Django REST framework

Lookup for vulnerabilities affecting packages.

Vulnerability_id VCID-a66r-mw9c-cqdq

Summary

Cross-site Scripting
The `loadString` function does not escape SVG properly, which can be used to inject arbitrary elements into the DOM via the `_transformMeasurements` function.

Aliases

alias	CVE-2020-7750

alias	GHSA-j977-g5vj-j27g

Fixed_packages

url pkg:npm/scratch-svg-renderer@0.2.0-prerelease.20201019174008

purl pkg:npm/scratch-svg-renderer@0.2.0-prerelease.20201019174008

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5qvp-xz5x-jbg8

vulnerability	VCID-a66r-mw9c-cqdq

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/scratch-svg-renderer@0.2.0-prerelease.20201019174008

Affected_packages

url pkg:npm/scratch-svg-renderer@0.1.0

purl pkg:npm/scratch-svg-renderer@0.1.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5qvp-xz5x-jbg8

vulnerability	VCID-a66r-mw9c-cqdq

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/scratch-svg-renderer@0.1.0

url pkg:npm/scratch-svg-renderer@0.2.0-prerelease.20180605154326

purl pkg:npm/scratch-svg-renderer@0.2.0-prerelease.20180605154326

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5qvp-xz5x-jbg8

vulnerability	VCID-a66r-mw9c-cqdq

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/scratch-svg-renderer@0.2.0-prerelease.20180605154326

url pkg:npm/scratch-svg-renderer@0.2.0-prerelease.20180607141644

purl pkg:npm/scratch-svg-renderer@0.2.0-prerelease.20180607141644

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5qvp-xz5x-jbg8

vulnerability	VCID-a66r-mw9c-cqdq

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/scratch-svg-renderer@0.2.0-prerelease.20180607141644

url pkg:npm/scratch-svg-renderer@0.2.0-prerelease.20180613184320

purl pkg:npm/scratch-svg-renderer@0.2.0-prerelease.20180613184320

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5qvp-xz5x-jbg8

vulnerability	VCID-a66r-mw9c-cqdq

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/scratch-svg-renderer@0.2.0-prerelease.20180613184320

url pkg:npm/scratch-svg-renderer@0.2.0-prerelease.20180618172917

purl pkg:npm/scratch-svg-renderer@0.2.0-prerelease.20180618172917

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5qvp-xz5x-jbg8

vulnerability	VCID-a66r-mw9c-cqdq

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/scratch-svg-renderer@0.2.0-prerelease.20180618172917

url pkg:npm/scratch-svg-renderer@0.2.0-prerelease.20180711180400

purl pkg:npm/scratch-svg-renderer@0.2.0-prerelease.20180711180400

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5qvp-xz5x-jbg8

vulnerability	VCID-a66r-mw9c-cqdq

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/scratch-svg-renderer@0.2.0-prerelease.20180711180400

url pkg:npm/scratch-svg-renderer@0.2.0-prerelease.20180712223402

purl pkg:npm/scratch-svg-renderer@0.2.0-prerelease.20180712223402

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5qvp-xz5x-jbg8

vulnerability	VCID-a66r-mw9c-cqdq

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/scratch-svg-renderer@0.2.0-prerelease.20180712223402

url pkg:npm/scratch-svg-renderer@0.2.0-prerelease.20180817005452

purl pkg:npm/scratch-svg-renderer@0.2.0-prerelease.20180817005452

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5qvp-xz5x-jbg8

vulnerability	VCID-a66r-mw9c-cqdq

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/scratch-svg-renderer@0.2.0-prerelease.20180817005452

url pkg:npm/scratch-svg-renderer@0.2.0-prerelease.20180821210632

purl pkg:npm/scratch-svg-renderer@0.2.0-prerelease.20180821210632

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5qvp-xz5x-jbg8

vulnerability	VCID-a66r-mw9c-cqdq

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/scratch-svg-renderer@0.2.0-prerelease.20180821210632

url pkg:npm/scratch-svg-renderer@0.2.0-prerelease.20180907141232

purl pkg:npm/scratch-svg-renderer@0.2.0-prerelease.20180907141232

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5qvp-xz5x-jbg8

vulnerability	VCID-a66r-mw9c-cqdq

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/scratch-svg-renderer@0.2.0-prerelease.20180907141232

