Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:composer/typo3/neos@1.1.3
Typecomposer
Namespacetypo3
Nameneos
Version1.1.3
Qualifiers
Subpath
Is_vulnerablefalse
Next_non_vulnerable_version1.2.13
Latest_non_vulnerable_version4.3.3
Affected_by_vulnerabilities
Fixing_vulnerabilities
0
url VCID-56z1-xe5m-yugk
vulnerability_id VCID-56z1-xe5m-yugk
summary 
Improper Privilege Management
Privilege Escalation in TYPO3 Neos.
references
0
reference_url https://www.neos.io/news/neos-sa-2015-001.html
reference_id
reference_type
scores
url https://www.neos.io/news/neos-sa-2015-001.html
fixed_packages
0
url pkg:composer/typo3/neos@1.1.3
purl pkg:composer/typo3/neos@1.1.3
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/typo3/neos@1.1.3
1
url pkg:composer/typo3/neos@1.2.3
purl pkg:composer/typo3/neos@1.2.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-eyk1-hqju-cfc2
1
vulnerability VCID-kftp-w8kn-9ybx
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/typo3/neos@1.2.3
aliases GMS-2015-93
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-56z1-xe5m-yugk
1
url VCID-9hvu-jc3r-jyd5
vulnerability_id VCID-9hvu-jc3r-jyd5
summary 
Privilege Escalation in TYPO3 Neos
It has been discovered that TYPO3 Neos is vulnerable to Privilege Escalation. Logged in editors could access, create and modify content nodes that exist in the workspace of other editors.
references
0
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/neos/2015-03-28.yaml
reference_id
reference_type
scores
0
value 4.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/neos/2015-03-28.yaml
1
reference_url https://www.neos.io/blog/neos-sa-2015-001.html
reference_id
reference_type
scores
0
value 4.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.neos.io/blog/neos-sa-2015-001.html
2
reference_url https://github.com/advisories/GHSA-wr3c-6c22-m9v6
reference_id GHSA-wr3c-6c22-m9v6
reference_type
scores
url https://github.com/advisories/GHSA-wr3c-6c22-m9v6
fixed_packages
0
url pkg:composer/typo3/neos@1.1.3
purl pkg:composer/typo3/neos@1.1.3
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/typo3/neos@1.1.3
1
url pkg:composer/typo3/neos@1.2.3
purl pkg:composer/typo3/neos@1.2.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-eyk1-hqju-cfc2
1
vulnerability VCID-kftp-w8kn-9ybx
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/typo3/neos@1.2.3
aliases GHSA-wr3c-6c22-m9v6
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-9hvu-jc3r-jyd5
2
url VCID-bh6n-n4s6-13gt
vulnerability_id VCID-bh6n-n4s6-13gt
summary It has been discovered that TYPO3 Neos is vulnerable to Privilege Escalation. Logged in editors could access, create and modify content nodes that exist in the workspace of other editors.
references
0
reference_url https://www.neos.io/blog/neos-sa-2015-001.html
reference_id
reference_type
scores
url https://www.neos.io/blog/neos-sa-2015-001.html
fixed_packages
0
url pkg:composer/typo3/neos@1.1.3
purl pkg:composer/typo3/neos@1.1.3
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/typo3/neos@1.1.3
1
url pkg:composer/typo3/neos@1.2.3
purl pkg:composer/typo3/neos@1.2.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-eyk1-hqju-cfc2
1
vulnerability VCID-kftp-w8kn-9ybx
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/typo3/neos@1.2.3
aliases neos-sa-2015-001
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-bh6n-n4s6-13gt
Risk_scorenull
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:composer/typo3/neos@1.1.3