Django REST framework

Lookup for vulnerabilities affecting packages.

Vulnerability_id VCID-cp9j-3948-mud8

Summary

Insufficient Entropy
Entropy is lost in the `TokenGenerator`.

Aliases

alias	GMS-2014-38

Fixed_packages

url pkg:composer/friendsofsymfony/user-bundle@1.3.0

purl pkg:composer/friendsofsymfony/user-bundle@1.3.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-ky5a-sata-5yf6

vulnerability	VCID-yyyq-za39-r3hh

resource_url http://public2.vulnerablecode.io/packages/pkg:composer/friendsofsymfony/user-bundle@1.3.0

Affected_packages

url pkg:composer/friendsofsymfony/user-bundle@1.2.0

purl pkg:composer/friendsofsymfony/user-bundle@1.2.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-98wp-9e1h-yfgg

vulnerability	VCID-cp9j-3948-mud8

vulnerability	VCID-fkq5-7t4p-jbdk

vulnerability	VCID-ky5a-sata-5yf6

vulnerability	VCID-nnxf-zbvz-1qdb

vulnerability	VCID-sv3j-tu9a-pucg

vulnerability	VCID-yyyq-za39-r3hh

resource_url http://public2.vulnerablecode.io/packages/pkg:composer/friendsofsymfony/user-bundle@1.2.0

url pkg:composer/friendsofsymfony/user-bundle@1.2.1

purl pkg:composer/friendsofsymfony/user-bundle@1.2.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-cp9j-3948-mud8

vulnerability	VCID-fkq5-7t4p-jbdk

vulnerability	VCID-ky5a-sata-5yf6

vulnerability	VCID-yyyq-za39-r3hh

resource_url http://public2.vulnerablecode.io/packages/pkg:composer/friendsofsymfony/user-bundle@1.2.1

url pkg:composer/friendsofsymfony/user-bundle@1.2.2

purl pkg:composer/friendsofsymfony/user-bundle@1.2.2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-cp9j-3948-mud8

vulnerability	VCID-fkq5-7t4p-jbdk

vulnerability	VCID-ky5a-sata-5yf6

vulnerability	VCID-yyyq-za39-r3hh

resource_url http://public2.vulnerablecode.io/packages/pkg:composer/friendsofsymfony/user-bundle@1.2.2

url pkg:composer/friendsofsymfony/user-bundle@1.2.3

purl pkg:composer/friendsofsymfony/user-bundle@1.2.3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-cp9j-3948-mud8

vulnerability	VCID-fkq5-7t4p-jbdk

vulnerability	VCID-ky5a-sata-5yf6

vulnerability	VCID-yyyq-za39-r3hh

resource_url http://public2.vulnerablecode.io/packages/pkg:composer/friendsofsymfony/user-bundle@1.2.3

url pkg:composer/friendsofsymfony/user-bundle@1.2.4

purl pkg:composer/friendsofsymfony/user-bundle@1.2.4

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-cp9j-3948-mud8

vulnerability	VCID-ky5a-sata-5yf6

vulnerability	VCID-yyyq-za39-r3hh

resource_url http://public2.vulnerablecode.io/packages/pkg:composer/friendsofsymfony/user-bundle@1.2.4

url pkg:composer/friendsofsymfony/user-bundle@1.2.5

purl pkg:composer/friendsofsymfony/user-bundle@1.2.5

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-cp9j-3948-mud8

vulnerability	VCID-yyyq-za39-r3hh

resource_url http://public2.vulnerablecode.io/packages/pkg:composer/friendsofsymfony/user-bundle@1.2.5

References

reference_url	https://symfony.com/blog/fosuserbundle-entropy-of-generated-tokens-is-lost
reference_id
reference_type
scores
url	https://symfony.com/blog/fosuserbundle-entropy-of-generated-tokens-is-lost

Weaknesses

Exploits

Severity_range_score null

Exploitability 0.5

Weighted_severity 0.0

Risk_score null

Resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-cp9j-3948-mud8

Vulnerability Instance