Django REST framework

Lookup for vulnerabilities affecting packages.

Vulnerability_id VCID-2t7d-kvmj-57c8

Summary The Crypto.Random.atfork function in PyCrypto before 2.6.1 does not properly reseed the pseudo-random number generator (PRNG) before allowing a child process to access it, which makes it easier for context-dependent attackers to obtain sensitive information by leveraging a race condition in which a child process is created and accesses the PRNG within the same rate-limit period as another process.

Aliases

alias	CVE-2013-1445

alias	PYSEC-2013-29

Fixed_packages

url pkg:pypi/pycrypto@2.6.1

purl pkg:pypi/pycrypto@2.6.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-af5m-veyp-cugm

vulnerability	VCID-stxq-tcuq-aud6

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/pycrypto@2.6.1

Affected_packages

url pkg:pypi/pycrypto@1.9a2

purl pkg:pypi/pycrypto@1.9a2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2t7d-kvmj-57c8

vulnerability	VCID-m9eb-j1h4-w3g2

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/pycrypto@1.9a2

url pkg:pypi/pycrypto@1.9a5

purl pkg:pypi/pycrypto@1.9a5

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2t7d-kvmj-57c8

vulnerability	VCID-m9eb-j1h4-w3g2

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/pycrypto@1.9a5

url pkg:pypi/pycrypto@1.9a6

purl pkg:pypi/pycrypto@1.9a6

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2t7d-kvmj-57c8

vulnerability	VCID-m9eb-j1h4-w3g2

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/pycrypto@1.9a6

url pkg:pypi/pycrypto@2.0

purl pkg:pypi/pycrypto@2.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2t7d-kvmj-57c8

vulnerability	VCID-m9eb-j1h4-w3g2

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/pycrypto@2.0

url pkg:pypi/pycrypto@2.0.1

purl pkg:pypi/pycrypto@2.0.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2t7d-kvmj-57c8

vulnerability	VCID-m9eb-j1h4-w3g2

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/pycrypto@2.0.1

url pkg:pypi/pycrypto@2.1.0

purl pkg:pypi/pycrypto@2.1.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2t7d-kvmj-57c8

vulnerability	VCID-m9eb-j1h4-w3g2

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/pycrypto@2.1.0

url pkg:pypi/pycrypto@2.2

purl pkg:pypi/pycrypto@2.2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2t7d-kvmj-57c8

vulnerability	VCID-m9eb-j1h4-w3g2

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/pycrypto@2.2

url pkg:pypi/pycrypto@2.3

purl pkg:pypi/pycrypto@2.3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2t7d-kvmj-57c8

vulnerability	VCID-m9eb-j1h4-w3g2

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/pycrypto@2.3

url pkg:pypi/pycrypto@2.4

purl pkg:pypi/pycrypto@2.4

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2t7d-kvmj-57c8

vulnerability	VCID-m9eb-j1h4-w3g2

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/pycrypto@2.4

url pkg:pypi/pycrypto@2.4.1

purl pkg:pypi/pycrypto@2.4.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2t7d-kvmj-57c8

vulnerability	VCID-m9eb-j1h4-w3g2

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/pycrypto@2.4.1

url pkg:pypi/pycrypto@2.5

purl pkg:pypi/pycrypto@2.5

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2t7d-kvmj-57c8

vulnerability	VCID-m9eb-j1h4-w3g2

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/pycrypto@2.5

url pkg:pypi/pycrypto@2.6

purl pkg:pypi/pycrypto@2.6

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2t7d-kvmj-57c8

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/pycrypto@2.6

References

reference_url	https://github.com/dlitz/pycrypto/commit/19dcf7b15d61b7dc1a125a367151de40df6ef175
reference_id
reference_type
scores
url	https://github.com/dlitz/pycrypto/commit/19dcf7b15d61b7dc1a125a367151de40df6ef175

reference_url	http://www.debian.org/security/2013/dsa-2781
reference_id
reference_type
scores
url	http://www.debian.org/security/2013/dsa-2781

reference_url	http://www.openwall.com/lists/oss-security/2013/10/17/3
reference_id
reference_type
scores
url	http://www.openwall.com/lists/oss-security/2013/10/17/3

Weaknesses

Exploits

Severity_range_score null

Exploitability null

Weighted_severity null

Risk_score null

Resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-2t7d-kvmj-57c8

Vulnerability Instance