Package Instance
Lookup for vulnerable packages by Package URL.
GET /api/packages/62896?format=api
{ "url": "http://public2.vulnerablecode.io/api/packages/62896?format=api", "purl": "pkg:composer/typo3/cms@6.0.14", "type": "composer", "namespace": "typo3", "name": "cms", "version": "6.0.14", "qualifiers": {}, "subpath": "", "is_vulnerable": true, "next_non_vulnerable_version": "10.4.35", "latest_non_vulnerable_version": "12.2.0", "affected_by_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/111441?format=api", "vulnerability_id": "VCID-2f2m-tcjn-fyby", "summary": "Typo3 Vulnerable to Cache Poisoning\n**Problem Description:** A request URL with arbitrary arguments, but still pointing to the home page of a TYPO3 installation can be cached if the configuration option `config.prefixLocalAnchors` is used with the values \"all\" or \"cached\". The impact of this vulnerability is that unfamiliar looking links to the home page can end up in the cache, which leads to a reload of the page in the browser when section links are followed by web page visitors, instead of just directly jumping to the requested section of the page. TYPO3 versions 4.6.x and higher are only affected if the homepage is not a shortcut to a different page.\n\n**Solution:** Removing the configuration options `config.prefixLocalAnchors` (and optionally also config.baseUrl) in favor of `config.absRefPrefix`\n\n**Credits:** Thanks to Gernot Leitgab who discovered and reported the vulnerability.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2014-9509", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00633", "scoring_system": "epss", "scoring_elements": "0.70755", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.00633", "scoring_system": "epss", "scoring_elements": "0.70797", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.00633", "scoring_system": "epss", "scoring_elements": "0.70804", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.00633", "scoring_system": "epss", "scoring_elements": "0.70787", "published_at": "2026-06-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2014-9509" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2014-9509", "reference_id": "", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2014-9509" }, { "reference_url": "http://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2014-003", "reference_id": "", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2014-003" }, { "reference_url": "http://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2014-003/", "reference_id": "", "reference_type": "", "scores": [], "url": "http://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2014-003/" }, { "reference_url": "https://github.com/advisories/GHSA-5479-gqqr-f9gj", "reference_id": "GHSA-5479-gqqr-f9gj", "reference_type": "", "scores": [], "url": "https://github.com/advisories/GHSA-5479-gqqr-f9gj" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/152638?format=api", "purl": "pkg:composer/typo3/cms@6.0.15", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@6.0.15" }, { "url": "http://public2.vulnerablecode.io/api/packages/152640?format=api", "purl": "pkg:composer/typo3/cms@6.1.13", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@6.1.13" }, { "url": "http://public2.vulnerablecode.io/api/packages/52098?format=api", "purl": "pkg:composer/typo3/cms@6.2.9", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1efr-h9gq-r7h1" }, { "vulnerability": "VCID-1u4r-r97q-3yfk" }, { "vulnerability": "VCID-1usv-hs5c-akb2" }, { "vulnerability": "VCID-2r7u-mc45-8yhe" }, { "vulnerability": "VCID-39jx-muqb-nkfq" }, { "vulnerability": "VCID-4wnp-gusy-43b8" }, { "vulnerability": "VCID-5dxs-cdht-27hw" }, { "vulnerability": "VCID-5hm4-ms5p-uuae" }, { "vulnerability": "VCID-5ppx-p8eq-mbgk" }, { "vulnerability": "VCID-5ru2-1n1f-afa4" }, { "vulnerability": "VCID-6su8-bbrw-hbhp" }, { "vulnerability": "VCID-727q-h3ey-6yc9" }, { "vulnerability": "VCID-7n9x-c9gs-9yb3" }, { "vulnerability": "VCID-83y4-7q4j-h7f8" }, { "vulnerability": "VCID-8jcy-3kje-fqeh" }, { "vulnerability": "VCID-8p64-6zpt-t3av" }, { "vulnerability": "VCID-8vum-snng-jfcv" }, { "vulnerability": "VCID-95wn-6r9b-q7et" }, { "vulnerability": "VCID-9899-uxyb-73gg" }, { "vulnerability": "VCID-ansr-8m5j-pya6" }, { "vulnerability": "VCID-bstt-ybrs-5ua3" }, { "vulnerability": "VCID-c57c-akce-xufq" }, { "vulnerability": "VCID-cgqm-1wwf-kbg6" }, { "vulnerability": "VCID-dd9u-w2y2-87h9" }, { "vulnerability": "VCID-dw8z-wtph-skey" }, { "vulnerability": "VCID-dwjk-7sqh-hqa8" }, { "vulnerability": "VCID-dyhd-5p1e-fya6" }, { "vulnerability": "VCID-e1gr-txgg-fqa6" }, { "vulnerability": "VCID-e1ms-4r4s-g7e7" }, { "vulnerability": "VCID-e2bk-pfbe-puek" }, { "vulnerability": "VCID-e82x-2cdb-7fgn" }, { "vulnerability": "VCID-ebku-sk43-m7bf" }, { "vulnerability": "VCID-ec17-eauu-67d3" }, { "vulnerability": "VCID-ekvp-u4kk-kqdd" }, { "vulnerability": "VCID-eutz-mj58-audb" }, { "vulnerability": "VCID-ev4k-5k1d-2bhu" }, { "vulnerability": "VCID-exjy-5cyn-zfg1" }, { "vulnerability": "VCID-fgqa-5fx9-nkaz" }, { "vulnerability": "VCID-fqkx-v8t5-q3h6" }, { "vulnerability": "VCID-g7mm-vjbw-bbhd" }, { "vulnerability": "VCID-g9ns-sxkx-aqh1" }, { "vulnerability": "VCID-gbdn-7ce2-zuf7" }, { "vulnerability": "VCID-h217-xe8x-nua3" }, { "vulnerability": "VCID-h7hf-sf2q-73ay" }, { "vulnerability": "VCID-hm4k-wbq3-r7ej" }, { "vulnerability": "VCID-huxd-2e6q-abak" }, { "vulnerability": "VCID-hzma-cduk-3uhp" }, { "vulnerability": "VCID-j6x1-dfre-2bdq" }, { "vulnerability": "VCID-jbkw-4x2d-fqcp" }, { "vulnerability": "VCID-jenc-czvj-g3gw" }, { "vulnerability": "VCID-jeqr-9tfu-f7b2" }, { "vulnerability": "VCID-jf28-91be-6kbr" }, { "vulnerability": "VCID-jmea-qzsr-wkf4" }, { "vulnerability": "VCID-jn38-wfec-7bb2" }, { "vulnerability": "VCID-kj76-rsr8-yqb3" }, { "vulnerability": "VCID-kp2p-nbmg-ufen" }, { "vulnerability": "VCID-kqu8-8c1n-73hr" }, { "vulnerability": "VCID-ks1q-a8x2-uqht" }, { "vulnerability": "VCID-m3nc-xbb4-yubr" }, { "vulnerability": "VCID-n18b-qe5x-z7cj" }, { "vulnerability": "VCID-n326-yy8y-xuap" }, { "vulnerability": "VCID-nhjv-nke2-2kf8" }, { "vulnerability": "VCID-nqqc-nkwq-rqhx" }, { "vulnerability": "VCID-nvbp-pbjw-3qgx" }, { "vulnerability": "VCID-p7gd-anw2-1qbz" }, { "vulnerability": "VCID-q5f3-nhjn-hyb4" }, { "vulnerability": "VCID-qek9-g3h8-nfdz" }, { "vulnerability": "VCID-rae3-cugy-hbh5" }, { "vulnerability": "VCID-rs13-zf7b-mka7" }, { "vulnerability": "VCID-s4re-vww7-sugb" }, { "vulnerability": "VCID-s97a-nmk8-y3ay" }, { "vulnerability": "VCID-sdz8-hju8-4bcb" }, { "vulnerability": "VCID-sn8n-mawq-3uht" }, { "vulnerability": "VCID-tgyt-axv1-c7ag" }, { "vulnerability": "VCID-u37d-tqqe-n7d4" }, { "vulnerability": "VCID-u4tq-8qnk-5fd7" }, { "vulnerability": "VCID-u6h1-ccgw-jqds" }, { "vulnerability": "VCID-ub3e-hrb1-wqac" }, { "vulnerability": "VCID-v2qy-dbf2-bffn" }, { "vulnerability": "VCID-vq15-t92r-5bhx" }, { "vulnerability": "VCID-w58p-3wg1-7ycr" }, { "vulnerability": "VCID-w65h-8a9d-ckgj" }, { "vulnerability": "VCID-wk4s-4bcd-2yb5" }, { "vulnerability": "VCID-wms8-dnuz-b3hc" }, { "vulnerability": "VCID-x175-xjek-97ds" }, { "vulnerability": "VCID-xpxg-qq49-b7fd" }, { "