Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:composer/composer/composer@2.6.5
Typecomposer
Namespacecomposer
Namecomposer
Version2.6.5
Qualifiers
Subpath
Is_vulnerabletrue
Next_non_vulnerable_version2.9.6
Latest_non_vulnerable_version2.10.0-RC1
Affected_by_vulnerabilities
0
url VCID-58ua-fyne-u7fj
vulnerability_id VCID-58ua-fyne-u7fj
summary
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2024-35241
reference_id
reference_type
scores
0
value 0.0043
scoring_system epss
scoring_elements 0.62983
published_at 2026-06-11T12:55:00Z
1
value 0.0043
scoring_system epss
scoring_elements 0.63097
published_at 2026-06-13T12:55:00Z
2
value 0.0043
scoring_system epss
scoring_elements 0.63085
published_at 2026-06-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2024-35241
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-35241
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-35241
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-35242
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-35242
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PO4MU2BC7VR6LMHEX4X7DKGHVFXZV2MC
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PO4MU2BC7VR6LMHEX4X7DKGHVFXZV2MC
5
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VLPJHM2WWSYU2F6KHW2BYFGYL4IGTKHC
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VLPJHM2WWSYU2F6KHW2BYFGYL4IGTKHC
6
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1073125
reference_id 1073125
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1073125
7
reference_url https://github.com/composer/composer/commit/b93fc6ca437da35ae73d667d0618749c763b67d4
reference_id b93fc6ca437da35ae73d667d0618749c763b67d4
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-07-15T20:42:58Z/
url https://github.com/composer/composer/commit/b93fc6ca437da35ae73d667d0618749c763b67d4
8
reference_url https://nvd.nist.gov/vuln/detail/CVE-2024-35241
reference_id CVE-2024-35241
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2024-35241
9
reference_url https://www.vicarius.io/vsociety/posts/cve-2024-35241-detect-composer-vulnerability
reference_id CVE-2024-35241-DETECT-COMPOSER-VULNERABILITY
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.vicarius.io/vsociety/posts/cve-2024-35241-detect-composer-vulnerability
10
reference_url https://www.vicarius.io/vsociety/posts/cve-2024-35241-mitigate-vulnerable-composer
reference_id CVE-2024-35241-MITIGATE-VULNERABLE-COMPOSER
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.vicarius.io/vsociety/posts/cve-2024-35241-mitigate-vulnerable-composer
11
reference_url https://github.com/composer/composer/commit/ee28354ca8d33c15949ad7de2ce6656ba3f68704
reference_id ee28354ca8d33c15949ad7de2ce6656ba3f68704
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-07-15T20:42:58Z/
url https://github.com/composer/composer/commit/ee28354ca8d33c15949ad7de2ce6656ba3f68704
12
reference_url https://github.com/advisories/GHSA-47f6-5gq3-vx9c
reference_id GHSA-47f6-5gq3-vx9c
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-47f6-5gq3-vx9c
13
reference_url https://github.com/composer/composer/security/advisories/GHSA-47f6-5gq3-vx9c
reference_id GHSA-47f6-5gq3-vx9c
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
2
value HIGH
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-07-15T20:42:58Z/
url https://github.com/composer/composer/security/advisories/GHSA-47f6-5gq3-vx9c
14
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PO4MU2BC7VR6LMHEX4X7DKGHVFXZV2MC/
reference_id PO4MU2BC7VR6LMHEX4X7DKGHVFXZV2MC
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-07-15T20:42:58Z/
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PO4MU2BC7VR6LMHEX4X7DKGHVFXZV2MC/
15
reference_url https://usn.ubuntu.com/7603-1/
reference_id USN-7603-1
reference_type
scores
url https://usn.ubuntu.com/7603-1/
16
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VLPJHM2WWSYU2F6KHW2BYFGYL4IGTKHC/
reference_id VLPJHM2WWSYU2F6KHW2BYFGYL4IGTKHC
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-07-15T20:42:58Z/
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VLPJHM2WWSYU2F6KHW2BYFGYL4IGTKHC/
fixed_packages
0
url pkg:composer/composer/composer@2.7.7
purl pkg:composer/composer/composer@2.7.7
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-a5f8-n9d2-eqff
1
vulnerability VCID-byja-84wd-bbep
2
vulnerability VCID-cp3v-jxnh-tug6
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/composer/composer@2.7.7
aliases CVE-2024-35241, GHSA-47f6-5gq3-vx9c
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-58ua-fyne-u7fj
1
url VCID-a5f8-n9d2-eqff
vulnerability_id VCID-a5f8-n9d2-eqff
summary
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-40176.json
reference_id
reference_type
scores
0
value 7.8
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-40176.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-40176
reference_id
reference_type
scores
0
value 0.00019
scoring_system epss
scoring_elements 0.05593
published_at 2026-06-11T12:55:00Z
1
value 0.00019
scoring_system epss
scoring_elements 0.05614
published_at 2026-06-13T12:55:00Z
2
value 0.00019
scoring_system epss
scoring_elements 0.0562
published_at 2026-06-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-40176
