stella-ops.org/git.stella-ops.org
1
0
Fork 0
Code Issues Pull Requests Actions 1 Releases Wiki Activity
Files
6215a709e86e328458847c021c1b293aff137729
git.stella-ops.org/src/StellaOps.Feedser.Source.Osv.Tests/Fixtures/osv-pypi.snapshot.json

161 lines
4.3 KiB
JSON
Raw Blame History

{
"advisoryKey": "OSV-2025-PyPI-0001",
"affectedPackages": [
{
"type": "semver",
"identifier": "pkg:pypi/requests",
"platform": "PyPI",
"versionRanges": [
{
"fixedVersion": "2.0.0",
"introducedVersion": "0",
"lastAffectedVersion": null,
"primitives": {
"evr": null,
"hasVendorExtensions": false,
"nevra": null,
"semVer": {
"constraintExpression": null,
"exactValue": null,
"fixed": "2.0.0",
"fixedInclusive": false,
"introduced": "0",
"introducedInclusive": true,
"lastAffected": null,
"lastAffectedInclusive": true,
"style": "range"
},
"vendorExtensions": null
},
"provenance": {
"source": "osv",
"kind": "range",
"value": "pkg:pypi/requests",
"decisionReason": null,
"recordedAt": "2025-01-08T06:30:00+00:00",
"fieldMask": [
"affectedpackages[].versionranges[]"
]
},
"rangeExpression": null,
"rangeKind": "semver"
}
],
"normalizedVersions": [
{
"scheme": "semver",
"type": "range",
"min": "0",
"minInclusive": true,
"max": "2.0.0",
"maxInclusive": false,
"value": null,
"notes": "osv:PyPI:OSV-2025-PyPI-0001:pkg:pypi/requests"
}
],
"statuses": [],
"provenance": [
{
"source": "osv",
"kind": "affected",
"value": "pkg:pypi/requests",
"decisionReason": null,
"recordedAt": "2025-01-08T06:30:00+00:00",
"fieldMask": [
"affectedpackages[]"
]
}
]
}
],
"aliases": [
"CVE-2025-114",
"GHSA-4abc-4def-4ghi",
"OSV-2025-PyPI-0001",
"OSV-RELATED-PyPI-42"
],
"canonicalMetricId": "3.1|CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"credits": [],
"cvssMetrics": [
{
"baseScore": 9.8,
"baseSeverity": "critical",
"provenance": {
"source": "osv",
"kind": "cvss",
"value": "CVSS_V3",
"decisionReason": null,
"recordedAt": "2025-01-08T06:30:00+00:00",
"fieldMask": []
},
"vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
],
"cwes": [],
"description": "Detailed description for PyPI package requests.",
"exploitKnown": false,
"language": "en",
"modified": "2025-01-08T06:30:00+00:00",
"provenance": [
{
"source": "osv",
"kind": "document",
"value": "https://osv.dev/vulnerability/OSV-2025-PyPI-0001",
"decisionReason": null,
"recordedAt": "2025-01-08T07:00:00+00:00",
"fieldMask": [
"advisory"
]
},
{
"source": "osv",
"kind": "mapping",
"value": "OSV-2025-PyPI-0001",
"decisionReason": null,
"recordedAt": "2025-01-08T06:30:00+00:00",
"fieldMask": [
"advisory"
]
}
],
"published": "2025-01-05T12:00:00+00:00",
"references": [
{
"kind": "advisory",
"provenance": {
"source": "osv",
"kind": "reference",
"value": "https://example.com/PyPI/advisory",
"decisionReason": null,
"recordedAt": "2025-01-08T06:30:00+00:00",
"fieldMask": [
"references[]"
]
},
"sourceTag": "ADVISORY",
"summary": null,
"url": "https://example.com/PyPI/advisory"
},
{
"kind": "patch",
"provenance": {
"source": "osv",
"kind": "reference",
"value": "https://example.com/PyPI/fix",
"decisionReason": null,
"recordedAt": "2025-01-08T06:30:00+00:00",
"fieldMask": [
"references[]"
]
},
"sourceTag": "FIX",
"summary": null,
"url": "https://example.com/PyPI/fix"
}
],
"severity": "critical",
"summary": "Detailed description for PyPI package requests.",
"title": "PyPI package vulnerability"
}
Reference in New Issue View Git Blame Copy Permalink