Vulnerability Instance
Lookup for vulnerabilities affecting packages.
GET /api/vulnerabilities/34871?format=api
{ "url": "http://public2.vulnerablecode.io/api/vulnerabilities/34871?format=api", "vulnerability_id": "VCID-qdzd-s8a4-3fgm", "summary": "Transifex command-line client before 0.10 does not validate X.509 certificates for data transfer connections, which allows man-in-the-middle attackers to spoof a Transifex server via an arbitrary certificate. NOTE: this vulnerability exists because of an incomplete fix for CVE-2013-2073.", "aliases": [ { "alias": "CVE-2013-7110" }, { "alias": "GHSA-jf99-2rj4-jxrm" }, { "alias": "PYSEC-2014-72" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/8097?format=api", "purl": "pkg:pypi/transifex-client@0.11.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/transifex-client@0.11.0" } ], "affected_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/8077?format=api", "purl": "pkg:pypi/transifex-client@0.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-qdzd-s8a4-3fgm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/transifex-client@0.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/8078?format=api", "purl": "pkg:pypi/transifex-client@0.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-qdzd-s8a4-3fgm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/transifex-client@0.2" }, { "url": "http://public2.vulnerablecode.io/api/packages/8079?format=api", "purl": "pkg:pypi/transifex-client@0.2.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-qdzd-s8a4-3fgm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/transifex-client@0.2.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/8080?format=api", "purl": "pkg:pypi/transifex-client@0.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-qdzd-s8a4-3fgm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/transifex-client@0.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/8081?format=api", "purl": "pkg:pypi/transifex-client@0.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-qdzd-s8a4-3fgm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/transifex-client@0.4" }, { "url": "http://public2.vulnerablecode.io/api/packages/8082?format=api", "purl": "pkg:pypi/transifex-client@0.4.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-qdzd-s8a4-3fgm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/transifex-client@0.4.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/8083?format=api", "purl": "pkg:pypi/transifex-client@0.5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-qdzd-s8a4-3fgm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/transifex-client@0.5" }, { "url": "http://public2.vulnerablecode.io/api/packages/8084?format=api", "purl": "pkg:pypi/transifex-client@0.5.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-qdzd-s8a4-3fgm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/transifex-client@0.5.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/8085?format=api", "purl": "pkg:pypi/transifex-client@0.5.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-qdzd-s8a4-3fgm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/transifex-client@0.5.2" }, { "url": "http://public2.vulnerablecode.io/api/packages/8086?format=api", "purl": "pkg:pypi/transifex-client@0.6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-qdzd-s8a4-3fgm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/transifex-client@0.6" }, { "url": "http://public2.vulnerablecode.io/api/packages/8087?format=api", "purl": "pkg:pypi/transifex-client@0.6.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-qdzd-s8a4-3fgm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/transifex-client@0.6.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/8088?format=api", "purl": "pkg:pypi/transifex-client@0.7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-qdzd-s8a4-3fgm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/transifex-client@0.7" }, { "url": "http://public2.vulnerablecode.io/api/packages/8089?format=api", "purl": "pkg:pypi/transifex-client@0.7.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-qdzd-s8a4-3fgm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/transifex-client@0.7.2" }, { "url": "http://public2.vulnerablecode.io/api/packages/8090?format=api", "purl": "pkg:pypi/transifex-client@0.7.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-qdzd-s8a4-3fgm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/transifex-client@0.7.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/8091?format=api", "purl": "pkg:pypi/transifex-client@0.8", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-qdzd-s8a4-3fgm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/transifex-client@0.8" }, { "url": "http://public2.vulnerablecode.io/api/packages/8092?format=api", "purl": "pkg:pypi/transifex-client@0.9", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-qdzd-s8a4-3fgm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/transifex-client@0.9" }, { "url": "http://public2.vulnerablecode.io/api/packages/8093?format=api", "purl": "pkg:pypi/transifex-client@0.9.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-qdzd-s8a4-3fgm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/transifex-client@0.9.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/8094?format=api", "purl": "pkg:pypi/transifex-client@0.10", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-qdzd-s8a4-3fgm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/transifex-client@0.10" }, { "url": "http://public2.vulnerablecode.io/api/packages/8095?format=api", "purl": "pkg:pypi/transifex-client@0.11b0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-qdzd-s8a4-3fgm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/transifex-client@0.11b0" }, { "url": "http://public2.vulnerablecode.io/api/packages/8096?format=api", "purl": "pkg:pypi/transifex-client@0.11b3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-qdzd-s8a4-3fgm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/transifex-client@0.11b3" } ], "references": [ { "reference_url": "https://github.com/transifex/transifex-client/issues/42", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/transifex/transifex-client/issues/42" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2013/12/13/5", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.openwall.com/lists/oss-security/2013/12/13/5" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2013/12/15/3", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.openwall.com/lists/oss-security/2013/12/15/3" } ], "weaknesses": [], "exploits": [], "severity_range_score": null, "exploitability": null, "weighted_severity": null, "risk_score": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-qdzd-s8a4-3fgm" }