Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:composer/cakephp/cakephp@3.7.7
Typecomposer
Namespacecakephp
Namecakephp
Version3.7.7
Qualifiers
Subpath
Is_vulnerabletrue
Next_non_vulnerable_version3.10.3
Latest_non_vulnerable_version5.3.1
Affected_by_vulnerabilities
0
url VCID-cp8q-ar71-mqdf
vulnerability_id VCID-cp8q-ar71-mqdf
summary 
Cross-Site Request Forgery (CSRF)
CakePHP mishandles CSRF token generation. This might be remotely exploitable in conjunction with XSS.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-15400
reference_id
reference_type
scores
0
value 0.00085
scoring_system epss
scoring_elements 0.24611
published_at 2026-06-08T12:55:00Z
1
value 0.00085
scoring_system epss
scoring_elements 0.24635
published_at 2026-06-04T12:55:00Z
2
value 0.00085
scoring_system epss
scoring_elements 0.24735
published_at 2026-06-05T12:55:00Z
3
value 0.00085
scoring_system epss
scoring_elements 0.24725
published_at 2026-06-06T12:55:00Z
4
value 0.00085
scoring_system epss
scoring_elements 0.24669
published_at 2026-06-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-15400
1
reference_url https://bakery.cakephp.org/2020/04/18/cakephp_406_released.html
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://bakery.cakephp.org/2020/04/18/cakephp_406_released.html
2
reference_url https://bakery.cakephp.org/2022/05/08/cakephp_3103_released.html
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://bakery.cakephp.org/2022/05/08/cakephp_3103_released.html
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15400
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15400
4
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=985673
reference_id 985673
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=985673
5
reference_url https://nvd.nist.gov/vuln/detail/CVE-2020-15400
reference_id CVE-2020-15400
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2020-15400
6
reference_url https://github.com/advisories/GHSA-j33j-fg2g-mcv2
reference_id GHSA-j33j-fg2g-mcv2
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-j33j-fg2g-mcv2
fixed_packages
0
url pkg:composer/cakephp/cakephp@3.10.3
purl pkg:composer/cakephp/cakephp@3.10.3
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/cakephp/cakephp@3.10.3
1
url pkg:composer/cakephp/cakephp@4.0.6
purl pkg:composer/cakephp/cakephp@4.0.6
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-xsdu-qsw4-ebaz
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/cakephp/cakephp@4.0.6
aliases CVE-2020-15400, GHSA-j33j-fg2g-mcv2
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-cp8q-ar71-mqdf
Fixing_vulnerabilities
0
url VCID-dha1-eyc9-7qff
vulnerability_id VCID-dha1-eyc9-7qff
summary 
Unsafe deserialization in SmtpTransport in CakePHP
An issue was discovered in SmtpTransport in CakePHP 3.7.6. An unserialized object with modified internal properties can trigger arbitrary file overwriting upon destruction.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2019-11458
reference_id
reference_type
scores
0
value 0.00527
scoring_system epss
scoring_elements 0.67391
published_at 2026-06-04T12:55:00Z
1
value 0.00527
scoring_system epss
scoring_elements 0.67411
published_at 2026-06-08T12:55:00Z
2
value 0.00527
scoring_system epss
scoring_elements 0.67428
published_at 2026-06-07T12:55:00Z
3
value 0.00527
scoring_system epss
scoring_elements 0.67439
published_at 2026-06-06T12:55:00Z
4
value 0.00527
scoring_system epss
scoring_elements 0.67432
published_at 2026-06-05T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2019-11458
1
reference_url https://bakery.cakephp.org/2019/04/23/cakephp_377_3615_3518_released.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://bakery.cakephp.org/2019/04/23/cakephp_377_3615_3518_released.html
2
reference_url https://github.com/cakephp/cakephp
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/cakephp/cakephp
3
reference_url https://github.com/cakephp/cakephp/commit/1a74e798309192a9895c9cedabd714ceee345f4e
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/cakephp/cakephp/commit/1a74e798309192a9895c9cedabd714ceee345f4e
4
reference_url https://github.com/cakephp/cakephp/commit/81412fbe2cb88a304dbeeece1955bc0aec98edb1
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/cakephp/cakephp/commit/81412fbe2cb88a304dbeeece1955bc0aec98edb1
5
reference_url https://github.com/cakephp/cakephp/commit/c25b91bf7c72db43c01b47a634fd02112ff9f1cd
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/cakephp/cakephp/commit/c25b91bf7c72db43c01b47a634fd02112ff9f1cd
6
reference_url https://github.com/cakephp/cakephp/commits/master
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/cakephp/cakephp/commits/master
7
reference_url https://github.com/cakephp/cakephp/compare/3.7.6...3.7.7
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/cakephp/cakephp/compare/3.7.6...3.7.7
8
reference_url https://github.com/cakephp/cakephp/releases
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/cakephp/cakephp/releases
9
reference_url https://nvd.nist.gov/vuln/detail/CVE-2019-11458
reference_id CVE-2019-11458
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2019-11458
10
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/cakephp/cakephp/CVE-2019-11458.yaml
reference_id CVE-2019-11458.YAML
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/cakephp/cakephp/CVE-2019-11458.yaml
11
reference_url https://github.com/advisories/GHSA-qhrx-hcm6-pmrw
reference_id GHSA-qhrx-hcm6-pmrw
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-qhrx-hcm6-pmrw
fixed_packages
0
url pkg:composer/cakephp/cakephp@3.5.18
purl pkg:composer/cakephp/cakephp@3.5.18
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-cp8q-ar71-mqdf
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/cakephp/cakephp@3.5.18
1
url pkg:composer/cakephp/cakephp@3.6.15
purl pkg:composer/cakephp/cakephp@3.6.15
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-cp8q-ar71-mqdf
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/cakephp/cakephp@3.6.15
2
url pkg:composer/cakephp/cakephp@3.7.7
purl pkg:composer/cakephp/cakephp@3.7.7
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-cp8q-ar71-mqdf
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/cakephp/cakephp@3.7.7
aliases CVE-2019-11458, GHSA-qhrx-hcm6-pmrw
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-dha1-eyc9-7qff
Risk_score3.1
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:composer/cakephp/cakephp@3.7.7