vulnerability": "VCID-xt7m-u9eb-fyd9" }, { "vulnerability": "VCID-xw1s-93bu-wuh9" }, { "vulnerability": "VCID-y1ap-y4az-x7ec" }, { "vulnerability": "VCID-yn6z-9v7k-x7br" }, { "vulnerability": "VCID-ys6f-g39p-fkfc" }, { "vulnerability": "VCID-zhvz-jzf3-2uac" }, { "vulnerability": "VCID-zru2-9g25-77dc" }, { "vulnerability": "VCID-zrz3-3dnf-tbay" }, { "vulnerability": "VCID-zybp-mb3d-jyee" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@6.2.9" }, { "url": "http://public2.vulnerablecode.io/api/packages/52099?format=api", "purl": "pkg:composer/typo3/cms@7.0.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1u4r-r97q-3yfk" }, { "vulnerability": "VCID-28fn-ncj5-2ufk" }, { "vulnerability": "VCID-2rhr-8vaz-hqfj" }, { "vulnerability": "VCID-2rmv-a83x-9ka8" }, { "vulnerability": "VCID-3ugj-6m1e-e3hr" }, { "vulnerability": "VCID-5hm4-ms5p-uuae" }, { "vulnerability": "VCID-5ru2-1n1f-afa4" }, { "vulnerability": "VCID-66kh-c1dm-8fbf" }, { "vulnerability": "VCID-7n9x-c9gs-9yb3" }, { "vulnerability": "VCID-8jcy-3kje-fqeh" }, { "vulnerability": "VCID-953t-q1cr-zyd6" }, { "vulnerability": "VCID-9899-uxyb-73gg" }, { "vulnerability": "VCID-abjx-8v46-d7d8" }, { "vulnerability": "VCID-ansr-8m5j-pya6" }, { "vulnerability": "VCID-c57c-akce-xufq" }, { "vulnerability": "VCID-cgqm-1wwf-kbg6" }, { "vulnerability": "VCID-dsqm-9q3e-dudw" }, { "vulnerability": "VCID-dwjk-7sqh-hqa8" }, { "vulnerability": "VCID-dyhd-5p1e-fya6" }, { "vulnerability": "VCID-e1gr-txgg-fqa6" }, { "vulnerability": "VCID-e1ms-4r4s-g7e7" }, { "vulnerability": "VCID-e2bk-pfbe-puek" }, { "vulnerability": "VCID-e82x-2cdb-7fgn" }, { "vulnerability": "VCID-ec17-eauu-67d3" }, { "vulnerability": "VCID-ev4k-5k1d-2bhu" }, { "vulnerability": "VCID-fdnw-2tz5-4fdr" }, { "vulnerability": "VCID-fqkx-v8t5-q3h6" }, { "vulnerability": "VCID-gpv4-4tpd-tbaa" }, { "vulnerability": "VCID-hm4k-wbq3-r7ej" }, { "vulnerability": "VCID-hp99-ncuh-6ugv" }, { "vulnerability": "VCID-hsw8-nbs6-auaa" }, { "vulnerability": "VCID-hyx9-8ae6-sba8" }, { "vulnerability": "VCID-j6x1-dfre-2bdq" }, { "vulnerability": "VCID-jp1p-rfxa-hyd9" }, { "vulnerability": "VCID-jq5y-7h9g-mufa" }, { "vulnerability": "VCID-jwb1-3sbg-kfa5" }, { "vulnerability": "VCID-n18b-qe5x-z7cj" }, { "vulnerability": "VCID-nhjv-nke2-2kf8" }, { "vulnerability": "VCID-njsj-bwjq-fyap" }, { "vulnerability": "VCID-nqqc-nkwq-rqhx" }, { "vulnerability": "VCID-p576-w7dd-p3h7" }, { "vulnerability": "VCID-p7gd-anw2-1qbz" }, { "vulnerability": "VCID-q5f3-nhjn-hyb4" }, { "vulnerability": "VCID-qcnh-z4zh-myaw" }, { "vulnerability": "VCID-qek9-g3h8-nfdz" }, { "vulnerability": "VCID-rae3-cugy-hbh5" }, { "vulnerability": "VCID-rs13-zf7b-mka7" }, { "vulnerability": "VCID-teby-zvvw-zkhv" }, { "vulnerability": "VCID-tzpj-j3x1-ekgk" }, { "vulnerability": "VCID-u6h1-ccgw-jqds" }, { "vulnerability": "VCID-ub3e-hrb1-wqac" }, { "vulnerability": "VCID-uq77-aax5-k7d8" }, { "vulnerability": "VCID-vq15-t92r-5bhx" }, { "vulnerability": "VCID-w65h-8a9d-ckgj" }, { "vulnerability": "VCID-wms8-dnuz-b3hc" }, { "vulnerability": "VCID-xvyu-2hb8-8ufh" }, { "vulnerability": "VCID-xw1s-93bu-wuh9" }, { "vulnerability": "VCID-ys6f-g39p-fkfc" }, { "vulnerability": "VCID-yz6t-ge1y-qfgr" }, { "vulnerability": "VCID-zru2-9g25-77dc" }, { "vulnerability": "VCID-zybp-mb3d-jyee" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@7.0.2" } ], "aliases": [ "CVE-2014-9509", "GHSA-5479-gqqr-f9gj" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-2f2m-tcjn-fyby" } ], "fixing_vulnerabilities": [], "risk_score": "4.0", "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@6.0.14" }