fugue@0.8.7

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-6ue4-nzqy-yfbj

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/fugue@0.8.7

110

url pkg:pypi/fugue@0.9.0.dev2

purl pkg:pypi/fugue@0.9.0.dev2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-6ue4-nzqy-yfbj

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/fugue@0.9.0.dev2

111

url pkg:pypi/fugue@0.9.0.dev3

purl pkg:pypi/fugue@0.9.0.dev3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-6ue4-nzqy-yfbj

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/fugue@0.9.0.dev3

112

url pkg:pypi/fugue@0.9.0.dev4

purl pkg:pypi/fugue@0.9.0.dev4

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-6ue4-nzqy-yfbj

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/fugue@0.9.0.dev4

113

url pkg:pypi/fugue@0.9.0

purl pkg:pypi/fugue@0.9.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-6ue4-nzqy-yfbj

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/fugue@0.9.0

114

url pkg:pypi/fugue@0.9.1

purl pkg:pypi/fugue@0.9.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-6ue4-nzqy-yfbj

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/fugue@0.9.1

115

url pkg:pypi/fugue@0.9.2.dev1

purl pkg:pypi/fugue@0.9.2.dev1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-6ue4-nzqy-yfbj

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/fugue@0.9.2.dev1

116

url pkg:pypi/fugue@0.9.2.dev2

purl pkg:pypi/fugue@0.9.2.dev2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-6ue4-nzqy-yfbj

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/fugue@0.9.2.dev2

117

url pkg:pypi/fugue@0.9.2

purl pkg:pypi/fugue@0.9.2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-6ue4-nzqy-yfbj

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/fugue@0.9.2

References

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2025-62703

reference_id

reference_type

scores

value	0.00562
scoring_system	epss
scoring_elements	0.68805
published_at	2026-06-11T12:55:00Z

value	0.00562
scoring_system	epss
scoring_elements	0.68899
published_at	2026-06-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2025-62703

reference_url

https://drive.google.com/file/d/1y8bBBp7dnWoT_WHBtdB0Fts4NRUIfdWi/view?usp=sharing

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://drive.google.com/file/d/1y8bBBp7dnWoT_WHBtdB0Fts4NRUIfdWi/view?usp=sharing

reference_url

https://github.com/fugue-project/fugue

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/fugue-project/fugue

reference_url

https://github.com/fugue-project/fugue/commit/6f25326779fd1f528198098d6287c5a863176fc0

reference_id

6f25326779fd1f528198098d6287c5a863176fc0

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Track*
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-11-26T15:59:28Z/

url

https://github.com/fugue-project/fugue/commit/6f25326779fd1f528198098d6287c5a863176fc0

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2025-62703

reference_id

CVE-2025-62703

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2025-62703

reference_url

https://github.com/advisories/GHSA-xv5p-fjw5-vrj6

reference_id

GHSA-xv5p-fjw5-vrj6

reference_type

scores

value	HIGH
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-xv5p-fjw5-vrj6

reference_url

https://github.com/fugue-project/fugue/security/advisories/GHSA-xv5p-fjw5-vrj6

reference_id

GHSA-xv5p-fjw5-vrj6

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	cvssv3.1_qr
scoring_elements

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Track*
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-11-26T15:59:28Z/

url

https://github.com/fugue-project/fugue/security/advisories/GHSA-xv5p-fjw5-vrj6

Weaknesses

cwe_id	502
name	Deserialization of Untrusted Data
description	The product deserializes untrusted data without sufficiently verifying that the resulting data will be valid.

cwe_id	78
name	Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
description	The product constructs all or part of an OS command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended OS command when it is sent to a downstream component.

cwe_id	937
name	OWASP Top Ten 2013 Category A9 - Using Components with Known Vulnerabilities
description	Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2013.

cwe_id	1035
name	OWASP Top Ten 2017 Category A9 - Using Components with Known Vulnerabilities
description	Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2017.

Exploits

Severity_range_score 7.0 - 8.9

Exploitability 0.5

Weighted_severity 8.0

Risk_score 4.0

Resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-6ue4-nzqy-yfbj

Vulnerability Instance