{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/35039?format=json","vulnerability_id":"VCID-txht-21mm-c3dt","summary":"The password reset form in Weblate before 2.10.1 provides different error messages depending on whether the email address is associated with an account, which allows remote attackers to enumerate user accounts via a series of requests.","aliases":[{"alias":"CVE-2017-5537"},{"alias":"PYSEC-2017-42"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/9766?format=json","purl":"pkg:pypi/weblate@2.10.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4qdu-uag1-2yag"},{"vulnerability":"VCID-557t-6mjj-7kcr"},{"vulnerability":"VCID-5kzu-ehv1-t3au"},{"vulnerability":"VCID-9gh7-ge52-pkdt"},{"vulnerability":"VCID-a8w8-ykyv-kfbu"},{"vulnerability":"VCID-egrq-f6sp-3ke5"},{"vulnerability":"VCID-fesz-pv5h-c3e2"},{"vulnerability":"VCID-hdsr-3vyy-5bgh"},{"vulnerability":"VCID-hvg1-yhgu-m7ca"},{"vulnerability":"VCID-p2hq-a8xy-p3b9"},{"vulnerability":"VCID-t6ye-yfrj-mkbt"},{"vulnerability":"VCID-unw7-2g9j-x7b5"},{"vulnerability":"VCID-xsga-gghy-e7f3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/weblate@2.10.1"}],"affected_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/9754?format=json","purl":"pkg:pypi/weblate@1.9","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4qdu-uag1-2yag"},{"vulnerability":"VCID-557t-6mjj-7kcr"},{"vulnerability":"VCID-5kzu-ehv1-t3au"},{"vulnerability":"VCID-9gh7-ge52-pkdt"},{"vulnerability":"VCID-a8w8-ykyv-kfbu"},{"vulnerability":"VCID-egrq-f6sp-3ke5"},{"vulnerability":"VCID-fesz-pv5h-c3e2"},{"vulnerability":"VCID-hdsr-3vyy-5bgh"},{"vulnerability":"VCID-hvg1-yhgu-m7ca"},{"vulnerability":"VCID-p2hq-a8xy-p3b9"},{"vulnerability":"VCID-t6ye-yfrj-mkbt"},{"vulnerability":"VCID-txht-21mm-c3dt"},{"vulnerability":"VCID-unw7-2g9j-x7b5"},{"vulnerability":"VCID-xsga-gghy-e7f3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/weblate@1.9"},{"url":"http://public2.vulnerablecode.io/api/packages/9755?format=json","purl":"pkg:pypi/weblate@2.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4qdu-uag1-2yag"},{"vulnerability":"VCID-557t-6mjj-7kcr"},{"vulnerability":"VCID-5kzu-ehv1-t3au"},{"vulnerability":"VCID-9gh7-ge52-pkdt"},{"vulnerability":"VCID-a8w8-ykyv-kfbu"},{"vulnerability":"VCID-egrq-f6sp-3ke5"},{"vulnerability":"VCID-fesz-pv5h-c3e2"},{"vulnerability":"VCID-hdsr-3vyy-5bgh"},{"vulnerability":"VCID-hvg1-yhgu-m7ca"},{"vulnerability":"VCID-p2hq-a8xy-p3b9"},{"vulnerability":"VCID-t6ye-yfrj-mkbt"},{"vulnerability":"VCID-txht-21mm-c3dt"},{"vulnerability":"VCID-unw7-2g9j-x7b5"},{"vulnerability":"VCID-xsga-gghy-e7f3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/weblate@2.0"},{"url":"http://public2.vulnerablecode.io/api/packages/9756?format=json","purl":"pkg:pypi/weblate@2.