Django REST framework

Lookup for vulnerable packages by Package URL.

Purl pkg:composer/oro/platform@4.1.17

Type composer

Namespace oro

Name platform

Version 4.1.17

Qualifiers

Subpath

Is_vulnerable false

Next_non_vulnerable_version 4.2.7

Latest_non_vulnerable_version 5.1.4

Affected_by_vulnerabilities

Fixing_vulnerabilities

url VCID-j1uw-vqqx-uuh2

vulnerability_id VCID-j1uw-vqqx-uuh2

summary Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in oro/platform.

references

reference_url	https://github.com/advisories/GHSA-rrgw-3hg3-9x8c
reference_id	GHSA-rrgw-3hg3-9x8c
reference_type
scores
url	https://github.com/advisories/GHSA-rrgw-3hg3-9x8c

reference_url	https://github.com/oroinc/platform-er/security/advisories/GHSA-rrgw-3hg3-9x8c
reference_id	GHSA-rrgw-3hg3-9x8c
reference_type
scores
url	https://github.com/oroinc/platform-er/security/advisories/GHSA-rrgw-3hg3-9x8c

fixed_packages

url	pkg:composer/oro/platform@3.1.29
purl	pkg:composer/oro/platform@3.1.29
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:composer/oro/platform@3.1.29

url	pkg:composer/oro/platform@4.1.17
purl	pkg:composer/oro/platform@4.1.17
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:composer/oro/platform@4.1.17

url	pkg:composer/oro/platform@4.2.8
purl	pkg:composer/oro/platform@4.2.8
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:composer/oro/platform@4.2.8

aliases GHSA-rrgw-3hg3-9x8c, GMS-2022-24

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-j1uw-vqqx-uuh2

Risk_score null

Resource_url http://public2.vulnerablecode.io/packages/pkg:composer/oro/platform@4.1.17

Package Instance