Django REST framework

Lookup for vulnerable packages by Package URL.

Purl pkg:composer/ezsystems/ezpublish-legacy@2018.06.1

Type composer

Namespace ezsystems

Name ezpublish-legacy

Version 2018.06.1

Qualifiers

Subpath

Is_vulnerable true

Next_non_vulnerable_version 2018.06.1.4

Latest_non_vulnerable_version 2019.03.4.2

Affected_by_vulnerabilities

url VCID-2975-xhf4-ckcj

vulnerability_id VCID-2975-xhf4-ckcj

summary

Improper Access Control
Passwordless login for LDAP users

references

reference_url	http://share.ez.no/community-project/security-advisories/ezsa-2018-005-passwordless-login-for-ldap-users
reference_id
reference_type
scores
url	http://share.ez.no/community-project/security-advisories/ezsa-2018-005-passwordless-login-for-ldap-users

fixed_packages

url	pkg:composer/ezsystems/ezpublish-legacy@2018.6.1%2B3
purl	pkg:composer/ezsystems/ezpublish-legacy@2018.6.1%2B3
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:composer/ezsystems/ezpublish-legacy@2018.6.1%252B3

url	pkg:composer/ezsystems/ezpublish-legacy@2018.06.1.4
purl	pkg:composer/ezsystems/ezpublish-legacy@2018.06.1.4
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:composer/ezsystems/ezpublish-legacy@2018.06.1.4

aliases GMS-2018-65

risk_score null

exploitability 0.5

weighted_severity 0.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-2975-xhf4-ckcj

url VCID-eaqz-xw6f-6yeb

vulnerability_id VCID-eaqz-xw6f-6yeb

summary EZSA-2018-009 Do not interpret PHP/PHAR uploads

references

reference_url	http://share.ez.no/community-project/security-advisories/ezsa-2018-009-do-not-interpret-php-phar-uploads
reference_id
reference_type
scores
url	http://share.ez.no/community-project/security-advisories/ezsa-2018-009-do-not-interpret-php-phar-uploads

fixed_packages

url	pkg:composer/ezsystems/ezpublish-legacy@2018.06.1.4
purl	pkg:composer/ezsystems/ezpublish-legacy@2018.06.1.4
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:composer/ezsystems/ezpublish-legacy@2018.06.1.4

url pkg:composer/ezsystems/ezpublish-legacy@2019.3.0

purl pkg:composer/ezsystems/ezpublish-legacy@2019.3.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-6cyy-uhhk-63aa

vulnerability	VCID-qymv-b76a-2yh2

resource_url http://public2.vulnerablecode.io/packages/pkg:composer/ezsystems/ezpublish-legacy@2019.3.0

aliases GMS-2018-67

risk_score null

exploitability 0.5

weighted_severity 0.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-eaqz-xw6f-6yeb

url VCID-ufw5-emg4-cqd6

vulnerability_id VCID-ufw5-emg4-cqd6

summary EZSA-2018-006 XSS vulnerability in 'disabled module' error template

references

reference_url	http://share.ez.no/community-project/security-advisories/ezsa-2018-006-xss-vulnerability-in-disabled-module-error-template
reference_id
reference_type
scores
url	http://share.ez.no/community-project/security-advisories/ezsa-2018-006-xss-vulnerability-in-disabled-module-error-template

fixed_packages

url	pkg:composer/ezsystems/ezpublish-legacy@2018.6.1%2B4
purl	pkg:composer/ezsystems/ezpublish-legacy@2018.6.1%2B4
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:composer/ezsystems/ezpublish-legacy@2018.6.1%252B4

url	pkg:composer/ezsystems/ezpublish-legacy@2018.06.1.4
purl	pkg:composer/ezsystems/ezpublish-legacy@2018.06.1.4
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:composer/ezsystems/ezpublish-legacy@2018.06.1.4

url pkg:composer/ezsystems/ezpublish-legacy@2019.3.0

purl pkg:composer/ezsystems/ezpublish-legacy@2019.3.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-6cyy-uhhk-63aa

vulnerability	VCID-qymv-b76a-2yh2

resource_url http://public2.vulnerablecode.io/packages/pkg:composer/ezsystems/ezpublish-legacy@2019.3.0

aliases GMS-2018-66

risk_score null

exploitability 0.5

weighted_severity 0.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ufw5-emg4-cqd6

Fixing_vulnerabilities

Risk_score null

Resource_url http://public2.vulnerablecode.io/packages/pkg:composer/ezsystems/ezpublish-legacy@2018.06.1

Package Instance