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-40176
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-40176
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/composer/composer/CVE-2026-40176.yaml
reference_id
reference_type
scores
0
value 7.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/composer/composer/CVE-2026-40176.yaml
5
reference_url https://nvd.nist.gov/vuln/detail/CVE-2026-40176
reference_id
reference_type
scores
0
value 7.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2026-40176
6
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2458828
reference_id 2458828
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2458828
7
reference_url https://github.com/composer/composer/releases/tag/2.9.6
reference_id 2.9.6
reference_type
scores
0
value 7.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-16T14:16:01Z/
url https://github.com/composer/composer/releases/tag/2.9.6
8
reference_url https://github.com/advisories/GHSA-wg36-wvj6-r67p
reference_id GHSA-wg36-wvj6-r67p
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-wg36-wvj6-r67p
9
reference_url https://github.com/composer/composer/security/advisories/GHSA-wg36-wvj6-r67p
reference_id GHSA-wg36-wvj6-r67p
reference_type
scores
0
value 7.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
2
value HIGH
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-16T14:16:01Z/
url https://github.com/composer/composer/security/advisories/GHSA-wg36-wvj6-r67p
10
reference_url https://access.redhat.com/errata/RHSA-2026:8165
reference_id RHSA-2026:8165
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8165
fixed_packages
0
url pkg:composer/composer/composer@2.9.6
purl pkg:composer/composer/composer@2.9.6
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/composer/composer@2.9.6
1
url pkg:composer/composer/composer@2.10.0-RC1
purl pkg:composer/composer/composer@2.10.0-RC1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/composer/composer@2.10.0-RC1
aliases CVE-2026-40176, GHSA-wg36-wvj6-r67p
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-a5f8-n9d2-eqff
2
url VCID-byja-84wd-bbep
vulnerability_id VCID-byja-84wd-bbep
summary
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-40261.json
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-40261.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-40261
reference_id
reference_type
scores
0
value 0.00042
scoring_system epss
scoring_elements 0.13004
published_at 2026-06-11T12:55:00Z
1
value 0.00042
scoring_system epss
scoring_elements 0.13108
published_at 2026-06-13T12:55:00Z
2
value 0.00042
scoring_system epss
scoring_elements 0.131
published_at 2026-06-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-40261
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-40261
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-40261
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/composer/composer/CVE-2026-40261.yaml
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/composer/composer/CVE-2026-40261.yaml
5
reference_url https://nvd.nist.gov/vuln/detail/CVE-2026-40261
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2026-40261
6
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2458841
reference_id 2458841
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2458841
7
reference_url https://github.com/composer/composer/releases/tag/2.9.6
reference_id 2.9.6
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-16T13:41:03Z/
url https://github.com/composer/composer/releases/tag/2.9.6
8
reference_url https://github.com/advisories/GHSA-gqw4-4w2p-838q
reference_id GHSA-gqw4-4w2p-838q
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-gqw4-4w2p-838q
9
reference_url https://github.com/composer/composer/security/advisories/GHSA-gqw4-4w2p-838q
reference_id GHSA-gqw4-4w2p-838q
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
2
value HIGH
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-16T13:41:03Z/
url https://github.com/composer/composer/security/advisories/GHSA-gqw4-4w2p-838q
10
reference_url https://access.redhat.com/errata/RHSA-2026:8165
reference_id RHSA-2026:8165
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8165
fixed_packages
0
url pkg:composer/composer/composer@2.9.6
purl pkg:composer/composer/composer@2.9.6
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/composer/composer@2.9.6
1
url pkg:composer/composer/composer@2.10.0-RC1
purl pkg:composer/composer/composer@2.10.0-RC1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/composer/composer@2.10.0-RC1
aliases CVE-2026-40261, GHSA-gqw4-4w2p-838q
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-byja-84wd-bbep
3
url VCID-cp3v-jxnh-tug6
vulnerability_id VCID-cp3v-jxnh-tug6
summary
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-67746.json
reference_id
reference_type
scores
0
value 3.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-67746.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-67746
reference_id
reference_type
scores
0
value 0.00025
scoring_system epss
scoring_elements 0.07317
published_at 2026-06-11T12:55:00Z
1
value 0.00025
scoring_system epss
scoring_elements 0.07353
published_at 2026-06-13T12:55:00Z
2
