Django REST framework

Lookup for vulnerabilities affecting packages.

Vulnerability_id VCID-amgw-7mt1-43dn

Summary python-keystoneclient version 0.2.3 to 0.2.5 has middleware memcache signing bypass

Aliases

alias	CVE-2013-2167

alias	GHSA-9vg3-cf92-h2h7

alias	PYSEC-2019-161

Fixed_packages

url pkg:pypi/python-keystoneclient@0.3.0

purl pkg:pypi/python-keystoneclient@0.3.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-7n2d-dh67-z7bv

vulnerability	VCID-e4fe-13v1-97e4

vulnerability	VCID-nkpc-cb73-47ez

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/python-keystoneclient@0.3.0

Affected_packages

url pkg:pypi/python-keystoneclient@0.2.3

purl pkg:pypi/python-keystoneclient@0.2.3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-7n2d-dh67-z7bv

vulnerability	VCID-93qq-6jdh-h3fg

vulnerability	VCID-amgw-7mt1-43dn

vulnerability	VCID-e4fe-13v1-97e4

vulnerability	VCID-nkpc-cb73-47ez

vulnerability	VCID-tp6c-xf5e-xkah

vulnerability	VCID-wudn-x7h6-7ffs

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/python-keystoneclient@0.2.3

url pkg:pypi/python-keystoneclient@0.2.4

purl pkg:pypi/python-keystoneclient@0.2.4

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-7n2d-dh67-z7bv

vulnerability	VCID-93qq-6jdh-h3fg

vulnerability	VCID-amgw-7mt1-43dn

vulnerability	VCID-e4fe-13v1-97e4

vulnerability	VCID-nkpc-cb73-47ez

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/python-keystoneclient@0.2.4

url pkg:pypi/python-keystoneclient@0.2.5

purl pkg:pypi/python-keystoneclient@0.2.5

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-7n2d-dh67-z7bv

vulnerability	VCID-93qq-6jdh-h3fg

vulnerability	VCID-amgw-7mt1-43dn

vulnerability	VCID-e4fe-13v1-97e4

vulnerability	VCID-nkpc-cb73-47ez

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/python-keystoneclient@0.2.5

References

reference_url	http://lists.fedoraproject.org/pipermail/package-announce/2013-August/113944.html
reference_id
reference_type
scores
url	http://lists.fedoraproject.org/pipermail/package-announce/2013-August/113944.html

reference_url	http://rhn.redhat.com/errata/RHSA-2013-0992.html
reference_id
reference_type
scores
url	http://rhn.redhat.com/errata/RHSA-2013-0992.html

reference_url	https://access.redhat.com/security/cve/cve-2013-2167
reference_id
reference_type
scores
url	https://access.redhat.com/security/cve/cve-2013-2167

reference_url	https://bugs.gentoo.org/show_bug.cgi?id=CVE-2013-2167
reference_id
reference_type
scores
url	https://bugs.gentoo.org/show_bug.cgi?id=CVE-2013-2167

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-2167
reference_id
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-2167

reference_url	https://exchange.xforce.ibmcloud.com/vulnerabilities/85492
reference_id
reference_type
scores
url	https://exchange.xforce.ibmcloud.com/vulnerabilities/85492

reference_url	https://github.com/advisories/GHSA-9vg3-cf92-h2h7
reference_id
reference_type
scores
url	https://github.com/advisories/GHSA-9vg3-cf92-h2h7

reference_url	https://security-tracker.debian.org/tracker/CVE-2013-2167
reference_id
reference_type
scores
url	https://security-tracker.debian.org/tracker/CVE-2013-2167

reference_url	http://www.openwall.com/lists/oss-security/2013/06/19/5
reference_id
reference_type
scores
url	http://www.openwall.com/lists/oss-security/2013/06/19/5

reference_url	http://www.securityfocus.com/bid/60680
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/60680

Weaknesses

Exploits

Severity_range_score null

Exploitability null

Weighted_severity null

Risk_score null

Resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-amgw-7mt1-43dn

Vulnerability Instance