Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:composer/silverstripe/framework@3.5.5-rc1
Typecomposer
Namespacesilverstripe
Nameframework
Version3.5.5-rc1
Qualifiers
Subpath
Is_vulnerabletrue
Next_non_vulnerable_version5.3.23
Latest_non_vulnerable_version6.0.0-alpha1
Affected_by_vulnerabilities
0
url VCID-pffp-vtk7-pqby
vulnerability_id VCID-pffp-vtk7-pqby
summary 
silverstripe/framework sends passwords back to browsers under some circumstances
Under some circumstances a form may populate a PasswordField with submitted data, reflecting submitted data back to a user. The user will only see their own submissions for password data, which is not considered best practice. We are not aware of data leaks to other users, devices or sessions.
references
0
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/silverstripe/framework/SS-2018-013-1.yaml
reference_id
reference_type
scores
0
value 3.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:N
1
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/silverstripe/framework/SS-2018-013-1.yaml
1
reference_url https://github.com/silverstripe/silverstripe-framework
reference_id
reference_type
scores
0
value 3.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:N
1
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/silverstripe/silverstripe-framework
2
reference_url https://github.com/silverstripe/silverstripe-framework/commit/c28f411abd4837cdd9dbf87c4457976e678131cb
reference_id
reference_type
scores
0
value 3.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:N
1
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/silverstripe/silverstripe-framework/commit/c28f411abd4837cdd9dbf87c4457976e678131cb
3
reference_url https://github.com/silverstripe/silverstripe-framework/commit/f688bcb1a370e41df1b573a24fa3994b3895bacf
reference_id
reference_type
scores
0
value 3.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:N
1
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/silverstripe/silverstripe-framework/commit/f688bcb1a370e41df1b573a24fa3994b3895bacf
4
reference_url https://www.silverstripe.org/download/security-releases/ss-2018-013
reference_id
reference_type
scores
0
value 3.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:N
1
value LOW
scoring_system generic_textual
scoring_elements
url https://www.silverstripe.org/download/security-releases/ss-2018-013
5
reference_url https://github.com/advisories/GHSA-vh7q-j8p5-2h4h
reference_id GHSA-vh7q-j8p5-2h4h
reference_type
scores
0
value LOW
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-vh7q-j8p5-2h4h
fixed_packages
0
url pkg:composer/silverstripe/framework@3.7.0
purl pkg:composer/silverstripe/framework@3.7.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2f9j-ek3x-kbc5
1
vulnerability VCID-2rbk-47h6-d7d8
2
vulnerability VCID-4f9c-aun4-wfep
3
vulnerability VCID-4x32-t75c-u3bj
4
vulnerability VCID-5pkg-j4wg-7fcn
5
vulnerability VCID-6du5-hdvd-fueb
6
vulnerability VCID-6epx-c68d-d7bv
7
vulnerability VCID-7dk3-gcup-2kc9
8
vulnerability VCID-86yd-4mkt-hydr
9
vulnerability VCID-a3yc-fxa1-gfhy
10
vulnerability VCID-ajga-3b99-yugh
11
vulnerability VCID-axxx-gpfn-mqc9
12
vulnerability VCID-bdcq-z11u-zyh5
13
vulnerability VCID-cdgj-bdpy-ukak
14
vulnerability VCID-eddc-w9wx-c3gq
15
vulnerability VCID-enkd-4y44-4ueq
16
vulnerability VCID-fpb7-5pwu-tyg5
17
vulnerability VCID-fyxa-vzeq-ubeq
18
vulnerability VCID-kak1-btjp-kqgz
19
vulnerability VCID-kvhv-9fj5-7kgk
20
vulnerability VCID-kw9p-5fbc-hudg
21
vulnerability VCID-kxa8-dmva-ayff
22
vulnerability VCID-p2kq-rkh6-ayeu
23
vulnerability VCID-pq29-qe7h-tkcp
24
vulnerability VCID-qak9-2t7g-w3fv
25
vulnerability VCID-qm38-1cwk-b3hq
26
vulnerability VCID-tc2y-zrea-vyb2
27
vulnerability VCID-tm1s-2m92-uyh9
28
vulnerability VCID-u49v-31sv-eqc3
29
