Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:composer/zendframework/zend-http@2.3.8
Typecomposer
Namespacezendframework
Namezend-http
Version2.3.8
Qualifiers
Subpath
Is_vulnerabletrue
Next_non_vulnerable_version2.8.1
Latest_non_vulnerable_version2.8.1
Affected_by_vulnerabilities
0
url VCID-wz4g-j8zt-ruff
vulnerability_id VCID-wz4g-j8zt-ruff
summary 
URL Redirection to Untrusted Site (Open Redirect)
URL Rewrite vulnerability.
references
0
reference_url https://framework.zend.com/security/advisory/ZF2018-01
reference_id
reference_type
scores
url https://framework.zend.com/security/advisory/ZF2018-01
fixed_packages
0
url pkg:composer/zendframework/zend-http@2.8.1
purl pkg:composer/zendframework/zend-http@2.8.1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/zendframework/zend-http@2.8.1
aliases ZF2018-01
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-wz4g-j8zt-ruff
Fixing_vulnerabilities
0
url VCID-5bm4-grk6-w7hk
vulnerability_id VCID-5bm4-grk6-w7hk
summary 
CRLF Injection
Potential CRLF injection attacks in mail and HTTP headers.
references
0
reference_url http://framework.zend.com/security/advisory/ZF2015-04
reference_id
reference_type
scores
url http://framework.zend.com/security/advisory/ZF2015-04
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2015-3154
reference_id
reference_type
scores
0
value 0.00274
scoring_system epss
scoring_elements 0.51029
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2015-3154
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2681
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2681
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2682
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2682
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2683
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2683
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2684
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2684
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2685
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2685
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4914
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4914
8
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8088
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8088
9
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8089
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8089
10
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3154
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3154
11
reference_url https://framework.zend.com/security/advisory/ZF2015-04
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://framework.zend.com/security/advisory/ZF2015-04
12
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/zendframework/zendframework1/CVE-2015-3154.yaml
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/zendframework/zendframework1/CVE-2015-3154.yaml
13
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/zendframework/zendframework/CVE-2015-3154.yaml
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/zendframework/zendframework/CVE-2015-3154.yaml
14
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/zendframework/zend-http/CVE-2015-3154.yaml
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/zendframework/zend-http/CVE-2015-3154.yaml
15
reference_url https://github.com/zendframework/zendframework
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/zendframework/zendframework
16
reference_url https://nvd.nist.gov/vuln/detail/CVE-2015-3154
reference_id CVE-2015-3154
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2015-3154
fixed_packages
0
url pkg:composer/zendframework/zend-http@1.12.12
purl pkg:composer/zendframework/zend-http@1.12.12
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/zendframework/zend-http@1.12.12
1
url pkg:composer/zendframework/zend-http@2.2.0rc1
purl pkg:composer/zendframework/zend-http@2.2.0rc1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-wz4g-j8zt-ruff
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/zendframework/zend-http@2.2.0rc1
2
url pkg:composer/zendframework/zend-http@2.2.0
purl pkg:composer/zendframework/zend-http@2.2.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-wz4g-j8zt-ruff
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/zendframework/zend-http@2.2.0
3
url pkg:composer/zendframework/zend-http@2.3.8
purl pkg:composer/zendframework/zend-http@2.3.8
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-wz4g-j8zt-ruff
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/zendframework/zend-http@2.3.8
4
url pkg:composer/zendframework/zend-http@2.4.0rc1
purl pkg:composer/zendframework/zend-http@2.4.0rc1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-wz4g-j8zt-ruff
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/zendframework/zend-http@2.4.0rc1
5
url pkg:composer/zendframework/zend-http@2.4.1
purl pkg:composer/zendframework/zend-http@2.4.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-wz4g-j8zt-ruff
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/zendframework/zend-http@2.4.1
6
url pkg:composer/zendframework/zend-http@2.4.2
purl pkg:composer/zendframework/zend-http@2.4.2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-wz4g-j8zt-ruff
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/zendframework/zend-http@2.4.2
aliases CVE-2015-3154, GHSA-5957-5crx-79jx
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-5bm4-grk6-w7hk
Risk_scorenull
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:composer/zendframework/zend-http@2.3.8