{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/36404?format=json","vulnerability_id":"VCID-4rp7-t37q-kff1","summary":"CairoSVG is an SVG converter based on Cairo, a 2D graphics library. Prior to version 2.7.0, Cairo can send requests to external hosts when processing SVG files. A malicious actor could send a specially crafted SVG file that allows them to perform a server-side request forgery or denial of service. Version 2.7.0 disables CairoSVG's ability to access other files online by default.","aliases":[{"alias":"CVE-2023-27586"},{"alias":"GHSA-rwmf-w63j-p7gv"},{"alias":"PYSEC-2023-9"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/32638?format=json","purl":"pkg:pypi/cairosvg@2.7.0","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/cairosvg@2.7.0"}],"affected_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/19533?format=json","purl":"pkg:pypi/cairosvg@0.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4rp7-t37q-kff1"},{"vulnerability":"VCID-kzys-kvs5-wqgv"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/cairosvg@0.1"},{"url":"http://public2.vulnerablecode.io/api/packages/19534?format=json","purl":"pkg:pypi/cairosvg@0.1.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4rp7-t37q-kff1"},{"vulnerability":"VCID-kzys-kvs5-wqgv"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/cairosvg@0.1.1"},{"url":"http://public2.vulnerablecode.io/api/packages/19535?format=json","purl":"pkg:pypi/cairosvg@0.1.2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4rp7-t37q-kff1"},{"vulnerability":"VCID-kzys-kvs5-wqgv"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/cairosvg@0.1.2"},{"url":"http://public2.vulnerablecode.io/api/packages/19536?format=json","purl":"pkg:pypi/cairosvg@0.2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4rp7-t37q-kff1"},{"vulnerability":"VCID-kzys-kvs5-wqgv"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/cairosvg@0.2"},{"url":"http://public2.vulnerablecode.io/api/packages/19537?format=json","purl":"pkg:pypi/cairosvg@0.3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4rp7-t37q-kff1"},{"vulnerability":"VCID-kzys-kvs5-wqgv"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/cairosvg@0.3"},{"url":"http://public2.vulnerablecode.io/api/packages/19538?format=json","purl":"pkg:pypi/cairosvg@0.3.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4rp7-t37q-kff1"},{"vulnerability":"VCID-kzys-kvs5-wqgv"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/cairosvg@0.3.1"},{"url":"http://public2.vulnerablecode.io/api/packages/19539?format=json","purl":"pkg:pypi/cairosvg@0.4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4rp7-t37q-kff1"},{"vulnerability":"VCID-kzys-kvs5-wqgv"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/cairosvg@0.4"},{"url":"http://public2.vulnerablecode.io/api/packages/19540?format=json","purl":"pkg:pypi/cairosvg@0.4.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4rp7-t37q-kff1"},{"vulnerability":"VCID-kzys-kvs5-wqgv"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/cairosvg@0.4.1"},{"url":"http://public2.vulnerablecode.io/api/packages/19541?format=json","purl":"pkg:pypi/cairosvg@0.4.2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4rp7-t37q-kff1"},{"vulnerability":"VCID-kzys-kvs5-wqgv"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/cairosvg@0.4.2"},{"url":"http://public2.vulnerablecode.io/api/packages/19542?format=json","purl":"pkg:pypi/cairosvg@0.4.3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4rp7-t37q-kff1"},{"vulnerability":"VCID-kzys-kvs5-wqgv"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/cairosvg@0.4.3"},{"url":"http://public2.vulnerablecode.io/api/packages/19543?format=json","purl":"pkg:pypi/cairosvg@0.4.4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4rp7-t37q-kff1"},{"vulnerability":"VCID-kzys-kvs5-wqgv"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/cairosvg@0.4.4"},{"url":"http://public2.vulnerablecode.io/api/packages/19544?format=json","purl":"pkg:pypi/cairosvg@0.5","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4rp7-t37q-kff1"},{"vulnerability":"VCID-kzys-kvs5-wqgv"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/cairosvg@0.5"},{"url":"http://public2.vulnerablecode.io/api/packages/19545?format=json","purl":"pkg:pypi/cairosvg@1.