Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:composer/pimcore/pimcore@10.5.20
Typecomposer
Namespacepimcore
Namepimcore
Version10.5.20
Qualifiers
Subpath
Is_vulnerablefalse
Next_non_vulnerable_version10.5.21
Latest_non_vulnerable_version12.3.3
Affected_by_vulnerabilities
Fixing_vulnerabilities
0
url VCID-29a6-htj3-z3dr
vulnerability_id VCID-29a6-htj3-z3dr
summary 
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Cross-site Scripting (XSS) - Generic in GitHub repository pimcore/pimcore prior to 10.5.20.
references
0
reference_url https://github.com/pimcore/pimcore/commit/2b997737dd6a60be2239a51dd6d9ef5881568e6d
reference_id
reference_type
scores
url https://github.com/pimcore/pimcore/commit/2b997737dd6a60be2239a51dd6d9ef5881568e6d
1
reference_url https://huntr.dev/bounties/d8a47f29-3297-4fce-b534-e1d95a2b3e19
reference_id
reference_type
scores
url https://huntr.dev/bounties/d8a47f29-3297-4fce-b534-e1d95a2b3e19
2
reference_url https://nvd.nist.gov/vuln/detail/CVE-2023-1702
reference_id CVE-2023-1702
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2023-1702
3
reference_url https://github.com/advisories/GHSA-69fc-v223-6rjw
reference_id GHSA-69fc-v223-6rjw
reference_type
scores
url https://github.com/advisories/GHSA-69fc-v223-6rjw
fixed_packages
0
url pkg:composer/pimcore/pimcore@10.5.20
purl pkg:composer/pimcore/pimcore@10.5.20
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/pimcore/pimcore@10.5.20
aliases CVE-2023-1702, GHSA-69fc-v223-6rjw
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-29a6-htj3-z3dr
1
url VCID-c2ht-41t3-eqaq
vulnerability_id VCID-c2ht-41t3-eqaq
summary 
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Cross-site Scripting (XSS) - Stored in GitHub repository pimcore/pimcore prior to 10.5.20.
references
0
reference_url https://github.com/pimcore/pimcore/commit/295f5e8d108b68198e36399bea0f69598eb108a0
reference_id
reference_type
scores
url https://github.com/pimcore/pimcore/commit/295f5e8d108b68198e36399bea0f69598eb108a0
1
reference_url https://huntr.dev/bounties/84419c7b-ae29-401b-bdfd-5d0c498d320f
reference_id
reference_type
scores
url https://huntr.dev/bounties/84419c7b-ae29-401b-bdfd-5d0c498d320f
2
reference_url https://nvd.nist.gov/vuln/detail/CVE-2023-1704
reference_id CVE-2023-1704
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2023-1704
3
reference_url https://github.com/advisories/GHSA-rp78-4562-gx3c
reference_id GHSA-rp78-4562-gx3c
reference_type
scores
url https://github.com/advisories/GHSA-rp78-4562-gx3c
fixed_packages
0
url pkg:composer/pimcore/pimcore@10.5.20
purl pkg:composer/pimcore/pimcore@10.5.20
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/pimcore/pimcore@10.5.20
aliases CVE-2023-1704, GHSA-rp78-4562-gx3c
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-c2ht-41t3-eqaq
2
url VCID-tn1v-4yx7-8uat
vulnerability_id VCID-tn1v-4yx7-8uat
summary 
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Cross-site Scripting (XSS) - Reflected in GitHub repository pimcore/pimcore prior to 10.5.20.
references
0
reference_url https://github.com/pimcore/pimcore/commit/2b997737dd6a60be2239a51dd6d9ef5881568e6d
reference_id
reference_type
scores
url https://github.com/pimcore/pimcore/commit/2b997737dd6a60be2239a51dd6d9ef5881568e6d
1
reference_url https://huntr.dev/bounties/64f943c4-68e5-4ef8-82f6-9c4abe928256
reference_id
reference_type
scores
url https://huntr.dev/bounties/64f943c4-68e5-4ef8-82f6-9c4abe928256
2
reference_url https://nvd.nist.gov/vuln/detail/CVE-2023-1701
reference_id CVE-2023-1701
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2023-1701
3
reference_url https://github.com/advisories/GHSA-6mmf-qm37-pmgg
reference_id GHSA-6mmf-qm37-pmgg
reference_type
scores
url https://github.com/advisories/GHSA-6mmf-qm37-pmgg
fixed_packages
0
url pkg:composer/pimcore/pimcore@10.5.20
purl pkg:composer/pimcore/pimcore@10.5.20
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/pimcore/pimcore@10.5.20
aliases CVE-2023-1701, GHSA-6mmf-qm37-pmgg
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-tn1v-4yx7-8uat
3
url VCID-upjh-4jdt-xbgd
vulnerability_id VCID-upjh-4jdt-xbgd
summary 
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Cross-site Scripting (XSS) - Generic in GitHub repository pimcore/pimcore prior to 10.5.20.
references
0
reference_url https://github.com/pimcore/pimcore/commit/765832f0dc5f6cfb296a82e089b701066f27bcef
reference_id
reference_type
scores
url https://github.com/pimcore/pimcore/commit/765832f0dc5f6cfb296a82e089b701066f27bcef
1
reference_url https://huntr.dev/bounties/d12d105c-18fa-4d08-b591-b0e89e39eec1
reference_id
reference_type
scores
url https://huntr.dev/bounties/d12d105c-18fa-4d08-b591-b0e89e39eec1
2
reference_url https://nvd.nist.gov/vuln/detail/CVE-2023-1703
reference_id CVE-2023-1703
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2023-1703
3
reference_url https://github.com/advisories/GHSA-3r5c-h7g6-cqw7
reference_id GHSA-3r5c-h7g6-cqw7
reference_type
scores
url https://github.com/advisories/GHSA-3r5c-h7g6-cqw7
fixed_packages
0
url pkg:composer/pimcore/pimcore@10.5.20
purl pkg:composer/pimcore/pimcore@10.5.20
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/pimcore/pimcore@10.5.20
aliases CVE-2023-1703, GHSA-3r5c-h7g6-cqw7
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-upjh-4jdt-xbgd
Risk_scorenull
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:composer/pimcore/pimcore@10.5.20