Django REST framework

Lookup for vulnerable packages by Package URL.

Purl pkg:composer/doctrine/orm@2.0.0

Type composer

Namespace doctrine

Name orm

Version 2.0.0

Qualifiers

Subpath

Is_vulnerable true

Next_non_vulnerable_version 2.0.3

Latest_non_vulnerable_version 2.8.4

Affected_by_vulnerabilities

url VCID-58ju-4qx6-tka5

vulnerability_id VCID-58ju-4qx6-tka5

summary

SQL Injection in doctrine orm
Multiple SQL injection vulnerabilities in the `Doctrine\DBAL\Platforms\AbstractPlatform::modifyLimitQuery` function in Doctrine 1.x before 1.2.4 and 2.x before 2.0.3 allow remote attackers to execute arbitrary SQL commands via the (1) limit or (2) offset field.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2011-1522

reference_id

reference_type

scores

value	0.00605
scoring_system	epss
scoring_elements	0.69963
published_at	2026-05-30T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2011-1522

reference_url	https://web.archive.org/web/20120315064147/https://www.doctrine-project.org/blog/doctrine-security-fix.html
reference_id
reference_type
scores
url	https://web.archive.org/web/20120315064147/https://www.doctrine-project.org/blog/doctrine-security-fix.html

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=622674
reference_id	622674
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=622674

reference_url	https://nvd.nist.gov/vuln/detail/CVE-2011-1522
reference_id	CVE-2011-1522
reference_type
scores
url	https://nvd.nist.gov/vuln/detail/CVE-2011-1522

fixed_packages

url pkg:composer/doctrine/orm@2.1.3

purl pkg:composer/doctrine/orm@2.1.3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-pt1n-7yfb-a7d4

resource_url http://public2.vulnerablecode.io/packages/pkg:composer/doctrine/orm@2.1.3

aliases CVE-2011-1522

risk_score null

exploitability 0.5

weighted_severity 0.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-58ju-4qx6-tka5

url VCID-pt1n-7yfb-a7d4

vulnerability_id VCID-pt1n-7yfb-a7d4

summary

Security Misconfiguration Vulnerability
Doctrine uses `mkdir($cacheDirectory )` to create caches directories. if your application runs with a umask of

references

reference_url

http://framework.zend.com/security/advisory/ZF2015-07

reference_id

reference_type

scores

value	7.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

http://framework.zend.com/security/advisory/ZF2015-07

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2015-5723

reference_id

reference_type

scores

value	0.00033
scoring_system	epss
scoring_elements	0.10276
published_at	2026-05-30T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2015-5723

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5723
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5723

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7695
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7695

reference_url

https://framework.zend.com/security/advisory/ZF2015-07

reference_id

reference_type

scores

value	7.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://framework.zend.com/security/advisory/ZF2015-07

reference_url

https://github.com/aws/aws-sdk-php/releases/tag/3.2.1

reference_id

reference_type

scores

value	7.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/aws/aws-sdk-php/releases/tag/3.2.1

reference_url

https://github.com/FriendsOfPHP/security-advisories/blob/master/aws/aws-sdk-php/CVE-2015-5723.yaml

reference_id

reference_type

scores

value	7.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/FriendsOfPHP/security-advisories/blob/master/aws/aws-sdk-php/CVE-2015-5723.yaml

reference_url

https://github.com/FriendsOfPHP/security-advisories/blob/master/doctrine/cache/CVE-2015-5723.yaml

reference_id

reference_type

scores

value	7.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/FriendsOfPHP/security-advisories/blob/master/doctrine/cache/CVE-2015-5723.yaml

reference_url

https://github.com/FriendsOfPHP/security-advisories/blob/master/doctrine/orm/CVE-2015-5723.yaml

reference_id

reference_type

scores

value	7.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/FriendsOfPHP/security-advisories/blob/master/doctrine/orm/CVE-2015-5723.yaml

reference_url

https://github.com/FriendsOfPHP/security-advisories/blob/master/zendframework/zend-cache/CVE-2015-5723.yaml

reference_id

reference_type

scores

value	7.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/FriendsOfPHP/security-advisories/blob/master/zendframework/zend-cache/CVE-2015-5723.yaml

reference_url

https://github.com/FriendsOfPHP/security-advisories/blob/master/zendframework/zendframework1/CVE-2015-5723.yaml

reference_id

reference_type

scores

value	7.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/FriendsOfPHP/security-advisories/blob/master/zendframework/zendframework1/CVE-2015-5723.yaml

reference_url

https://github.com/FriendsOfPHP/security-advisories/blob/master/zendframework/zendframework/CVE-2015-5723.yaml

reference_id

reference_type

scores

value	7.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/FriendsOfPHP/security-advisories/blob/master/zendframework/zendframework/CVE-2015-5723.yaml

reference_url

https://github.com/FriendsOfPHP/security-advisories/blob/master/zfcampus/zf-apigility-doctrine/CVE-2015-5723.yaml

reference_id

reference_type

scores

value	7.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/FriendsOfPHP/security-advisories/blob/master/zfcampus/zf-apigility-doctrine/CVE-2015-5723.yaml

