Django REST framework

Lookup for vulnerable packages by Package URL.

Purl pkg:composer/cakephp/cakephp@3.2.9

Type composer

Namespace cakephp

Name cakephp

Version 3.2.9

Qualifiers

Subpath

Is_vulnerable true

Next_non_vulnerable_version 1.1.7+3363

Latest_non_vulnerable_version 5.3.1

Affected_by_vulnerabilities

url VCID-2ggf-ncwr-tkea

vulnerability_id VCID-2ggf-ncwr-tkea

summary

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2019-11458

reference_id

reference_type

scores

value	0.00527
scoring_system	epss
scoring_elements	0.67345
published_at	2026-05-30T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2019-11458

reference_url

https://bakery.cakephp.org/2019/04/23/cakephp_377_3615_3518_released.html

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://bakery.cakephp.org/2019/04/23/cakephp_377_3615_3518_released.html

reference_url

https://github.com/cakephp/cakephp

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/cakephp/cakephp

reference_url

https://github.com/cakephp/cakephp/commit/1a74e798309192a9895c9cedabd714ceee345f4e

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/cakephp/cakephp/commit/1a74e798309192a9895c9cedabd714ceee345f4e

reference_url

https://github.com/cakephp/cakephp/commit/81412fbe2cb88a304dbeeece1955bc0aec98edb1

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/cakephp/cakephp/commit/81412fbe2cb88a304dbeeece1955bc0aec98edb1

reference_url

https://github.com/cakephp/cakephp/commit/c25b91bf7c72db43c01b47a634fd02112ff9f1cd

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/cakephp/cakephp/commit/c25b91bf7c72db43c01b47a634fd02112ff9f1cd

reference_url

https://github.com/cakephp/cakephp/commits/master

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/cakephp/cakephp/commits/master

reference_url

https://github.com/cakephp/cakephp/compare/3.7.6...3.7.7

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/cakephp/cakephp/compare/3.7.6...3.7.7

reference_url

https://github.com/cakephp/cakephp/releases

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/cakephp/cakephp/releases

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2019-11458

reference_id

CVE-2019-11458

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2019-11458

reference_url

https://github.com/FriendsOfPHP/security-advisories/blob/master/cakephp/cakephp/CVE-2019-11458.yaml

reference_id

CVE-2019-11458.YAML

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/FriendsOfPHP/security-advisories/blob/master/cakephp/cakephp/CVE-2019-11458.yaml

reference_url

https://github.com/advisories/GHSA-qhrx-hcm6-pmrw

reference_id

GHSA-qhrx-hcm6-pmrw

reference_type

scores

value	HIGH
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-qhrx-hcm6-pmrw

fixed_packages

url	pkg:composer/cakephp/cakephp@3.5.18
purl	pkg:composer/cakephp/cakephp@3.5.18
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:composer/cakephp/cakephp@3.5.18

url	pkg:composer/cakephp/cakephp@3.6.15
purl	pkg:composer/cakephp/cakephp@3.6.15
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:composer/cakephp/cakephp@3.6.15

url	pkg:composer/cakephp/cakephp@3.7.7
purl	pkg:composer/cakephp/cakephp@3.7.7
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:composer/cakephp/cakephp@3.7.7

aliases CVE-2019-11458, GHSA-qhrx-hcm6-pmrw

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-2ggf-ncwr-tkea

Fixing_vulnerabilities

Risk_score 4.0

Resource_url http://public2.vulnerablecode.io/packages/pkg:composer/cakephp/cakephp@3.2.9

Package Instance