Django REST framework

Lookup for vulnerabilities affecting packages.

Vulnerability_id VCID-6kj4-zf2a-dyc2

Summary SaltStack RSA Key Generation allows remote users to decrypt communications

Aliases

alias	CVE-2013-2228

alias	GHSA-gq26-cpq6-w85r

Fixed_packages

url pkg:pypi/salt@0.15.1

purl pkg:pypi/salt@0.15.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2ds7-ga65-r3b6

vulnerability	VCID-2h9s-fgnc-1qeg

vulnerability	VCID-3xs9-ym4e-fyag

vulnerability	VCID-47u4-vdsp-c3ct

vulnerability	VCID-48tt-fe7z-ybfb

vulnerability	VCID-58p2-6c4u-tybp

vulnerability	VCID-5hr1-5aec-43h3

vulnerability	VCID-5w26-jb3k-u3b7

vulnerability	VCID-65p4-5x86-y3fj

vulnerability	VCID-6cfw-9xe8-43d6

vulnerability	VCID-6qhe-17nn-7fc1

vulnerability	VCID-7mam-gwcp-8kdm

vulnerability	VCID-8ghn-kbm9-sfas

vulnerability	VCID-8jkp-8ngh-9bcd

vulnerability	VCID-8mpz-ke16-fbej

vulnerability	VCID-a8kw-uehx-xfg5

vulnerability	VCID-az3x-2atn-pqh4

vulnerability	VCID-bxh1-y9mk-3ygg

vulnerability	VCID-byz4-ynsr-kbec

vulnerability	VCID-ce2x-ehyk-nufk

vulnerability	VCID-cubj-wrbp-1qbu

vulnerability	VCID-e6kv-phwy-vfef

vulnerability	VCID-e8qc-mktf-gyam

vulnerability	VCID-ew62-nxq6-fudr

vulnerability	VCID-gafc-bb59-9yhb

vulnerability	VCID-h4tm-9wqz-1qge

vulnerability	VCID-hgv6-czxs-cfbc

vulnerability	VCID-j5th-837s-fkft

vulnerability	VCID-jbea-m4ak-tqd7

vulnerability	VCID-jyxg-h3a9-8ygv

vulnerability	VCID-k1gu-khda-jyeb

vulnerability	VCID-kapu-yvhn-ybhw

vulnerability	VCID-mbpz-g2vs-tqc1

vulnerability	VCID-neby-tsrt-ryg5

vulnerability	VCID-nehw-r7zm-j7bb

vulnerability	VCID-p4xa-ks7v-wbay

vulnerability	VCID-qgqk-f1g2-7fbz

vulnerability	VCID-reer-fk1f-tkbj

vulnerability	VCID-saff-gz5j-8kex

vulnerability	VCID-u5sa-wp1e-wyhg

vulnerability	VCID-uwr9-v56j-cuak

vulnerability	VCID-v345-m7e1-aue2

vulnerability	VCID-v43a-k2bg-wkbz

vulnerability	VCID-w2qv-hbsf-xyfh

vulnerability	VCID-xccs-pwhb-nuce

vulnerability	VCID-xfnm-yvm9-73az

vulnerability	VCID-znn9-qud3-wqat

vulnerability	VCID-zter-3e3b-7yfb

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/salt@0.15.1

Affected_packages

References

reference_url	https://bugs.gentoo.org/show_bug.cgi?id=CVE-2013-2228
reference_id
reference_type
scores
url	https://bugs.gentoo.org/show_bug.cgi?id=CVE-2013-2228

reference_url	https://bugzilla.suse.com/show_bug.cgi?id=CVE-2013-2228
reference_id
reference_type
scores
url	https://bugzilla.suse.com/show_bug.cgi?id=CVE-2013-2228

reference_url	https://exchange.xforce.ibmcloud.com/vulnerabilities/85372
reference_id
reference_type
scores
url	https://exchange.xforce.ibmcloud.com/vulnerabilities/85372

reference_url	https://nvd.nist.gov/vuln/detail/CVE-2013-2228
reference_id	CVE-2013-2228
reference_type
scores
url	https://nvd.nist.gov/vuln/detail/CVE-2013-2228

reference_url	https://security-tracker.debian.org/tracker/CVE-2013-2228
reference_id	CVE-2013-2228
reference_type
scores
url	https://security-tracker.debian.org/tracker/CVE-2013-2228

reference_url	https://github.com/advisories/GHSA-gq26-cpq6-w85r
reference_id	GHSA-gq26-cpq6-w85r
reference_type
scores
url	https://github.com/advisories/GHSA-gq26-cpq6-w85r

Weaknesses

cwe_id	307
name	Improper Restriction of Excessive Authentication Attempts
description	The product does not implement sufficient measures to prevent multiple failed authentication attempts within a short time frame, making it more susceptible to brute force attacks.

cwe_id	937
name	OWASP Top Ten 2013 Category A9 - Using Components with Known Vulnerabilities
description	Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2013.

cwe_id	1035
name	OWASP Top Ten 2017 Category A9 - Using Components with Known Vulnerabilities
description	Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2017.

Exploits

Severity_range_score null

Exploitability null

Weighted_severity null

Risk_score null

Resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-6kj4-zf2a-dyc2

Vulnerability Instance