value 0.00025
scoring_system epss
scoring_elements 0.0736
published_at 2026-06-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-67746
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-67746
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-67746
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 3.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://github.com/composer/composer/commit/1d40a95c9d39a6b7f80d404ab30336c586da9917
reference_id 1d40a95c9d39a6b7f80d404ab30336c586da9917
reference_type
scores
0
value 1.2
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N/E:U
1
value 1.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U
2
value LOW
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-30T17:17:14Z/
url https://github.com/composer/composer/commit/1d40a95c9d39a6b7f80d404ab30336c586da9917
5
reference_url https://github.com/composer/composer/releases/tag/2.2.26
reference_id 2.2.26
reference_type
scores
0
value 1.2
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N/E:U
1
value 1.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U
2
value LOW
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-30T17:17:14Z/
url https://github.com/composer/composer/releases/tag/2.2.26
6
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2426283
reference_id 2426283
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2426283
7
reference_url https://github.com/composer/composer/releases/tag/2.9.3
reference_id 2.9.3
reference_type
scores
0
value 1.2
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N/E:U
1
value 1.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U
2
value LOW
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-30T17:17:14Z/
url https://github.com/composer/composer/releases/tag/2.9.3
8
reference_url https://github.com/composer/composer/commit/5db1876a76fdef76d3c4f8a27995c434c7a43e71
reference_id 5db1876a76fdef76d3c4f8a27995c434c7a43e71
reference_type
scores
0
value 1.2
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N/E:U
1
value 1.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U
2
value LOW
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-30T17:17:14Z/
url https://github.com/composer/composer/commit/5db1876a76fdef76d3c4f8a27995c434c7a43e71
9
reference_url https://nvd.nist.gov/vuln/detail/CVE-2025-67746
reference_id CVE-2025-67746
reference_type
scores
0
value 1.2
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N/E:U
1
value LOW
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2025-67746
10
reference_url https://github.com/advisories/GHSA-59pp-r3rg-353g
reference_id GHSA-59pp-r3rg-353g
reference_type
scores
0
value LOW
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-59pp-r3rg-353g
11
reference_url https://github.com/composer/composer/security/advisories/GHSA-59pp-r3rg-353g
reference_id GHSA-59pp-r3rg-353g
reference_type
scores
0
value LOW
scoring_system cvssv3.1_qr
scoring_elements
1
value 1.2
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N/E:U
2
value 1.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U
3
value LOW
scoring_system generic_textual
scoring_elements
4
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-30T17:17:14Z/
url https://github.com/composer/composer/security/advisories/GHSA-59pp-r3rg-353g
12
reference_url https://access.redhat.com/errata/RHSA-2026:8165
reference_id RHSA-2026:8165
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8165
fixed_packages
0
url pkg:composer/composer/composer@2.9.3
purl pkg:composer/composer/composer@2.9.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-a5f8-n9d2-eqff
1
vulnerability VCID-byja-84wd-bbep
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/composer/composer@2.9.3
aliases CVE-2025-67746, GHSA-59pp-r3rg-353g
risk_score 1.6
exploitability 0.5
weighted_severity 3.1
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-cp3v-jxnh-tug6
4
url VCID-msjj-w941-33aj
vulnerability_id VCID-msjj-w941-33aj
summary
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2024-24821
reference_id
reference_type
scores
0
value 0.00128
scoring_system epss
scoring_elements 0.31815
published_at 2026-06-11T12:55:00Z
1
value 0.00128
scoring_system epss
scoring_elements 0.32017
published_at 2026-06-13T12:55:00Z
2
value 0.00128
scoring_system epss
scoring_elements 0.32001
published_at 2026-06-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2024-24821
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24821
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24821
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://github.com/composer/composer/commit/77e3982918bc1d886843dc3d5e575e7e871b27b7
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/composer/composer/commit/77e3982918bc1d886843dc3d5e575e7e871b27b7
4
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1063603
reference_id 1063603
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1063603
5
reference_url https://github.com/composer/composer/commit/64e4eb356b159a30c766cd1ea83450a38dc23bf5
reference_id 64e4eb356b159a30c766cd1ea83450a38dc23bf5
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-02-11T18:11:46Z/
url https://github.com/composer/composer/commit/64e4eb356b159a30c766cd1ea83450a38dc23bf5