url pkg:npm/scratch-svg-renderer@0.2.0-prerelease.20180926143036

purl pkg:npm/scratch-svg-renderer@0.2.0-prerelease.20180926143036

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5qvp-xz5x-jbg8

vulnerability	VCID-a66r-mw9c-cqdq

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/scratch-svg-renderer@0.2.0-prerelease.20180926143036

url pkg:npm/scratch-svg-renderer@0.2.0-prerelease.20181017193458

purl pkg:npm/scratch-svg-renderer@0.2.0-prerelease.20181017193458

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5qvp-xz5x-jbg8

vulnerability	VCID-a66r-mw9c-cqdq

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/scratch-svg-renderer@0.2.0-prerelease.20181017193458

url pkg:npm/scratch-svg-renderer@0.2.0-prerelease.20181024192149

purl pkg:npm/scratch-svg-renderer@0.2.0-prerelease.20181024192149

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5qvp-xz5x-jbg8

vulnerability	VCID-a66r-mw9c-cqdq

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/scratch-svg-renderer@0.2.0-prerelease.20181024192149

url pkg:npm/scratch-svg-renderer@0.2.0-prerelease.20181101210634

purl pkg:npm/scratch-svg-renderer@0.2.0-prerelease.20181101210634

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5qvp-xz5x-jbg8

vulnerability	VCID-a66r-mw9c-cqdq

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/scratch-svg-renderer@0.2.0-prerelease.20181101210634

url pkg:npm/scratch-svg-renderer@0.2.0-prerelease.20181126212715

purl pkg:npm/scratch-svg-renderer@0.2.0-prerelease.20181126212715

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5qvp-xz5x-jbg8

vulnerability	VCID-a66r-mw9c-cqdq

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/scratch-svg-renderer@0.2.0-prerelease.20181126212715

url pkg:npm/scratch-svg-renderer@0.2.0-prerelease.20181212190400

purl pkg:npm/scratch-svg-renderer@0.2.0-prerelease.20181212190400

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5qvp-xz5x-jbg8

vulnerability	VCID-a66r-mw9c-cqdq

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/scratch-svg-renderer@0.2.0-prerelease.20181212190400

url pkg:npm/scratch-svg-renderer@0.2.0-prerelease.20181212222326

purl pkg:npm/scratch-svg-renderer@0.2.0-prerelease.20181212222326

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5qvp-xz5x-jbg8

vulnerability	VCID-a66r-mw9c-cqdq

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/scratch-svg-renderer@0.2.0-prerelease.20181212222326

url pkg:npm/scratch-svg-renderer@0.2.0-prerelease.20181212230607

purl pkg:npm/scratch-svg-renderer@0.2.0-prerelease.20181212230607

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5qvp-xz5x-jbg8

vulnerability	VCID-a66r-mw9c-cqdq

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/scratch-svg-renderer@0.2.0-prerelease.20181212230607

url pkg:npm/scratch-svg-renderer@0.2.0-prerelease.20181213165142

purl pkg:npm/scratch-svg-renderer@0.2.0-prerelease.20181213165142

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5qvp-xz5x-jbg8

vulnerability	VCID-a66r-mw9c-cqdq

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/scratch-svg-renderer@0.2.0-prerelease.20181213165142

url pkg:npm/scratch-svg-renderer@0.2.0-prerelease.20181213192400

purl pkg:npm/scratch-svg-renderer@0.2.0-prerelease.20181213192400

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5qvp-xz5x-jbg8

vulnerability	VCID-a66r-mw9c-cqdq

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/scratch-svg-renderer@0.2.0-prerelease.20181213192400

url pkg:npm/scratch-svg-renderer@0.2.0-prerelease.20181218153528

purl pkg:npm/scratch-svg-renderer@0.2.0-prerelease.20181218153528

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5qvp-xz5x-jbg8

vulnerability	VCID-a66r-mw9c-cqdq

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/scratch-svg-renderer@0.2.0-prerelease.20181218153528

url pkg:npm/scratch-svg-renderer@0.2.0-prerelease.20181220183040

purl pkg:npm/scratch-svg-renderer@0.2.0-prerelease.20181220183040

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5qvp-xz5x-jbg8

vulnerability	VCID-a66r-mw9c-cqdq

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/scratch-svg-renderer@0.2.0-prerelease.20181220183040

url pkg:npm/scratch-svg-renderer@0.2.0-prerelease.20190109201344

purl pkg:npm/scratch-svg-renderer@0.2.0-prerelease.20190109201344

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5qvp-xz5x-jbg8

vulnerability	VCID-a66r-mw9c-cqdq

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/scratch-svg-renderer@0.2.0-prerelease.20190109201344