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4rp7-t37q-kff1"},{"vulnerability":"VCID-kzys-kvs5-wqgv"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/cairosvg@1.0"},{"url":"http://public2.vulnerablecode.io/api/packages/19546?format=json","purl":"pkg:pypi/cairosvg@1.0.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4rp7-t37q-kff1"},{"vulnerability":"VCID-kzys-kvs5-wqgv"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/cairosvg@1.0.1"},{"url":"http://public2.vulnerablecode.io/api/packages/19547?format=json","purl":"pkg:pypi/cairosvg@1.0.2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4rp7-t37q-kff1"},{"vulnerability":"VCID-kzys-kvs5-wqgv"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/cairosvg@1.0.2"},{"url":"http://public2.vulnerablecode.io/api/packages/19548?format=json","purl":"pkg:pypi/cairosvg@1.0.3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4rp7-t37q-kff1"},{"vulnerability":"VCID-kzys-kvs5-wqgv"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/cairosvg@1.0.3"},{"url":"http://public2.vulnerablecode.io/api/packages/19549?format=json","purl":"pkg:pypi/cairosvg@1.0.4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4rp7-t37q-kff1"},{"vulnerability":"VCID-kzys-kvs5-wqgv"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/cairosvg@1.0.4"},{"url":"http://public2.vulnerablecode.io/api/packages/19550?format=json","purl":"pkg:pypi/cairosvg@1.0.5","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4rp7-t37q-kff1"},{"vulnerability":"VCID-kzys-kvs5-wqgv"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/cairosvg@1.0.5"},{"url":"http://public2.vulnerablecode.io/api/packages/19551?format=json","purl":"pkg:pypi/cairosvg@1.0.6","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4rp7-t37q-kff1"},{"vulnerability":"VCID-kzys-kvs5-wqgv"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/cairosvg@1.0.6"},{"url":"http://public2.vulnerablecode.io/api/packages/19552?format=json","purl":"pkg:pypi/cairosvg@1.0.7","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4rp7-t37q-kff1"},{"vulnerability":"VCID-kzys-kvs5-wqgv"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/cairosvg@1.0.7"},{"url":"http://public2.vulnerablecode.io/api/packages/19553?format=json","purl":"pkg:pypi/cairosvg@1.0.8","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4rp7-t37q-kff1"},{"vulnerability":"VCID-kzys-kvs5-wqgv"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/cairosvg@1.0.8"},{"url":"http://public2.vulnerablecode.io/api/packages/19554?format=json","purl":"pkg:pypi/cairosvg@1.0.9","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4rp7-t37q-kff1"},{"vulnerability":"VCID-kzys-kvs5-wqgv"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/cairosvg@1.0.9"},{"url":"http://public2.vulnerablecode.io/api/packages/19555?format=json","purl":"pkg:pypi/cairosvg@1.0.10","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4rp7-t37q-kff1"},{"vulnerability":"VCID-kzys-kvs5-wqgv"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/cairosvg@1.0.10"},{"url":"http://public2.vulnerablecode.io/api/packages/19556?format=json","purl":"pkg:pypi/cairosvg@1.0.11","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4rp7-t37q-kff1"},{"vulnerability":"VCID-kzys-kvs5-wqgv"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/cairosvg@1.0.11"},{"url":"http://public2.vulnerablecode.io/api/packages/19557?format=json","purl":"pkg:pypi/cairosvg@1.0.12","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4rp7-t37q-kff1"},{"vulnerability":"VCID-kzys-kvs5-wqgv"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/cairosvg@1.0.12"},{"url":"http://public2.vulnerablecode.io/api/packages/19558?format=json","purl":"pkg:pypi/cairosvg@1.0.13","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4rp7-t37q-kff1"},{"vulnerability":"VCID-kzys-kvs5-wqgv"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/cairosvg@1.0.13"},{"url":"http://public2.vulnerablecode.io/api/packages/19559?format=json","purl":"pkg:pypi/cairosvg@1.0.14","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4rp7-t37q-kff1"},{"vulnerability":"VCID-kzys-kvs5-wqgv"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/cairosvg@1.0.14"},{"url":"http://public2.vulnerablecode.io/api/packages/19560?format=json","purl":"pkg:pypi/cairosvg@1.0.15","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4rp7-t37q-kff1"},{"vulnerability":"VCID-kzys-kvs5-wqgv"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/cairosvg@1.0.15"},{"url":"http://public2.vulnerablecode.io/api/packages/19561?format=json","purl":"pkg:pypi/cairosvg@1.0.16","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4rp7-t37q-kff1"},{"vulnerability":"VCID-kzys-kvs5-wqgv"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/cairosvg@1.0.16"},{"url":"http://public2.vulnerablecode.io/api/packages/19562?format=json","purl":"pkg:pypi/cairosvg@1.0.17","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4rp7-t37q-kff1"},{"vulnerability":"VCID-kzys-kvs5-wqgv"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/cairosvg@1.0.17"},{"url":"http://public2.vulnerablecode.io/api/packages/19563?format=json","purl":"pkg:pypi/cairosvg@1.0.18","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4rp7-t37q-kff1"},{"vulnerability":"VCID-kzys-kvs5-wqgv"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/cairosvg@1.0.18"},{"url":"http://public2.vulnerablecode.io/api/packages/19564?format=json","purl":"pkg:pypi/cairosvg@1.0.19","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4rp7-t37q-kff1"},{"vulnerability":"VCID-kzys-kvs5-wqgv"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/cairosvg@1.0.19"},{"url":"http://public2.vulnerablecode.io/api/packages/19565?format=json","purl":"pkg:pypi/cairosvg@1.0.20","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4rp7-t37q-kff1"},{"vulnerability":"VCID-kzys-kvs5-wqgv"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/cairosvg@1.0.20"},{"url":"http://public2.vulnerablecode.io/api/packages/19566?format=json","purl":"pkg:pypi/cairosvg@1.0.21","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4rp7-t37q-kff1"},{"vulnerability":"VCID-kzys-kvs5-wqgv"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/cairosvg@1.0.21"},{"url":"http://public2.vulnerablecode.io/api/packages/19567?format=json","purl":"pkg:pypi/cairosvg@1.0.22","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4rp7-t37q-kff1"},{"vulnerability":"VCID-kzys-kvs5-wqgv"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/cairosvg@1.0.22"},{"url":"http://public2.vulnerablecode.io/api/packages/19568?format=json","purl":"pkg:pypi/cairosvg@2.0.0rc1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4rp7-t37q-kff1"},{"vulnerability":"VCID-kzys-kvs5-wqgv"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/cairosvg@2.0.0rc1"},{"url":"http://public2.vulnerablecode.io/api/packages/19569?format=json","purl":"pkg:pypi/cairosvg@2.0.0rc2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4rp7-t37q-kff1"},{"vulnerability":"VCID-kzys-kvs5-wqgv"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/cairosvg@2.0.0rc2"},{"url":"http://public2.vulnerablecode.io/api/packages/19570?format=json","purl":"pkg:pypi/cairosvg@2.0.0rc3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4rp7-t37q-kff1"},{"vulnerability":"VCID-kzys-kvs5-wqgv"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/cairosvg@2.0.0rc3"},{"url":"http://public2.vulnerablecode.io/api/packages/19571?format=json","purl":"pkg:pypi/cairosvg@2.0.0rc4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4rp7-t37q-kff1"},{"vulnerability":"VCID-kzys-kvs5-wqgv"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/cairosvg@2.0.0rc4"},{"url":"http://public2.vulnerablecode.io/api/packages/19572?format=json","purl":"pkg:pypi/cairosvg@2.0.0rc5","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4rp7-t37q-kff1"},{"vulnerability":"VCID-kzys-kvs5-wqgv"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/cairosvg@2.0.0rc5"},{"url":"http://public2.vulnerablecode.io/api/packages/19573?format=json","purl":"pkg:pypi/cairosvg@2.0.0rc6","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4rp7-t37q-kff1"},{"vulnerability":"VCID-kzys-kvs5-wqgv"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/cairosvg@2.0.0rc6"},{"url":"http://public2.vulnerablecode.io/api/packages/19574?format=json","purl":"pkg:pypi/cairosvg@2.0.