Django REST framework

Lookup for vulnerable packages by Package URL.

Purl pkg:composer/slim/slim@2.6.0

Type composer

Namespace slim

Name slim

Version 2.6.0

Qualifiers

Subpath

Is_vulnerable false

Next_non_vulnerable_version null

Latest_non_vulnerable_version null

Affected_by_vulnerabilities

Fixing_vulnerabilities

url VCID-3gne-9n9z-nffq

vulnerability_id VCID-3gne-9n9z-nffq

summary

PHP object injection attack in SessionCookie
Remote attackers can conduct PHP object injection attacks and execute arbitrary PHP code via crafted session data.

references

reference_url	https://github.com/slimphp/Slim/issues/1034
reference_id
reference_type
scores
url	https://github.com/slimphp/Slim/issues/1034

reference_url	https://www.owasp.org/index.php/PHP_Object_Injection
reference_id
reference_type
scores
url	https://www.owasp.org/index.php/PHP_Object_Injection

reference_url	https://www.slimframework.com/2015/03/01/version-260.html
reference_id
reference_type
scores
url	https://www.slimframework.com/2015/03/01/version-260.html

fixed_packages

url	pkg:composer/slim/slim@2.6.0
purl	pkg:composer/slim/slim@2.6.0
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:composer/slim/slim@2.6.0

aliases CVE-2015-2171

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-3gne-9n9z-nffq

Risk_score null

Resource_url http://public2.vulnerablecode.io/packages/pkg:composer/slim/slim@2.6.0

Package Instance