url pkg:npm/scratch-svg-renderer@0.2.0-prerelease.20190110205335

purl pkg:npm/scratch-svg-renderer@0.2.0-prerelease.20190110205335

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5qvp-xz5x-jbg8

vulnerability	VCID-a66r-mw9c-cqdq

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/scratch-svg-renderer@0.2.0-prerelease.20190110205335

url pkg:npm/scratch-svg-renderer@0.2.0-prerelease.20190125192231

purl pkg:npm/scratch-svg-renderer@0.2.0-prerelease.20190125192231

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5qvp-xz5x-jbg8

vulnerability	VCID-a66r-mw9c-cqdq

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/scratch-svg-renderer@0.2.0-prerelease.20190125192231

url pkg:npm/scratch-svg-renderer@0.2.0-prerelease.20190304180800

purl pkg:npm/scratch-svg-renderer@0.2.0-prerelease.20190304180800

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5qvp-xz5x-jbg8

vulnerability	VCID-a66r-mw9c-cqdq

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/scratch-svg-renderer@0.2.0-prerelease.20190304180800

url pkg:npm/scratch-svg-renderer@0.2.0-prerelease.20190329052730

purl pkg:npm/scratch-svg-renderer@0.2.0-prerelease.20190329052730

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5qvp-xz5x-jbg8

vulnerability	VCID-a66r-mw9c-cqdq

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/scratch-svg-renderer@0.2.0-prerelease.20190329052730

url pkg:npm/scratch-svg-renderer@0.2.0-prerelease.20190419183947

purl pkg:npm/scratch-svg-renderer@0.2.0-prerelease.20190419183947

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5qvp-xz5x-jbg8

vulnerability	VCID-a66r-mw9c-cqdq

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/scratch-svg-renderer@0.2.0-prerelease.20190419183947

url pkg:npm/scratch-svg-renderer@0.2.0-prerelease.20190521170426

purl pkg:npm/scratch-svg-renderer@0.2.0-prerelease.20190521170426

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5qvp-xz5x-jbg8

vulnerability	VCID-a66r-mw9c-cqdq

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/scratch-svg-renderer@0.2.0-prerelease.20190521170426

url pkg:npm/scratch-svg-renderer@0.2.0-prerelease.20190523193400

purl pkg:npm/scratch-svg-renderer@0.2.0-prerelease.20190523193400

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5qvp-xz5x-jbg8

vulnerability	VCID-a66r-mw9c-cqdq

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/scratch-svg-renderer@0.2.0-prerelease.20190523193400

url pkg:npm/scratch-svg-renderer@0.2.0-prerelease.20190715144718

purl pkg:npm/scratch-svg-renderer@0.2.0-prerelease.20190715144718

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5qvp-xz5x-jbg8

vulnerability	VCID-a66r-mw9c-cqdq

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/scratch-svg-renderer@0.2.0-prerelease.20190715144718

url pkg:npm/scratch-svg-renderer@0.2.0-prerelease.20190715153806

purl pkg:npm/scratch-svg-renderer@0.2.0-prerelease.20190715153806

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5qvp-xz5x-jbg8

vulnerability	VCID-a66r-mw9c-cqdq

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/scratch-svg-renderer@0.2.0-prerelease.20190715153806

url pkg:npm/scratch-svg-renderer@0.2.0-prerelease.20190820171249

purl pkg:npm/scratch-svg-renderer@0.2.0-prerelease.20190820171249

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5qvp-xz5x-jbg8

vulnerability	VCID-a66r-mw9c-cqdq

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/scratch-svg-renderer@0.2.0-prerelease.20190820171249

url pkg:npm/scratch-svg-renderer@0.2.0-prerelease.20190822193232

purl pkg:npm/scratch-svg-renderer@0.2.0-prerelease.20190822193232

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5qvp-xz5x-jbg8

vulnerability	VCID-a66r-mw9c-cqdq

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/scratch-svg-renderer@0.2.0-prerelease.20190822193232

url pkg:npm/scratch-svg-renderer@0.2.0-prerelease.20190822202608

purl pkg:npm/scratch-svg-renderer@0.2.0-prerelease.20190822202608

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5qvp-xz5x-jbg8

vulnerability	VCID-a66r-mw9c-cqdq

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/scratch-svg-renderer@0.2.0-prerelease.20190822202608

