Django REST framework
Api Root
Package List
Package Instance
Format
json
api
admin
Package Instance
Lookup for vulnerable packages by Package URL.
Purl
pkg:composer/neos/flow@2.3.0
Type
composer
Namespace
neos
Name
flow
Version
2.3.0
Qualifiers
Subpath
Is_vulnerable
true
Next_non_vulnerable_version
2.3.7
Latest_non_vulnerable_version
4.0.6
Affected_by_vulnerabilities
0
url
VCID-a5ed-3zde-1bh2
vulnerability_id
VCID-a5ed-3zde-1bh2
summary
Neos Flow Arbitrary file upload and XML External Entity processing
references
0
reference_url
https://github.com/FriendsOfPHP/security-advisories/blob/master/neos/flow/2015-11-23.yaml
reference_id
reference_type
scores
url
https://github.com/FriendsOfPHP/security-advisories/blob/master/neos/flow/2015-11-23.yaml
1
reference_url
https://www.neos.io/blog/flow-sa-2015-001.html
reference_id
reference_type
scores
url
https://www.neos.io/blog/flow-sa-2015-001.html
2
reference_url
https://github.com/advisories/GHSA-5vv7-j593-mgjc
reference_id
GHSA-5vv7-j593-mgjc
reference_type
scores
0
value
MODERATE
scoring_system
cvssv3.1_qr
scoring_elements
url
https://github.com/advisories/GHSA-5vv7-j593-mgjc
fixed_packages
0
url
pkg:composer/neos/flow@2.3.7
purl
pkg:composer/neos/flow@2.3.7
is_vulnerable
false
affected_by_vulnerabilities
resource_url
http://public2.vulnerablecode.io/packages/pkg:composer/neos/flow@2.3.7
1
url
pkg:composer/neos/flow@3.0.1
purl
pkg:composer/neos/flow@3.0.1
is_vulnerable
false
affected_by_vulnerabilities
resource_url
http://public2.vulnerablecode.io/packages/pkg:composer/neos/flow@3.0.1
aliases
GHSA-5vv7-j593-mgjc
risk_score
null
exploitability
null
weighted_severity
null
resource_url
http://public2.vulnerablecode.io/vulnerabilities/VCID-a5ed-3zde-1bh2
1
url
VCID-uqt2-tazg-tucp
vulnerability_id
VCID-uqt2-tazg-tucp
summary
Time-Based Information Disclosure Vulnerability in Flow
references
0
reference_url
https://github.com/FriendsOfPHP/security-advisories/blob/master/neos/flow/2016-11-01.yaml
reference_id
reference_type
scores
url
https://github.com/FriendsOfPHP/security-advisories/blob/master/neos/flow/2016-11-01.yaml
1
reference_url
https://www.neos.io/blog/flow-sa-2016-001.html
reference_id
reference_type
scores
url
https://www.neos.io/blog/flow-sa-2016-001.html
2
reference_url
https://github.com/advisories/GHSA-6pq8-67pw-j6hw
reference_id
GHSA-6pq8-67pw-j6hw
reference_type
scores
0
value
MODERATE
scoring_system
cvssv3.1_qr
scoring_elements
url
https://github.com/advisories/GHSA-6pq8-67pw-j6hw
fixed_packages
0
url
pkg:composer/neos/flow@2.3.16
purl
pkg:composer/neos/flow@2.3.16
is_vulnerable
false
affected_by_vulnerabilities
resource_url
http://public2.vulnerablecode.io/packages/pkg:composer/neos/flow@2.3.16
1
url
pkg:composer/neos/flow@3.0.10
purl
pkg:composer/neos/flow@3.0.10
is_vulnerable
false
affected_by_vulnerabilities
resource_url
http://public2.vulnerablecode.io/packages/pkg:composer/neos/flow@3.0.10
2
url
pkg:composer/neos/flow@3.1.7
purl
pkg:composer/neos/flow@3.1.7
is_vulnerable
false
affected_by_vulnerabilities
resource_url
http://public2.vulnerablecode.io/packages/pkg:composer/neos/flow@3.1.7
3
url
pkg:composer/neos/flow@3.2.7
purl
pkg:composer/neos/flow@3.2.7
is_vulnerable
false
affected_by_vulnerabilities
resource_url
http://public2.vulnerablecode.io/packages/pkg:composer/neos/flow@3.2.7
4
url
pkg:composer/neos/flow@3.3.5
purl
pkg:composer/neos/flow@3.3.5
is_vulnerable
false
affected_by_vulnerabilities
resource_url
http://public2.vulnerablecode.io/packages/pkg:composer/neos/flow@3.3.5
aliases
GHSA-6pq8-67pw-j6hw
risk_score
null
exploitability
null
weighted_severity
null
resource_url
http://public2.vulnerablecode.io/vulnerabilities/VCID-uqt2-tazg-tucp
Fixing_vulnerabilities
Risk_score
null
Resource_url
http://public2.vulnerablecode.io/packages/pkg:composer/neos/flow@2.3.0
×
Create
None
×
Edit
None