{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/34680?format=json","vulnerability_id":"VCID-1yu8-hwwc-pyc8","summary":"Unspecified vulnerability in Zope Object Database (ZODB) before 3.8.2, when certain Zope Enterprise Objects (ZEO) database sharing is enabled, allows remote attackers to execute arbitrary Python code via vectors involving the ZEO network protocol.","aliases":[{"alias":"CVE-2009-0668"},{"alias":"GHSA-4x83-5gw5-q346"},{"alias":"PYSEC-2009-8"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/6941?format=json","purl":"pkg:pypi/zodb3@3.8.2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-msp8-4g67-cue6"},{"vulnerability":"VCID-qn4a-azp2-1qfs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/zodb3@3.8.2"}],"affected_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/6915?format=json","purl":"pkg:pypi/zodb3@3.1.5","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1yu8-hwwc-pyc8"},{"vulnerability":"VCID-ebby-3w76-r7be"},{"vulnerability":"VCID-qn4a-azp2-1qfs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/zodb3@3.1.5"},{"url":"http://public2.vulnerablecode.io/api/packages/6916?format=json","purl":"pkg:pypi/zodb3@3.2.10","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1yu8-hwwc-pyc8"},{"vulnerability":"VCID-ebby-3w76-r7be"},{"vulnerability":"VCID-qn4a-azp2-1qfs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/zodb3@3.2.10"},{"url":"http://public2.vulnerablecode.io/api/packages/6917?format=json","purl":"pkg:pypi/zodb3@3.3.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1yu8-hwwc-pyc8"},{"vulnerability":"VCID-ebby-3w76-r7be"},{"vulnerability":"VCID-qn4a-azp2-1qfs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/zodb3@3.3.1"},{"url":"http://public2.vulnerablecode.io/api/packages/6918?format=json","purl":"pkg:pypi/zodb3@3.4.2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1yu8-hwwc-pyc8"},{"vulnerability":"VCID-ebby-3w76-r7be"},{"vulnerability":"VCID-qn4a-azp2-1qfs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/zodb3@3.4.2"},{"url":"http://public2.vulnerablecode.io/api/packages/6919?format=json","purl":"pkg:pypi/zodb3@3.5.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1yu8-hwwc-pyc8"},{"vulnerability":"VCID-ebby-3w76-r7be"},{"vulnerability":"VCID-qn4a-azp2-1qfs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/zodb3@3.5.0"},{"url":"http://public2.vulnerablecode.io/api/packages/6920?format=json","purl":"pkg:pypi/zodb3@3.5.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1yu8-hwwc-pyc8"},{"vulnerability":"VCID-ebby-3w76-r7be"},{"vulnerability":"VCID-qn4a-azp2-1qfs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/zodb3@3.5.1"},{"url":"http://public2.vulnerablecode.io/api/packages/6921?format=json","purl":"pkg:pypi/zodb3@3.6.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1yu8-hwwc-pyc8"},{"vulnerability":"VCID-ebby-3w76-r7be"},{"vulnerability":"VCID-qn4a-azp2-1qfs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/zodb3@3.6.0"},{"url":"http://public2.vulnerablecode.io/api/packages/6922?format=json","purl":"pkg:pypi/zodb3@3.7.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1yu8-hwwc-pyc8"},{"vulnerability":"VCID-ebby-3w76-r7be"},{"vulnerability":"VCID-qn4a-azp2-1qfs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/zodb3@3.7.0"},{"url":"http://public2.vulnerablecode.io/api/packages/6923?format=json","purl":"pkg:pypi/zodb3@3.7.2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1yu8-hwwc-pyc8"},{"vulnerability":"VCID-ebby-3w76-r7be"},{"vulnerability":"VCID-qn4a-azp2-1qfs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/zodb3@3.7.2"},{"url":"http://public2.vulnerablecode.io/api/packages/6924?format=json","purl":"pkg:pypi/zodb3@3.8.0a1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1yu8-hwwc-pyc8"},{"vulnerability":"VCID-ebby-3w76-r7be"},{"vulnerability":"VCID-qn4a-azp2-1qfs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/zodb3@3.8.0a1"},{"url":"http://public2.vulnerablecode.io/api/packages/6925?format=json","purl":"pkg:pypi/zodb3@3.8.0b1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1yu8-hwwc-pyc8"},{"vulnerability":"VCID-ebby-3w76-r7be"},{"vulnerability":"VCID-qn4a-azp2-1qfs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/zodb3@3.8.0b1"},{"url":"http://public2.vulnerablecode.io/api/packages/6926?format=json","purl":"pkg:pypi/zodb3@3.8.0b2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1yu8-hwwc-pyc8"},{"vulnerability":"VCID-ebby-3w76-r7be"},{"vulnerability":"VCID-qn4a-azp2-1qfs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/zodb3@3.8.0b2"},{"url":"http://public2.vulnerablecode.io/api/packages/6927?format=json","purl":"pkg:pypi/zodb3@3.8.0b3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1yu8-hwwc-pyc8"},{"vulnerability":"VCID-ebby-3w76-r7be"},{"vulnerability":"VCID-qn4a-azp2-1qfs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/zodb3@3.8.0b3"},{"url":"http://public2.vulnerablecode.io/api/packages/6928?format=json","purl":"pkg:pypi/zodb3@3.8.0b4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1yu8-hwwc-pyc8"},{"vulnerability":"VCID-ebby-3w76-r7be"},{"vulnerability":"VCID-qn4a-azp2-1qfs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