{
  "advisoryKey": "OSV-2025-PyPI-0001",
  "affectedPackages": [
    {
      "identifier": "pkg:pypi/requests",
      "platform": "PyPI",
      "provenance": [
        {
          "fieldMask": [],
          "kind": "affected",
          "recordedAt": "2025-01-08T06:30:00+00:00",
          "source": "osv",
          "value": "pkg:pypi/requests"
        }
      ],
      "statuses": [],
      "type": "semver",
      "versionRanges": [
        {
          "fixedVersion": "2.0.0",
          "introducedVersion": "0",
          "lastAffectedVersion": null,
          "primitives": {
            "evr": null,
            "hasVendorExtensions": false,
            "nevra": null,
            "semVer": {
              "constraintExpression": null,
              "fixed": "2.0.0",
              "fixedInclusive": false,
              "introduced": "0",
              "introducedInclusive": true,
              "lastAffected": null,
              "lastAffectedInclusive": true
            },
            "vendorExtensions": null
          },
          "provenance": {
            "fieldMask": [],
            "kind": "range",
            "recordedAt": "2025-01-08T06:30:00+00:00",
            "source": "osv",
            "value": "pkg:pypi/requests"
          },
          "rangeExpression": null,
          "rangeKind": "semver"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2025-114",
    "GHSA-4abc-4def-4ghi",
    "OSV-2025-PyPI-0001",
    "OSV-RELATED-PyPI-42"
  ],
  "cvssMetrics": [
    {
      "baseScore": 9.8,
      "baseSeverity": "critical",
      "provenance": {
        "fieldMask": [],
        "kind": "cvss",
        "recordedAt": "2025-01-08T06:30:00+00:00",
        "source": "osv",
        "value": "CVSS_V3"
      },
      "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
      "version": "3.1"
    }
  ],
  "exploitKnown": false,
  "language": "en",
  "modified": "2025-01-08T06:30:00+00:00",
  "provenance": [
    {
      "fieldMask": [],
      "kind": "document",
      "recordedAt": "2025-01-08T07:00:00+00:00",
      "source": "osv",
      "value": "https://osv.dev/vulnerability/OSV-2025-PyPI-0001"
    },
    {
      "fieldMask": [],
      "kind": "mapping",
      "recordedAt": "2025-01-08T06:30:00+00:00",
      "source": "osv",
      "value": "OSV-2025-PyPI-0001"
    }
  ],
  "published": "2025-01-05T12:00:00+00:00",
  "references": [
    {
      "kind": "advisory",
      "provenance": {
        "fieldMask": [],
        "kind": "reference",
        "recordedAt": "2025-01-08T06:30:00+00:00",
        "source": "osv",
        "value": "https://example.com/PyPI/advisory"
      },
      "sourceTag": "ADVISORY",
      "summary": null,
      "url": "https://example.com/PyPI/advisory"
    },
    {
      "kind": "patch",
      "provenance": {
        "fieldMask": [],
        "kind": "reference",
        "recordedAt": "2025-01-08T06:30:00+00:00",
        "source": "osv",
        "value": "https://example.com/PyPI/fix"
      },
      "sourceTag": "FIX",
      "summary": null,
      "url": "https://example.com/PyPI/fix"
    }
  ],
  "severity": "critical",
  "summary": "Detailed description for PyPI package requests.",
  "title": "PyPI package vulnerability"
}