vulnerability VCID-yuer-yn1w-q3gw
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/silverstripe/framework@3.7.0
1
url pkg:composer/silverstripe/framework@4.0.4
purl pkg:composer/silverstripe/framework@4.0.4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2rbk-47h6-d7d8
1
vulnerability VCID-4f9c-aun4-wfep
2
vulnerability VCID-4x32-t75c-u3bj
3
vulnerability VCID-5pkg-j4wg-7fcn
4
vulnerability VCID-6du5-hdvd-fueb
5
vulnerability VCID-6epx-c68d-d7bv
6
vulnerability VCID-7dk3-gcup-2kc9
7
vulnerability VCID-86yd-4mkt-hydr
8
vulnerability VCID-a3yc-fxa1-gfhy
9
vulnerability VCID-ajga-3b99-yugh
10
vulnerability VCID-axxx-gpfn-mqc9
11
vulnerability VCID-bdcq-z11u-zyh5
12
vulnerability VCID-c75p-3hdz-q3b6
13
vulnerability VCID-cdgj-bdpy-ukak
14
vulnerability VCID-cfgg-fgjt-z3hn
15
vulnerability VCID-d5q3-jrdb-euav
16
vulnerability VCID-dc9y-v257-6bhf
17
vulnerability VCID-enkd-4y44-4ueq
18
vulnerability VCID-fpb7-5pwu-tyg5
19
vulnerability VCID-ftdr-uzuh-8ybc
20
vulnerability VCID-fyxa-vzeq-ubeq
21
vulnerability VCID-gme6-wj87-ekfw
22
vulnerability VCID-kak1-btjp-kqgz
23
vulnerability VCID-kd3t-2gzd-q3hq
24
vulnerability VCID-kgm4-g26x-gken
25
vulnerability VCID-kvhv-9fj5-7kgk
26
vulnerability VCID-kw9p-5fbc-hudg
27
vulnerability VCID-kxa8-dmva-ayff
28
vulnerability VCID-kxyq-vg6e-6uac
29
vulnerability VCID-m8w1-g9h9-vuce
30
vulnerability VCID-p2kq-rkh6-ayeu
31
vulnerability VCID-pq29-qe7h-tkcp
32
vulnerability VCID-qak9-2t7g-w3fv
33
vulnerability VCID-qjgf-hxng-j3g9
34
vulnerability VCID-qm38-1cwk-b3hq
35
vulnerability VCID-tc2y-zrea-vyb2
36
vulnerability VCID-u49v-31sv-eqc3
37
vulnerability VCID-ua49-snhx-dqa4
38
vulnerability VCID-w4fh-cpaq-nqat
39
vulnerability VCID-yuer-yn1w-q3gw
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/silverstripe/framework@4.0.4
2
url pkg:composer/silverstripe/framework@4.1.1
purl pkg:composer/silverstripe/framework@4.1.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2rbk-47h6-d7d8
1
vulnerability VCID-4f9c-aun4-wfep
2
vulnerability VCID-4x32-t75c-u3bj
3
vulnerability VCID-5pkg-j4wg-7fcn
4
vulnerability VCID-658d-vmwt-f7e8
5
vulnerability VCID-6du5-hdvd-fueb
6
vulnerability VCID-6epx-c68d-d7bv
7
vulnerability VCID-7dk3-gcup-2kc9
8
vulnerability VCID-86yd-4mkt-hydr
9
vulnerability VCID-a3yc-fxa1-gfhy
10
vulnerability VCID-ajga-3b99-yugh
11
vulnerability VCID-axxx-gpfn-mqc9
12
vulnerability VCID-bdcq-z11u-zyh5
13
vulnerability VCID-c75p-3hdz-q3b6
14
vulnerability VCID-cdgj-bdpy-ukak
15
vulnerability VCID-cfgg-fgjt-z3hn
16
vulnerability VCID-d5q3-jrdb-euav
17
vulnerability VCID-dc9y-v257-6bhf
18
vulnerability VCID-enkd-4y44-4ueq
19
vulnerability VCID-fpb7-5pwu-tyg5
20
vulnerability VCID-ftdr-uzuh-8ybc
21
vulnerability VCID-fyxa-vzeq-ubeq
22
vulnerability VCID-gme6-wj87-ekfw
23
vulnerability VCID-kak1-btjp-kqgz
24
vulnerability VCID-kd3t-2gzd-q3hq
25
vulnerability VCID-kgm4-g26x-gken
26
vulnerability VCID-kvhv-9fj5-7kgk
27
vulnerability VCID-kw9p-5fbc-hudg
28
vulnerability VCID-kxa8-dmva-ayff
29
vulnerability VCID-kxyq-vg6e-6uac
30
vulnerability VCID-m8w1-g9h9-vuce
31
vulnerability VCID-p2kq-rkh6-ayeu
32
vulnerability VCID-pq29-qe7h-tkcp
33
vulnerability VCID-qak9-2t7g-w3fv
34
vulnerability VCID-qjgf-hxng-j3g9
35
vulnerability VCID-qm38-1cwk-b3hq
36
vulnerability VCID-tc2y-zrea-vyb2
37
vulnerability VCID-u49v-31sv-eqc3
38
vulnerability VCID-ua49-snhx-dqa4
39
vulnerability VCID-w4fh-cpaq-nqat
40
vulnerability VCID-yuer-yn1w-q3gw
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/silverstripe/framework@4.1.1
aliases GHSA-vh7q-j8p5-2h4h
risk_score 1.6
exploitability 0.5
weighted_severity 3.1
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-pffp-vtk7-pqby
Fixing_vulnerabilities
Risk_score1.6
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:composer/silverstripe/framework@3.5.5-rc1