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4rp7-t37q-kff1"},{"vulnerability":"VCID-kzys-kvs5-wqgv"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/cairosvg@2.0.0"},{"url":"http://public2.vulnerablecode.io/api/packages/19575?format=json","purl":"pkg:pypi/cairosvg@2.0.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4rp7-t37q-kff1"},{"vulnerability":"VCID-kzys-kvs5-wqgv"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/cairosvg@2.0.1"},{"url":"http://public2.vulnerablecode.io/api/packages/19576?format=json","purl":"pkg:pypi/cairosvg@2.0.2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4rp7-t37q-kff1"},{"vulnerability":"VCID-kzys-kvs5-wqgv"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/cairosvg@2.0.2"},{"url":"http://public2.vulnerablecode.io/api/packages/19577?format=json","purl":"pkg:pypi/cairosvg@2.0.3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4rp7-t37q-kff1"},{"vulnerability":"VCID-kzys-kvs5-wqgv"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/cairosvg@2.0.3"},{"url":"http://public2.vulnerablecode.io/api/packages/19578?format=json","purl":"pkg:pypi/cairosvg@2.1.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4rp7-t37q-kff1"},{"vulnerability":"VCID-kzys-kvs5-wqgv"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/cairosvg@2.1.0"},{"url":"http://public2.vulnerablecode.io/api/packages/19579?format=json","purl":"pkg:pypi/cairosvg@2.1.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4rp7-t37q-kff1"},{"vulnerability":"VCID-kzys-kvs5-wqgv"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/cairosvg@2.1.1"},{"url":"http://public2.vulnerablecode.io/api/packages/19580?format=json","purl":"pkg:pypi/cairosvg@2.1.2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4rp7-t37q-kff1"},{"vulnerability":"VCID-kzys-kvs5-wqgv"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/cairosvg@2.1.2"},{"url":"http://public2.vulnerablecode.io/api/packages/19581?format=json","purl":"pkg:pypi/cairosvg@2.1.3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4rp7-t37q-kff1"},{"vulnerability":"VCID-kzys-kvs5-wqgv"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/cairosvg@2.1.3"},{"url":"http://public2.vulnerablecode.io/api/packages/19582?format=json","purl":"pkg:pypi/cairosvg@2.2.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4rp7-t37q-kff1"},{"vulnerability":"VCID-kzys-kvs5-wqgv"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/cairosvg@2.2.0"},{"url":"http://public2.vulnerablecode.io/api/packages/19583?format=json","purl":"pkg:pypi/cairosvg@2.2.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4rp7-t37q-kff1"},{"vulnerability":"VCID-kzys-kvs5-wqgv"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/cairosvg@2.2.1"},{"url":"http://public2.vulnerablecode.io/api/packages/19584?format=json","purl":"pkg:pypi/cairosvg@2.3.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4rp7-t37q-kff1"},{"vulnerability":"VCID-kzys-kvs5-wqgv"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/cairosvg@2.3.0"},{"url":"http://public2.vulnerablecode.io/api/packages/19585?format=json","purl":"pkg:pypi/cairosvg@2.3.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4rp7-t37q-kff1"},{"vulnerability":"VCID-kzys-kvs5-wqgv"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/cairosvg@2.3.1"},{"url":"http://public2.vulnerablecode.io/api/packages/19586?format=json","purl":"pkg:pypi/cairosvg@2.4.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4rp7-t37q-kff1"},{"vulnerability":"VCID-kzys-kvs5-wqgv"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/cairosvg@2.4.0"},{"url":"http://public2.vulnerablecode.io/api/packages/19587?format=json","purl":"pkg:pypi/cairosvg@2.4.