url pkg:npm/scratch-svg-renderer@0.2.0-prerelease.20191031221353

purl pkg:npm/scratch-svg-renderer@0.2.0-prerelease.20191031221353

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5qvp-xz5x-jbg8

vulnerability	VCID-a66r-mw9c-cqdq

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/scratch-svg-renderer@0.2.0-prerelease.20191031221353

url pkg:npm/scratch-svg-renderer@0.2.0-prerelease.20191104164753

purl pkg:npm/scratch-svg-renderer@0.2.0-prerelease.20191104164753

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5qvp-xz5x-jbg8

vulnerability	VCID-a66r-mw9c-cqdq

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/scratch-svg-renderer@0.2.0-prerelease.20191104164753

url pkg:npm/scratch-svg-renderer@0.2.0-prerelease.20191217211338

purl pkg:npm/scratch-svg-renderer@0.2.0-prerelease.20191217211338

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5qvp-xz5x-jbg8

vulnerability	VCID-a66r-mw9c-cqdq

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/scratch-svg-renderer@0.2.0-prerelease.20191217211338

url pkg:npm/scratch-svg-renderer@0.2.0-prerelease.20200103191258

purl pkg:npm/scratch-svg-renderer@0.2.0-prerelease.20200103191258

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5qvp-xz5x-jbg8

vulnerability	VCID-a66r-mw9c-cqdq

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/scratch-svg-renderer@0.2.0-prerelease.20200103191258

url pkg:npm/scratch-svg-renderer@0.2.0-prerelease.20200103211543

purl pkg:npm/scratch-svg-renderer@0.2.0-prerelease.20200103211543

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5qvp-xz5x-jbg8

vulnerability	VCID-a66r-mw9c-cqdq

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/scratch-svg-renderer@0.2.0-prerelease.20200103211543

url pkg:npm/scratch-svg-renderer@0.2.0-prerelease.20200109070519

purl pkg:npm/scratch-svg-renderer@0.2.0-prerelease.20200109070519

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5qvp-xz5x-jbg8

vulnerability	VCID-a66r-mw9c-cqdq

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/scratch-svg-renderer@0.2.0-prerelease.20200109070519

url pkg:npm/scratch-svg-renderer@0.2.0-prerelease.20200205003215

purl pkg:npm/scratch-svg-renderer@0.2.0-prerelease.20200205003215

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5qvp-xz5x-jbg8

vulnerability	VCID-a66r-mw9c-cqdq

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/scratch-svg-renderer@0.2.0-prerelease.20200205003215

url pkg:npm/scratch-svg-renderer@0.2.0-prerelease.20200205003400

purl pkg:npm/scratch-svg-renderer@0.2.0-prerelease.20200205003400

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5qvp-xz5x-jbg8

vulnerability	VCID-a66r-mw9c-cqdq

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/scratch-svg-renderer@0.2.0-prerelease.20200205003400

url pkg:npm/scratch-svg-renderer@0.2.0-prerelease.20200507183648

purl pkg:npm/scratch-svg-renderer@0.2.0-prerelease.20200507183648

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5qvp-xz5x-jbg8

vulnerability	VCID-a66r-mw9c-cqdq

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/scratch-svg-renderer@0.2.0-prerelease.20200507183648

url pkg:npm/scratch-svg-renderer@0.2.0-prerelease.20200604203226

purl pkg:npm/scratch-svg-renderer@0.2.0-prerelease.20200604203226

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5qvp-xz5x-jbg8

vulnerability	VCID-a66r-mw9c-cqdq

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/scratch-svg-renderer@0.2.0-prerelease.20200604203226

url pkg:npm/scratch-svg-renderer@0.2.0-prerelease.20200609210443

purl pkg:npm/scratch-svg-renderer@0.2.0-prerelease.20200609210443

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5qvp-xz5x-jbg8

vulnerability	VCID-a66r-mw9c-cqdq

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/scratch-svg-renderer@0.2.0-prerelease.20200609210443

url pkg:npm/scratch-svg-renderer@0.2.0-prerelease.20200610220938

purl pkg:npm/scratch-svg-renderer@0.2.0-prerelease.20200610220938

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5qvp-xz5x-jbg8

vulnerability	VCID-a66r-mw9c-cqdq

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/scratch-svg-renderer@0.2.0-prerelease.20200610220938