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2IUUC7HPN4XE5NNTG4MR76OC662XRZUO

reference_id

reference_type

scores

value	7.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2IUUC7HPN4XE5NNTG4MR76OC662XRZUO

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HPS7A54FQ2CR6PH4NDR6UIYJIRNFXW67

reference_id

reference_type

scores

value	7.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HPS7A54FQ2CR6PH4NDR6UIYJIRNFXW67

reference_url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2IUUC7HPN4XE5NNTG4MR76OC662XRZUO

reference_id

reference_type

scores

value	7.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2IUUC7HPN4XE5NNTG4MR76OC662XRZUO

reference_url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HPS7A54FQ2CR6PH4NDR6UIYJIRNFXW67

reference_id

reference_type

scores

value	7.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HPS7A54FQ2CR6PH4NDR6UIYJIRNFXW67

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2015-5723

reference_id

reference_type

scores

value	7.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2015-5723

reference_url

https://www.doctrine-project.org/2015/08/31/security_misconfiguration_vulnerability_in_various_doctrine_projects.html

reference_id

reference_type

scores

value	7.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://www.doctrine-project.org/2015/08/31/security_misconfiguration_vulnerability_in_various_doctrine_projects.html

reference_url	http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=2015-5723
reference_id
reference_type
scores
url	http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=2015-5723

reference_url

http://www.debian.org/security/2015/dsa-3369

reference_id

reference_type

scores

value	7.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

http://www.debian.org/security/2015/dsa-3369

reference_url

http://www.doctrine-project.org/2015/08/31/security_misconfiguration_vulnerability_in_various_doctrine_projects.html

reference_id

reference_type

scores

value	7.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

http://www.doctrine-project.org/2015/08/31/security_misconfiguration_vulnerability_in_various_doctrine_projects.html

fixed_packages

url	pkg:composer/doctrine/orm@2.4.8
purl	pkg:composer/doctrine/orm@2.4.8
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:composer/doctrine/orm@2.4.8

url	pkg:composer/doctrine/orm@2.5.1
purl	pkg:composer/doctrine/orm@2.5.1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:composer/doctrine/orm@2.5.1

aliases CVE-2015-5723, GHSA-pw5c-xqf2-6xc2

risk_score null

exploitability 0.5

weighted_severity 0.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-pt1n-7yfb-a7d4

url VCID-zfw9-zevs-7uaq

vulnerability_id VCID-zfw9-zevs-7uaq

summary Doctrine SQL injection vulnerability

references

reference_url

https://github.com/doctrine/orm

reference_id

reference_type

scores

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://github.com/doctrine/orm

reference_url

https://github.com/FriendsOfPHP/security-advisories/blob/master/doctrine/orm/2011-09-25.yaml

reference_id

reference_type

scores

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://github.com/FriendsOfPHP/security-advisories/blob/master/doctrine/orm/2011-09-25.yaml

reference_url

https://web.archive.org/web/20120315064147/https://www.doctrine-project.org/blog/doctrine-security-fix.html

reference_id

reference_type

scores

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://web.archive.org/web/20120315064147/https://www.doctrine-project.org/blog/doctrine-security-fix.html

reference_url

https://github.com/advisories/GHSA-6q9v-4hq6-5m67

reference_id

GHSA-6q9v-4hq6-5m67

reference_type

scores

value	CRITICAL
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-6q9v-4hq6-5m67

fixed_packages

url	pkg:composer/doctrine/orm@2.0.3
purl	pkg:composer/doctrine/orm@2.0.3
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:composer/doctrine/orm@2.0.3

aliases GHSA-6q9v-4hq6-5m67

risk_score 4.5

exploitability 0.5

weighted_severity 9.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-zfw9-zevs-7uaq

Fixing_vulnerabilities

Risk_score 4.5

Resource_url http://public2.vulnerablecode.io/packages/pkg:composer/doctrine/orm@2.0.0

Package Instance