/zodb3@3.8.0b4"},{"url":"http://public2.vulnerablecode.io/api/packages/6929?format=json","purl":"pkg:pypi/zodb3@3.8.0rc1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1yu8-hwwc-pyc8"},{"vulnerability":"VCID-ebby-3w76-r7be"},{"vulnerability":"VCID-qn4a-azp2-1qfs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/zodb3@3.8.0rc1"},{"url":"http://public2.vulnerablecode.io/api/packages/572835?format=json","purl":"pkg:pypi/zodb3@3.8.0c1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1yu8-hwwc-pyc8"},{"vulnerability":"VCID-ebby-3w76-r7be"},{"vulnerability":"VCID-qn4a-azp2-1qfs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/zodb3@3.8.0c1"},{"url":"http://public2.vulnerablecode.io/api/packages/6930?format=json","purl":"pkg:pypi/zodb3@3.8.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1yu8-hwwc-pyc8"},{"vulnerability":"VCID-ebby-3w76-r7be"},{"vulnerability":"VCID-msp8-4g67-cue6"},{"vulnerability":"VCID-qn4a-azp2-1qfs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/zodb3@3.8.0"},{"url":"http://public2.vulnerablecode.io/api/packages/6931?format=json","purl":"pkg:pypi/zodb3@3.8.1b1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1yu8-hwwc-pyc8"},{"vulnerability":"VCID-ebby-3w76-r7be"},{"vulnerability":"VCID-msp8-4g67-cue6"},{"vulnerability":"VCID-qn4a-azp2-1qfs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/zodb3@3.8.1b1"},{"url":"http://public2.vulnerablecode.io/api/packages/6932?format=json","purl":"pkg:pypi/zodb3@3.8.1b2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1yu8-hwwc-pyc8"},{"vulnerability":"VCID-ebby-3w76-r7be"},{"vulnerability":"VCID-msp8-4g67-cue6"},{"vulnerability":"VCID-qn4a-azp2-1qfs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/zodb3@3.8.1b2"},{"url":"http://public2.vulnerablecode.io/api/packages/6933?format=json","purl":"pkg:pypi/zodb3@3.8.1b3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1yu8-hwwc-pyc8"},{"vulnerability":"VCID-ebby-3w76-r7be"},{"vulnerability":"VCID-msp8-4g67-cue6"},{"vulnerability":"VCID-qn4a-azp2-1qfs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/zodb3@3.8.1b3"},{"url":"http://public2.vulnerablecode.io/api/packages/6934?format=json","purl":"pkg:pypi/zodb3@3.8.1b4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1yu8-hwwc-pyc8"},{"vulnerability":"VCID-ebby-3w76-r7be"},{"vulnerability":"VCID-msp8-4g67-cue6"},{"vulnerability":"VCID-qn4a-azp2-1qfs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/zodb3@3.8.1b4"},{"url":"http://public2.vulnerablecode.io/api/packages/6935?format=json","purl":"pkg:pypi/zodb3@3.8.1b5","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1yu8-hwwc-pyc8"},{"vulnerability":"VCID-ebby-3w76-r7be"},{"vulnerability":"VCID-msp8-4g67-cue6"},{"vulnerability":"VCID-qn4a-azp2-1qfs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/zodb3@3.8.1b5"},{"url":"http://public2.vulnerablecode.io/api/packages/6936?format=json","purl":"pkg:pypi/zodb3@3.8.1b6","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1yu8-hwwc-pyc8"},{"vulnerability":"VCID-ebby-3w76-r7be"},{"vulnerability":"VCID-msp8-4g67-cue6"},{"vulnerability":"VCID-qn4a-azp2-1qfs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/zodb3@3.8.1b6"},{"url":"http://public2.vulnerablecode.io/api/packages/6937?format=json","purl":"pkg:pypi/zodb3@3.8.1b7","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1yu8-hwwc-pyc8"},{"vulnerability":"VCID-ebby-3w76-r7be"},{"vulnerability":"VCID-msp8-4g67-cue6"},{"vulnerability":"VCID-qn4a-azp2-1qfs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/zodb3@3.8.1b7"},{"url":"http://public2.vulnerablecode.io/api/packages/6938?format=json","purl":"pkg:pypi/zodb3@3.8.1b8","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1yu8-hwwc-pyc8"},{"vulnerability":"VCID-ebby-3w76-r7be"},{"vulnerability":"VCID-msp8-4g67-cue6"},{"vulnerability":"VCID-qn4a-azp2-1qfs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/zodb3@3.8.1b8"},{"url":"http://public2.vulnerablecode.io/api/packages/6939?format=json","purl":"pkg:pypi/zodb3@3.8.1b9","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1yu8-hwwc-pyc8"},{"vulnerability":"VCID-ebby-3w76-r7be"},{"vulnerability":"VCID-msp8-4g67-cue6"},{"vulnerability":"VCID-qn4a-azp2-1qfs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/zodb3@3.8.1b9"},{"url":"http://public2.vulnerablecode.io/api/packages/6940?format=json","purl":"pkg:pypi/zodb3@3.8.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1yu8-hwwc-pyc8"},{"vulnerability":"VCID-ebby-3w76-r7be"},{"vulnerability":"VCID-msp8-4g67-cue6"},{"vulnerability":"VCID-qn4a-azp2-1qfs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/zodb3@3.8.1"}],"references":[{"reference_url":"http://mail.zope.org/pipermail/zope-announce/2009-August/002220.html","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"9.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:L/SI:L/SA:N"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://mail.zope.org/pipermail/zope-announce/2009-August/002220.html"},{"reference_url":"http://osvdb.org/56827","reference_id":"","reference_type":"","scores":[],"url":"http://osvdb.org/56827"},{"reference_url":"http://pypi.python.org/pypi/ZODB3/3.8.2#whats-new-in-zodb-3-8-2","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"9.