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4rp7-t37q-kff1"},{"vulnerability":"VCID-kzys-kvs5-wqgv"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/cairosvg@2.4.1"},{"url":"http://public2.vulnerablecode.io/api/packages/19588?format=json","purl":"pkg:pypi/cairosvg@2.4.2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4rp7-t37q-kff1"},{"vulnerability":"VCID-kzys-kvs5-wqgv"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/cairosvg@2.4.2"},{"url":"http://public2.vulnerablecode.io/api/packages/19589?format=json","purl":"pkg:pypi/cairosvg@2.5.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4rp7-t37q-kff1"},{"vulnerability":"VCID-kzys-kvs5-wqgv"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/cairosvg@2.5.0"},{"url":"http://public2.vulnerablecode.io/api/packages/19590?format=json","purl":"pkg:pypi/cairosvg@2.5.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4rp7-t37q-kff1"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/cairosvg@2.5.1"},{"url":"http://public2.vulnerablecode.io/api/packages/32636?format=json","purl":"pkg:pypi/cairosvg@2.5.2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4rp7-t37q-kff1"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/cairosvg@2.5.2"},{"url":"http://public2.vulnerablecode.io/api/packages/32637?format=json","purl":"pkg:pypi/cairosvg@2.6.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4rp7-t37q-kff1"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/cairosvg@2.6.0"}],"references":[{"reference_url":"https://github.com/Kozea/CairoSVG","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/Kozea/CairoSVG"},{"reference_url":"https://github.com/Kozea/CairoSVG/commit/12d31c653c0254fa9d9853f66b04ea46e7397255","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/Kozea/CairoSVG/commit/12d31c653c0254fa9d9853f66b04ea46e7397255"},{"reference_url":"https://github.com/Kozea/CairoSVG/commit/33007d4af9195e2bfb2ff9af064c4c2d8e4b2b53","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/Kozea/CairoSVG/commit/33007d4af9195e2bfb2ff9af064c4c2d8e4b2b53"},{"reference_url":"https://github.com/Kozea/CairoSVG/releases/tag/2.7.0","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/Kozea/CairoSVG/releases/tag/2.7.0"},{"reference_url":"https://github.com/Kozea/CairoSVG/security/advisories/GHSA-rwmf-w63j-p7gv","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/Kozea/CairoSVG/security/advisories/GHSA-rwmf-w63j-p7gv"},{"reference_url":"https://github.com/pypa/advisory-database/tree/main/vulns/cairosvg/PYSEC-2023-9.yaml","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/pypa/advisory-database/tree/main/vulns/cairosvg/PYSEC-2023-9.yaml"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2023-27586","reference_id":"CVE-2023-27586","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2023-27586"},{"reference_url":"https://github.com/advisories/GHSA-rwmf-w63j-p7gv","reference_id":"GHSA-rwmf-w63j-p7gv","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-rwmf-w63j-p7gv"}],"weaknesses":[{"cwe_id":20,"name":"Improper Input Validation","description":"The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly."},{"cwe_id":918,"name":"Server-Side Request Forgery (SSRF)","description":"The web server receives a URL or similar request from an upstream component and retrieves the contents of this URL, but it does not sufficiently ensure that the request is being sent to the expected destination."},{"cwe_id":937,"name":"OWASP Top Ten 2013 Category A9 - Using Components with Known Vulnerabilities","description":"Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2013."},{"cwe_id":1035,"name":"OWASP Top Ten 2017 Category A9 - Using Components with Known Vulnerabilities","description":"Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2017."}],"exploits":[],"severity_range_score":null,"exploitability":null,"weighted_severity":null,"risk_score":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-4rp7-t37q-kff1"}