Vulnerability Instance
Lookup for vulnerabilities affecting packages.
GET /api/vulnerabilities/34982?format=api
{ "url": "http://public2.vulnerablecode.io/api/vulnerabilities/34982?format=api", "vulnerability_id": "VCID-2yaw-hhv6-fygg", "summary": "Django 1.9.x before 1.9.2, when ModelAdmin.save_as is set to True, allows remote authenticated users to bypass intended access restrictions and create ModelAdmin objects via the \"Save as New\" option when editing objects and leveraging the \"change\" permission.", "aliases": [ { "alias": "CVE-2016-2048" }, { "alias": "PYSEC-2016-14" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/9136?format=api", "purl": "pkg:pypi/django@1.9.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3kza-a88p-kfg7" }, { "vulnerability": "VCID-6wah-r8vr-5qc4" }, { "vulnerability": "VCID-8gus-er59-1qak" }, { "vulnerability": "VCID-9mpt-zxaw-kkeg" }, { "vulnerability": "VCID-ksh8-pazn-dbca" }, { "vulnerability": "VCID-qy2a-mvpz-q7eh" }, { "vulnerability": "VCID-rruq-9scz-vbg8" }, { "vulnerability": "VCID-upbz-vg19-rugv" }, { "vulnerability": "VCID-vdpf-jddk-syda" }, { "vulnerability": "VCID-weqb-fxu4-17e7" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/django@1.9.2" } ], "affected_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/9134?format=api", "purl": "pkg:pypi/django@1.9", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2yaw-hhv6-fygg" }, { "vulnerability": "VCID-3kza-a88p-kfg7" }, { "vulnerability": "VCID-6wah-r8vr-5qc4" }, { "vulnerability": "VCID-8gus-er59-1qak" }, { "vulnerability": "VCID-9mpt-zxaw-kkeg" }, { "vulnerability": "VCID-ksh8-pazn-dbca" }, { "vulnerability": "VCID-qy2a-mvpz-q7eh" }, { "vulnerability": "VCID-rruq-9scz-vbg8" }, { "vulnerability": "VCID-upbz-vg19-rugv" }, { "vulnerability": "VCID-vdpf-jddk-syda" }, { "vulnerability": "VCID-weqb-fxu4-17e7" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/django@1.9" }, { "url": "http://public2.vulnerablecode.io/api/packages/9135?format=api", "purl": "pkg:pypi/django@1.9.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2yaw-hhv6-fygg" }, { "vulnerability": "VCID-3kza-a88p-kfg7" }, { "vulnerability": "VCID-6wah-r8vr-5qc4" }, { "vulnerability": "VCID-8gus-er59-1qak" }, { "vulnerability": "VCID-9mpt-zxaw-kkeg" }, { "vulnerability": "VCID-ksh8-pazn-dbca" }, { "vulnerability": "VCID-qy2a-mvpz-q7eh" }, { "vulnerability": "VCID-rruq-9scz-vbg8" }, { "vulnerability": "VCID-upbz-vg19-rugv" }, { "vulnerability": "VCID-vdpf-jddk-syda" }, { "vulnerability": "VCID-weqb-fxu4-17e7" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/django@1.9.1" } ], "references": [ { "reference_url": "https://www.djangoproject.com/weblog/2016/feb/01/releases-192-and-189/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.djangoproject.com/weblog/2016/feb/01/releases-192-and-189/" }, { "reference_url": "http://www.securityfocus.com/bid/82329", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/82329" }, { "reference_url": "http://www.securitytracker.com/id/1034894", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1034894" } ], "weaknesses": [], "exploits": [], "severity_range_score": null, "exploitability": null, "weighted_severity": null, "risk_score": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-2yaw-hhv6-fygg" }