url pkg:npm/scratch-svg-renderer@0.2.0-prerelease.20201008203328

purl pkg:npm/scratch-svg-renderer@0.2.0-prerelease.20201008203328

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5qvp-xz5x-jbg8

vulnerability	VCID-a66r-mw9c-cqdq

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/scratch-svg-renderer@0.2.0-prerelease.20201008203328

url pkg:npm/scratch-svg-renderer@0.2.0-prerelease.20201009194722

purl pkg:npm/scratch-svg-renderer@0.2.0-prerelease.20201009194722

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5qvp-xz5x-jbg8

vulnerability	VCID-a66r-mw9c-cqdq

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/scratch-svg-renderer@0.2.0-prerelease.20201009194722

url pkg:npm/scratch-svg-renderer@0.2.0-prerelease.20201009195807

purl pkg:npm/scratch-svg-renderer@0.2.0-prerelease.20201009195807

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5qvp-xz5x-jbg8

vulnerability	VCID-a66r-mw9c-cqdq

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/scratch-svg-renderer@0.2.0-prerelease.20201009195807

url pkg:npm/scratch-svg-renderer@0.2.0-prerelease.20201009202925

purl pkg:npm/scratch-svg-renderer@0.2.0-prerelease.20201009202925

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5qvp-xz5x-jbg8

vulnerability	VCID-a66r-mw9c-cqdq

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/scratch-svg-renderer@0.2.0-prerelease.20201009202925

url pkg:npm/scratch-svg-renderer@0.2.0-prerelease.20201009211507

purl pkg:npm/scratch-svg-renderer@0.2.0-prerelease.20201009211507

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5qvp-xz5x-jbg8

vulnerability	VCID-a66r-mw9c-cqdq

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/scratch-svg-renderer@0.2.0-prerelease.20201009211507

url pkg:npm/scratch-svg-renderer@0.2.0-prerelease.20201011114003

purl pkg:npm/scratch-svg-renderer@0.2.0-prerelease.20201011114003

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5qvp-xz5x-jbg8

vulnerability	VCID-a66r-mw9c-cqdq

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/scratch-svg-renderer@0.2.0-prerelease.20201011114003

url pkg:npm/scratch-svg-renderer@0.2.0-prerelease.20201012151417

purl pkg:npm/scratch-svg-renderer@0.2.0-prerelease.20201012151417

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5qvp-xz5x-jbg8

vulnerability	VCID-a66r-mw9c-cqdq

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/scratch-svg-renderer@0.2.0-prerelease.20201012151417

url pkg:npm/scratch-svg-renderer@0.2.0-prerelease.20201013123302

purl pkg:npm/scratch-svg-renderer@0.2.0-prerelease.20201013123302

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5qvp-xz5x-jbg8

vulnerability	VCID-a66r-mw9c-cqdq

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/scratch-svg-renderer@0.2.0-prerelease.20201013123302

url pkg:npm/scratch-svg-renderer@0.2.0-prerelease.20201013184332

purl pkg:npm/scratch-svg-renderer@0.2.0-prerelease.20201013184332

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5qvp-xz5x-jbg8

vulnerability	VCID-a66r-mw9c-cqdq

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/scratch-svg-renderer@0.2.0-prerelease.20201013184332

url pkg:npm/scratch-svg-renderer@0.2.0-prerelease.20201014105708

purl pkg:npm/scratch-svg-renderer@0.2.0-prerelease.20201014105708

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5qvp-xz5x-jbg8

vulnerability	VCID-a66r-mw9c-cqdq

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/scratch-svg-renderer@0.2.0-prerelease.20201014105708

url pkg:npm/scratch-svg-renderer@0.2.0-prerelease.20201014130133

purl pkg:npm/scratch-svg-renderer@0.2.0-prerelease.20201014130133

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5qvp-xz5x-jbg8

vulnerability	VCID-a66r-mw9c-cqdq

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/scratch-svg-renderer@0.2.0-prerelease.20201014130133

url pkg:npm/scratch-svg-renderer@0.2.0-prerelease.20201014145347

purl pkg:npm/scratch-svg-renderer@0.2.0-prerelease.20201014145347

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5qvp-xz5x-jbg8

vulnerability	VCID-a66r-mw9c-cqdq

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/scratch-svg-renderer@0.2.0-prerelease.20201014145347