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4qdu-uag1-2yag"},{"vulnerability":"VCID-557t-6mjj-7kcr"},{"vulnerability":"VCID-5kzu-ehv1-t3au"},{"vulnerability":"VCID-9gh7-ge52-pkdt"},{"vulnerability":"VCID-a8w8-ykyv-kfbu"},{"vulnerability":"VCID-egrq-f6sp-3ke5"},{"vulnerability":"VCID-fesz-pv5h-c3e2"},{"vulnerability":"VCID-hdsr-3vyy-5bgh"},{"vulnerability":"VCID-hvg1-yhgu-m7ca"},{"vulnerability":"VCID-p2hq-a8xy-p3b9"},{"vulnerability":"VCID-t6ye-yfrj-mkbt"},{"vulnerability":"VCID-txht-21mm-c3dt"},{"vulnerability":"VCID-unw7-2g9j-x7b5"},{"vulnerability":"VCID-xsga-gghy-e7f3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/weblate@2.1"},{"url":"http://public2.vulnerablecode.io/api/packages/9757?format=json","purl":"pkg:pypi/weblate@2.2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4qdu-uag1-2yag"},{"vulnerability":"VCID-557t-6mjj-7kcr"},{"vulnerability":"VCID-5kzu-ehv1-t3au"},{"vulnerability":"VCID-9gh7-ge52-pkdt"},{"vulnerability":"VCID-a8w8-ykyv-kfbu"},{"vulnerability":"VCID-egrq-f6sp-3ke5"},{"vulnerability":"VCID-fesz-pv5h-c3e2"},{"vulnerability":"VCID-hdsr-3vyy-5bgh"},{"vulnerability":"VCID-hvg1-yhgu-m7ca"},{"vulnerability":"VCID-p2hq-a8xy-p3b9"},{"vulnerability":"VCID-t6ye-yfrj-mkbt"},{"vulnerability":"VCID-txht-21mm-c3dt"},{"vulnerability":"VCID-unw7-2g9j-x7b5"},{"vulnerability":"VCID-xsga-gghy-e7f3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/weblate@2.2"},{"url":"http://public2.vulnerablecode.io/api/packages/9758?format=json","purl":"pkg:pypi/weblate@2.3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4qdu-uag1-2yag"},{"vulnerability":"VCID-557t-6mjj-7kcr"},{"vulnerability":"VCID-5kzu-ehv1-t3au"},{"vulnerability":"VCID-9gh7-ge52-pkdt"},{"vulnerability":"VCID-a8w8-ykyv-kfbu"},{"vulnerability":"VCID-egrq-f6sp-3ke5"},{"vulnerability":"VCID-fesz-pv5h-c3e2"},{"vulnerability":"VCID-hdsr-3vyy-5bgh"},{"vulnerability":"VCID-hvg1-yhgu-m7ca"},{"vulnerability":"VCID-p2hq-a8xy-p3b9"},{"vulnerability":"VCID-t6ye-yfrj-mkbt"},{"vulnerability":"VCID-txht-21mm-c3dt"},{"vulnerability":"VCID-unw7-2g9j-x7b5"},{"vulnerability":"VCID-xsga-gghy-e7f3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/weblate@2.3"},{"url":"http://public2.vulnerablecode.io/api/packages/9759?format=json","purl":"pkg:pypi/weblate@2.4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4qdu-uag1-2yag"},{"vulnerability":"VCID-557t-6mjj-7kcr"},{"vulnerability":"VCID-5kzu-ehv1-t3au"},{"vulnerability":"VCID-9gh7-ge52-pkdt"},{"vulnerability":"VCID-a8w8-ykyv-kfbu"},{"vulnerability":"VCID-egrq-f6sp-3ke5"},{"vulnerability":"VCID-fesz-pv5h-c3e2"},{"vulnerability":"VCID-hdsr-3vyy-5bgh"},{"vulnerability":"VCID-hvg1-yhgu-m7ca"},{"vulnerability":"VCID-p2hq-a8xy-p3b9"},{"vulnerability":"VCID-t6ye-yfrj-mkbt"},{"vulnerability":"VCID-txht-21mm-c3dt"},{"vulnerability":"VCID-unw7-2g9j-x7b5"},{"vulnerability":"VCID-xsga-gghy-e7f3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/weblate@2.4"},{"url":"http://public2.vulnerablecode.io/api/packages/9760?format=json","purl":"pkg:pypi/weblate@2.5","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4qdu-uag1-2yag"},{"vulnerability":"VCID-557t-6mjj-7kcr"},{"vulnerability":"VCID-5kzu-ehv1-t3au"},{"vulnerability":"VCID-9gh7-ge52-pkdt"},{"vulnerability":"VCID-a8w8-ykyv-kfbu"},{"vulnerability":"VCID-egrq-f6sp-3ke5"},{"vulnerability":"VCID-fesz-pv5h-c3e2"},{"vulnerability":"VCID-hdsr-3vyy-5bgh"},{"vulnerability":"VCID-hvg1-yhgu-m7ca"},{"vulnerability":"VCID-p2hq-a8xy-p3b9"},{"vulnerability":"VCID-t6ye-yfrj-mkbt"},{"vulnerability":"VCID-txht-21mm-c3dt"},{"vulnerability":"VCID-unw7-2g9j-x7b5"},{"vulnerability":"VCID-xsga-gghy-e7f3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/weblate@2.5"},{"url":"http://public2.vulnerablecode.io/api/packages/9761?format=json","purl":"pkg:pypi/weblate@2.6","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4qdu-uag1-2yag"},{"vulnerability":"VCID-557t-6mjj-7kcr"},{"vulnerability":"VCID-5kzu-ehv1-t3au"},{"vulnerability":"VCID-9gh7-ge52-pkdt"},{"vulnerability":"VCID-a8w8-ykyv-kfbu"},{"vulnerability":"VCID-egrq-f6sp-3ke5"},{"vulnerability":"VCID-fesz-pv5h-c3e2"},{"vulnerability":"VCID-hdsr-3vyy-5bgh"},{"vulnerability":"VCID-hvg1-yhgu-m7ca"},{"vulnerability":"VCID-p2hq-a8xy-p3b9"},{"vulnerability":"VCID-t6ye-yfrj-mkbt"},{"vulnerability":"VCID-txht-21mm-c3dt"},{"vulnerability":"VCID-unw7-2g9j-x7b5"},{"vulnerability":"VCID-xsga-gghy-e7f3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/weblate@2.6"},{"url":"http://public2.vulnerablecode.io/api/packages/9762?format=json","purl":"pkg:pypi/weblate@2.7","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4qdu-uag1-2yag"},{"vulnerability":"VCID-557t-6mjj-7kcr"},{"vulnerability":"VCID-5kzu-ehv1-t3au"},{"vulnerability":"VCID-9gh7-ge52-pkdt"},{"vulnerability":"VCID-a8w8-ykyv-kfbu"},{"vulnerability":"VCID-egrq-f6sp-3ke5"},{"vulnerability":"VCID-fesz-pv5h-c3e2"},{"vulnerability":"VCID-hdsr-3vyy-5bgh"},{"vulnerability":"VCID-hvg1-yhgu-m7ca"},{"vulnerability":"VCID-p2hq-a8xy-p3b9"},{"vulnerability":"VCID-t6ye-yfrj-mkbt"},{"vulnerability":"VCID-txht-21mm-c3dt"},{"vulnerability":"VCID-unw7-2g9j-x7b5"},{"vulnerability":"VCID-xsga-gghy-e7f3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/weblate@2.7"},{"url":"http://public2.vulnerablecode.io/api/packages/9763?format=json","purl":"pkg:pypi/weblate@2.8","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4qdu-uag1-2yag"},{"vulnerability":"VCID-557t-6mjj-7kcr"},{"vulnerability":"VCID-5kzu-ehv1-t3au"},{"vulnerability":"VCID-9gh7-ge52-pkdt"},{"vulnerability":"VCID-a8w8-ykyv-kfbu"},{"vulnerability":"VCID-egrq-f6sp-3ke5"},{"vulnerability":"VCID-fesz-pv5h-c3e2"},{"vulnerability":"VCID-hdsr-3vyy-5bgh"},{"vulnerability":"VCID-hvg1-yhgu-m7ca"},{"vulnerability":"VCID-p2hq-a8xy-p3b9"},{"vulnerability":"VCID-t6ye-yfrj-mkbt"},{"vulnerability":"VCID-txht-21mm-c3dt"},{"vulnerability":"VCID-unw7-2g9j-x7b5"},{"vulnerability":"VCID-xsga-gghy-e7f3