Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:composer/silverstripe/framework@3.5.0-alpha0
Typecomposer
Namespacesilverstripe
Nameframework
Version3.5.0-alpha0
Qualifiers
Subpath
Is_vulnerabletrue
Next_non_vulnerable_version5.3.23
Latest_non_vulnerable_version6.0.0-alpha1
Affected_by_vulnerabilities
0
url VCID-ya8k-c5s5-47gx
vulnerability_id VCID-ya8k-c5s5-47gx
summary 
XSS In page name
SilverStripe is vulnerable to XSS via the page name. For instance, page name `"><svg/onload=alert(/xss/)>` will trigger an XSS alert.
references
0
reference_url https://github.com/silverstripe/silverstripe-framework/commit/c6c6c13fc265aeedf5de7226b3cde39d185ba49d
reference_id
reference_type
scores
url https://github.com/silverstripe/silverstripe-framework/commit/c6c6c13fc265aeedf5de7226b3cde39d185ba49d
1
reference_url https://www.silverstripe.org/download/security-releases/ss-2017-001/
reference_id
reference_type
scores
url https://www.silverstripe.org/download/security-releases/ss-2017-001/
fixed_packages
0
url pkg:composer/silverstripe/framework@3.5.2-rc1
purl pkg:composer/silverstripe/framework@3.5.2-rc1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2f9j-ek3x-kbc5
1
vulnerability VCID-2rbk-47h6-d7d8
2
vulnerability VCID-3ydp-barm-5ya1
3
vulnerability VCID-414d-7bfm-kud7
4
vulnerability VCID-4f9c-aun4-wfep
5
vulnerability VCID-4x32-t75c-u3bj
6
vulnerability VCID-5pkg-j4wg-7fcn
7
vulnerability VCID-6du5-hdvd-fueb
8
vulnerability VCID-6epx-c68d-d7bv
9
vulnerability VCID-71cx-seqr-3fh5
10
vulnerability VCID-7dk3-gcup-2kc9
11
vulnerability VCID-86yd-4mkt-hydr
12
vulnerability VCID-a3yc-fxa1-gfhy
13
vulnerability VCID-ab5z-bqka-xudb
14
vulnerability VCID-ajga-3b99-yugh
15
vulnerability VCID-axxx-gpfn-mqc9
16
vulnerability VCID-bdcq-z11u-zyh5
17
vulnerability VCID-bmqt-5ybj-kuf6
18
vulnerability VCID-c3vp-kc9a-vkhn
19
vulnerability VCID-cdgj-bdpy-ukak
20
vulnerability VCID-eddc-w9wx-c3gq
21
vulnerability VCID-enkd-4y44-4ueq
22
vulnerability VCID-ete7-tupf-63c9
23
vulnerability VCID-fpb7-5pwu-tyg5
24
vulnerability VCID-fyxa-vzeq-ubeq
25
vulnerability VCID-g3kz-796v-4qf1
26
vulnerability VCID-j9tk-b3hv-q3c1
27
vulnerability VCID-kak1-btjp-kqgz
28
vulnerability VCID-kdyk-rrrr-pufw
29
vulnerability VCID-kh99-kpkt-pqdq
30
vulnerability VCID-kvhv-9fj5-7kgk
31
vulnerability VCID-kw9p-5fbc-hudg
32
vulnerability VCID-kxa8-dmva-ayff
33
vulnerability VCID-p2kq-rkh6-ayeu
34
vulnerability VCID-pq29-qe7h-tkcp
35
vulnerability VCID-qm38-1cwk-b3hq
36
vulnerability VCID-tc2y-zrea-vyb2
37
vulnerability VCID-tm1s-2m92-uyh9
38
vulnerability VCID-tzmx-hfk2-7ufr
39
vulnerability VCID-u49v-31sv-eqc3
40
vulnerability VCID-v116-gayp-mbfu
41
vulnerability VCID-yuer-yn1w-q3gw
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/silverstripe/framework@3.5.2-rc1
aliases SS-2017-001
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ya8k-c5s5-47gx
Fixing_vulnerabilities
Risk_scorenull
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:composer/silverstripe/framework@3.5.0-alpha0