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:L/SI:L/SA:N"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://pypi.python.org/pypi/ZODB3/3.8.2#whats-new-in-zodb-3-8-2"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-0668.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-0668.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2009-0668","reference_id":"","reference_type":"","scores":[{"value":"0.0064","scoring_system":"epss","scoring_elements":"0.70962","published_at":"2026-06-07T12:55:00Z"},{"value":"0.0064","scoring_system":"epss","scoring_elements":"0.70979","published_at":"2026-06-06T12:55:00Z"},{"value":"0.0064","scoring_system":"epss","scoring_elements":"0.70972","published_at":"2026-06-09T12:55:00Z"},{"value":"0.0064","scoring_system":"epss","scoring_elements":"0.7093","published_at":"2026-06-04T12:55:00Z"},{"value":"0.0064","scoring_system":"epss","scoring_elements":"0.70947","published_at":"2026-06-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2009-0668"},{"reference_url":"http://secunia.com/advisories/36204","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/36204"},{"reference_url":"http://secunia.com/advisories/36205","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/36205"},{"reference_url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/52377","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"9.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:L/SI:L/SA:N"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/52377"},{"reference_url":"https://github.com/pypa/advisory-database/tree/main/vulns/zodb3/PYSEC-2009-8.yaml","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"9.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:L/SI:L/SA:N"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/pypa/advisory-database/tree/main/vulns/zodb3/PYSEC-2009-8.yaml"},{"reference_url":"https://github.com/zopefoundation/ZODB3","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"9.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:L/SI:L/SA:N"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/zopefoundation/ZODB3"},{"reference_url":"https://web.archive.org/web/20151023102330/http://secunia.com/advisories/36204","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"9.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:L/SI:L/SA:N"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://web.archive.org/web/20151023102330/http://secunia.com/advisories/36204"},{"reference_url":"https://web.archive.org/web/20151023102336/http://secunia.com/advisories/36205","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"9.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:L/SI:L/SA:N"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://web.archive.org/web/20151023102336/http://secunia.com/advisories/36205"},{"reference_url":"https://web.archive.org/web/20200229152709/http://www.securityfocus.com/bid/35987","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"9.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:L/SI:L/SA:N"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://web.archive.org/web/20200229152709/http://www.securityfocus.com/bid/35987"},{"reference_url":"http://www.securityfocus.com/bid/35987","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/35987"},{"reference_url":"http://www.vupen.com/english/advisories/2009/2217","reference_id":"","reference_type":"","scores":[],"url":"http://www.vupen.com/english/advisories/2009/2217"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=513422","reference_id":"513422","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=513422"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2009-0668","reference_id":"CVE-2009-0668","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"9.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:L/SI:L/SA:N"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2009-0668"},{"reference_url":"https://github.com/advisories/GHSA-4x83-5gw5-q346","reference_id":"GHSA-4x83-5gw5-q346","reference_type":"","scores":[{"value":"CRITICAL","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-4x83-5gw5-q346"},{"reference_url":"https://usn.ubuntu.com/848-1/","reference_id":"USN-848-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/848-1/"}],"weaknesses":[{"cwe_id":94,"name":"Improper Control of Generation of Code ('Code Injection')","description":"The product constructs all or part of a code segment using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the syntax or behavior of the intended code segment."},{"cwe_id":937,"name":"OWASP Top Ten 2013 Category A9 - Using Components with Known Vulnerabilities","description":"Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2013."},{"cwe_id":1035,"name":"OWASP Top Ten 2017 Category A9 - Using Components with Known Vulnerabilities","description":"Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2017."}],"exploits":[],"severity_range_score":"9.0 - 10.0","exploitability":"0.5","weighted_severity":"9.0","risk_score":4.5,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-1yu8-hwwc-pyc8"}