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/weblate@2.8"},{"url":"http://public2.vulnerablecode.io/api/packages/9764?format=json","purl":"pkg:pypi/weblate@2.9","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4qdu-uag1-2yag"},{"vulnerability":"VCID-557t-6mjj-7kcr"},{"vulnerability":"VCID-5kzu-ehv1-t3au"},{"vulnerability":"VCID-9gh7-ge52-pkdt"},{"vulnerability":"VCID-a8w8-ykyv-kfbu"},{"vulnerability":"VCID-egrq-f6sp-3ke5"},{"vulnerability":"VCID-fesz-pv5h-c3e2"},{"vulnerability":"VCID-hdsr-3vyy-5bgh"},{"vulnerability":"VCID-hvg1-yhgu-m7ca"},{"vulnerability":"VCID-p2hq-a8xy-p3b9"},{"vulnerability":"VCID-t6ye-yfrj-mkbt"},{"vulnerability":"VCID-txht-21mm-c3dt"},{"vulnerability":"VCID-unw7-2g9j-x7b5"},{"vulnerability":"VCID-xsga-gghy-e7f3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/weblate@2.9"},{"url":"http://public2.vulnerablecode.io/api/packages/9765?format=json","purl":"pkg:pypi/weblate@2.10","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4qdu-uag1-2yag"},{"vulnerability":"VCID-557t-6mjj-7kcr"},{"vulnerability":"VCID-5kzu-ehv1-t3au"},{"vulnerability":"VCID-9gh7-ge52-pkdt"},{"vulnerability":"VCID-a8w8-ykyv-kfbu"},{"vulnerability":"VCID-egrq-f6sp-3ke5"},{"vulnerability":"VCID-fesz-pv5h-c3e2"},{"vulnerability":"VCID-hdsr-3vyy-5bgh"},{"vulnerability":"VCID-hvg1-yhgu-m7ca"},{"vulnerability":"VCID-p2hq-a8xy-p3b9"},{"vulnerability":"VCID-t6ye-yfrj-mkbt"},{"vulnerability":"VCID-txht-21mm-c3dt"},{"vulnerability":"VCID-unw7-2g9j-x7b5"},{"vulnerability":"VCID-xsga-gghy-e7f3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/weblate@2.10"}],"references":[{"reference_url":"https://github.com/WeblateOrg/weblate/blob/weblate-2.10.1/docs/changes.rst","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/WeblateOrg/weblate/blob/weblate-2.10.1/docs/changes.rst"},{"reference_url":"https://github.com/WeblateOrg/weblate/commit/abe0d2a29a1d8e896bfe829c8461bf8b391f1079","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/WeblateOrg/weblate/commit/abe0d2a29a1d8e896bfe829c8461bf8b391f1079"},{"reference_url":"https://github.com/WeblateOrg/weblate/issues/1317","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/WeblateOrg/weblate/issues/1317"},{"reference_url":"http://www.openwall.com/lists/oss-security/2017/01/18/11","reference_id":"","reference_type":"","scores":[],"url":"http://www.openwall.com/lists/oss-security/2017/01/18/11"},{"reference_url":"http://www.openwall.com/lists/oss-security/2017/01/20/1","reference_id":"","reference_type":"","scores":[],"url":"http://www.openwall.com/lists/oss-security/2017/01/20/1"},{"reference_url":"http://www.securityfocus.com/bid/95676","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/95676"}],"weaknesses":[],"exploits":[],"severity_range_score":null,"exploitability":null,"weighted_severity":null,"risk_score":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-txht-21mm-c3dt"}