url pkg:npm/scratch-svg-renderer@0.2.0-prerelease.20201015122106

purl pkg:npm/scratch-svg-renderer@0.2.0-prerelease.20201015122106

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5qvp-xz5x-jbg8

vulnerability	VCID-a66r-mw9c-cqdq

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/scratch-svg-renderer@0.2.0-prerelease.20201015122106

url pkg:npm/scratch-svg-renderer@0.2.0-prerelease.20201015135047

purl pkg:npm/scratch-svg-renderer@0.2.0-prerelease.20201015135047

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5qvp-xz5x-jbg8

vulnerability	VCID-a66r-mw9c-cqdq

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/scratch-svg-renderer@0.2.0-prerelease.20201015135047

url pkg:npm/scratch-svg-renderer@0.2.0-prerelease.20201015194358

purl pkg:npm/scratch-svg-renderer@0.2.0-prerelease.20201015194358

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5qvp-xz5x-jbg8

vulnerability	VCID-a66r-mw9c-cqdq

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/scratch-svg-renderer@0.2.0-prerelease.20201015194358

url pkg:npm/scratch-svg-renderer@0.2.0-prerelease.20201016121710

purl pkg:npm/scratch-svg-renderer@0.2.0-prerelease.20201016121710

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5qvp-xz5x-jbg8

vulnerability	VCID-a66r-mw9c-cqdq

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/scratch-svg-renderer@0.2.0-prerelease.20201016121710

url pkg:npm/scratch-svg-renderer@0.2.0-prerelease.20201019174008

purl pkg:npm/scratch-svg-renderer@0.2.0-prerelease.20201019174008

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5qvp-xz5x-jbg8

vulnerability	VCID-a66r-mw9c-cqdq

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/scratch-svg-renderer@0.2.0-prerelease.20201019174008

url pkg:npm/scratch-svg-renderer@0.2.0

purl pkg:npm/scratch-svg-renderer@0.2.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5qvp-xz5x-jbg8

vulnerability	VCID-a66r-mw9c-cqdq

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/scratch-svg-renderer@0.2.0

References

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2020-7750

reference_id

reference_type

scores

value	0.06179
scoring_system	epss
scoring_elements	0.90999
published_at	2026-06-04T12:55:00Z

value	0.06179
scoring_system	epss
scoring_elements	0.91008
published_at	2026-06-07T12:55:00Z

value	0.06179
scoring_system	epss
scoring_elements	0.91013
published_at	2026-06-05T12:55:00Z

value	0.06179
scoring_system	epss
scoring_elements	0.91011
published_at	2026-06-06T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2020-7750

reference_url

https://github.com/LLK/scratch-svg-renderer/commit/9ebf57588aa596c4fa3bb64209e10ade395aee90

reference_id

reference_type

scores

value	9.6
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/LLK/scratch-svg-renderer/commit/9ebf57588aa596c4fa3bb64209e10ade395aee90

reference_url

https://snyk.io/vuln/SNYK-JS-SCRATCHSVGRENDERER-1020497

reference_id

reference_type

scores

value	9.6
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://snyk.io/vuln/SNYK-JS-SCRATCHSVGRENDERER-1020497

reference_url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/webapps/50079.txt
reference_id	CVE-2020-7750
reference_type	exploit
scores
url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/webapps/50079.txt

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2020-7750

reference_id

CVE-2020-7750

reference_type

scores

value	9.6
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2020-7750

reference_url

https://github.com/advisories/GHSA-j977-g5vj-j27g

reference_id

GHSA-j977-g5vj-j27g

reference_type

scores

value	HIGH
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-j977-g5vj-j27g

Weaknesses

cwe_id	1035
name	OWASP Top Ten 2017 Category A9 - Using Components with Known Vulnerabilities
description	Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2017.

cwe_id	79
name	Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
description	The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users.

cwe_id	937
name	OWASP Top Ten 2013 Category A9 - Using Components with Known Vulnerabilities
description	Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2013.

Exploits

date_added	2021-07-02
description	Scratch Desktop 3.17 - Remote Code Execution
required_action	`null`
due_date	`null`
notes	`null`
known_ransomware_campaign_use	`false`
source_date_published	2021-07-02
exploit_type	webapps
platform	multiple
source_date_updated	2021-10-29
data_source	Exploit-DB
source_url

Severity_range_score 7.0 - 9.6

Exploitability 2.0

Weighted_severity 8.6

Risk_score 10.0

Resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-a66r-mw9c-cqdq

Vulnerability Instance