Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:composer/appwrite/server-ce@1.2.1
Typecomposer
Namespaceappwrite
Nameserver-ce
Version1.2.1
Qualifiers
Subpath
Is_vulnerabletrue
Next_non_vulnerable_versionnull
Latest_non_vulnerable_versionnull
Affected_by_vulnerabilities
0
url VCID-dtju-jew3-3qgz
vulnerability_id VCID-dtju-jew3-3qgz
summary Appwrite up to v1.2.1 was discovered to contain a Server-Side Request Forgery (SSRF) via the component /v1/avatars/favicon. This vulnerability allows attackers to access network resources and sensitive information via a crafted GET request.
references
0
reference_url http://appwrite.com
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-02-18T15:08:46Z/
url http://appwrite.com
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2023-27159
reference_id
reference_type
scores
0
value 0.76972
scoring_system epss
scoring_elements 0.98981
published_at 2026-06-07T12:55:00Z
1
value 0.76972
scoring_system epss
scoring_elements 0.9898
published_at 2026-06-08T12:55:00Z
2
value 0.76972
scoring_system epss
scoring_elements 0.98983
published_at 2026-06-06T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2023-27159
2
reference_url https://gist.github.com/b33t1e/43b26c31e895baf7e7aea2dbf9743a9a
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-02-18T15:08:46Z/
url https://gist.github.com/b33t1e/43b26c31e895baf7e7aea2dbf9743a9a
3
reference_url https://gist.github.com/b33t1e/e9e8192317c111e7897e04d2f9bf5fdb
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-02-18T15:08:46Z/
url https://gist.github.com/b33t1e/e9e8192317c111e7897e04d2f9bf5fdb
4
reference_url https://github.com/appwrite/appwrite
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-02-18T15:08:46Z/
url https://github.com/appwrite/appwrite
5
reference_url https://notes.sjtu.edu.cn/gMNlpByZSDiwrl9uZyHTKA
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-02-18T15:08:46Z/
url https://notes.sjtu.edu.cn/gMNlpByZSDiwrl9uZyHTKA
6
reference_url https://nvd.nist.gov/vuln/detail/CVE-2023-27159
reference_id CVE-2023-27159
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2023-27159
7
reference_url https://github.com/advisories/GHSA-hxgx-584x-vwm8
reference_id GHSA-hxgx-584x-vwm8
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-hxgx-584x-vwm8
fixed_packages
aliases CVE-2023-27159, GHSA-hxgx-584x-vwm8
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-dtju-jew3-3qgz
Fixing_vulnerabilities
Risk_score4.0
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:composer/appwrite/server-ce@1.2.1