Django REST framework

Lookup for vulnerable packages by Package URL.

Purl pkg:composer/zendframework/zend-cache@2.5.0

Type composer

Namespace zendframework

Name zend-cache

Version 2.5.0

Qualifiers

Subpath

Is_vulnerable true

Next_non_vulnerable_version 2.4.8

Latest_non_vulnerable_version 2.5.3

Affected_by_vulnerabilities

url VCID-q74z-645k-c7dk

vulnerability_id VCID-q74z-645k-c7dk

summary

Security Misconfiguration Vulnerability
Doctrine uses `mkdir($cacheDirectory )` to create caches directories. if your application runs with a umask of

references

reference_url	http://framework.zend.com/security/advisory/ZF2015-07
reference_id
reference_type
scores
url	http://framework.zend.com/security/advisory/ZF2015-07

reference_url	https://github.com/aws/aws-sdk-php/releases/tag/3.2.1
reference_id
reference_type
scores
url	https://github.com/aws/aws-sdk-php/releases/tag/3.2.1

reference_url	https://www.doctrine-project.org/2015/08/31/security_misconfiguration_vulnerability_in_various_doctrine_projects.html
reference_id
reference_type
scores
url	https://www.doctrine-project.org/2015/08/31/security_misconfiguration_vulnerability_in_various_doctrine_projects.html

reference_url	http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=2015-5723
reference_id
reference_type
scores
url	http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=2015-5723

reference_url	http://www.doctrine-project.org/2015/08/31/security_misconfiguration_vulnerability_in_various_doctrine_projects.html
reference_id
reference_type
scores
url	http://www.doctrine-project.org/2015/08/31/security_misconfiguration_vulnerability_in_various_doctrine_projects.html

fixed_packages

url	pkg:composer/zendframework/zend-cache@2.5.3
purl	pkg:composer/zendframework/zend-cache@2.5.3
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:composer/zendframework/zend-cache@2.5.3

aliases CVE-2015-5723

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-q74z-645k-c7dk

Fixing_vulnerabilities

Risk_score null

Resource_url http://public2.vulnerablecode.io/packages/pkg:composer/zendframework/zend-cache@2.5.0

Package Instance