6
reference_url https://nvd.nist.gov/vuln/detail/CVE-2024-24821
reference_id CVE-2024-24821
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2024-24821
7
reference_url https://github.com/advisories/GHSA-7c6p-848j-wh5h
reference_id GHSA-7c6p-848j-wh5h
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-7c6p-848j-wh5h
8
reference_url https://github.com/composer/composer/security/advisories/GHSA-7c6p-848j-wh5h
reference_id GHSA-7c6p-848j-wh5h
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
1
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
2
value HIGH
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-02-11T18:11:46Z/
url https://github.com/composer/composer/security/advisories/GHSA-7c6p-848j-wh5h
9
reference_url https://usn.ubuntu.com/7603-1/
reference_id USN-7603-1
reference_type
scores
url https://usn.ubuntu.com/7603-1/
fixed_packages
0
url pkg:composer/composer/composer@2.7.0
purl pkg:composer/composer/composer@2.7.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-58ua-fyne-u7fj
1
vulnerability VCID-a5f8-n9d2-eqff
2
vulnerability VCID-byja-84wd-bbep
3
vulnerability VCID-cp3v-jxnh-tug6
4
vulnerability VCID-nfz6-bse5-xyen
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/composer/composer@2.7.0
aliases CVE-2024-24821, GHSA-7c6p-848j-wh5h
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-msjj-w941-33aj
5
url VCID-nfz6-bse5-xyen
vulnerability_id VCID-nfz6-bse5-xyen
summary
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2024-35242
reference_id
reference_type
scores
0
value 0.23787
scoring_system epss
scoring_elements 0.96144
published_at 2026-06-13T12:55:00Z
1
value 0.23787
scoring_system epss
scoring_elements 0.9613
published_at 2026-06-11T12:55:00Z
2
value 0.23787
scoring_system epss
scoring_elements 0.96141
published_at 2026-06-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2024-35242
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-35241
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-35241
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-35242
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-35242
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PO4MU2BC7VR6LMHEX4X7DKGHVFXZV2MC
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PO4MU2BC7VR6LMHEX4X7DKGHVFXZV2MC
5
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VLPJHM2WWSYU2F6KHW2BYFGYL4IGTKHC
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VLPJHM2WWSYU2F6KHW2BYFGYL4IGTKHC
6
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1073126
reference_id 1073126
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1073126
7
reference_url https://github.com/composer/composer/commit/6bd43dff859c597c09bd03a7e7d6443822d0a396
reference_id 6bd43dff859c597c09bd03a7e7d6443822d0a396
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-07-15T20:44:05Z/
url https://github.com/composer/composer/commit/6bd43dff859c597c09bd03a7e7d6443822d0a396
8
reference_url https://nvd.nist.gov/vuln/detail/CVE-2024-35242
reference_id CVE-2024-35242
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2024-35242
9
reference_url https://github.com/composer/composer/commit/fc57b93603d7d90b71ca8ec77b1c8a9171fdb467
reference_id fc57b93603d7d90b71ca8ec77b1c8a9171fdb467
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-07-15T20:44:05Z/
url https://github.com/composer/composer/commit/fc57b93603d7d90b71ca8ec77b1c8a9171fdb467
10
reference_url https://github.com/advisories/GHSA-v9qv-c7wm-wgmf
reference_id GHSA-v9qv-c7wm-wgmf
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-v9qv-c7wm-wgmf
11
reference_url https://github.com/composer/composer/security/advisories/GHSA-v9qv-c7wm-wgmf
reference_id GHSA-v9qv-c7wm-wgmf
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
2
value HIGH
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-07-15T20:44:05Z/
url https://github.com/composer/composer/security/advisories/GHSA-v9qv-c7wm-wgmf
12
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PO4MU2BC7VR6LMHEX4X7DKGHVFXZV2MC/
reference_id PO4MU2BC7VR6LMHEX4X7DKGHVFXZV2MC
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-07-15T20:44:05Z/
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PO4MU2BC7VR6LMHEX4X7DKGHVFXZV2MC/
13
reference_url https://usn.ubuntu.com/7603-1/
reference_id USN-7603-1
reference_type
scores
url https://usn.ubuntu.com/7603-1/
14
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VLPJHM2WWSYU2F6KHW2BYFGYL4IGTKHC/
reference_id VLPJHM2WWSYU2F6KHW2BYFGYL4IGTKHC
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-07-15T20:44:05Z/
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VLPJHM2WWSYU2F6KHW2BYFGYL4IGTKHC/
fixed_packages
0
url pkg:composer/composer/composer@2.7.7
purl pkg:composer/composer/composer@2.7.7
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-a5f8-n9d2-eqff
1
vulnerability VCID-byja-84wd-bbep
2
vulnerability VCID-cp3v-jxnh-tug6
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/composer/composer@2.7.7
aliases CVE-2024-35242, GHSA-v9qv-c7wm-wgmf
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-nfz6-bse5-xyen
Fixing_vulnerabilities
Risk_score4.0
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:composer/composer/composer@2.6.5