Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:nuget/Umbraco.CMS@13.5.2
Typenuget
Namespace
NameUmbraco.CMS
Version13.5.2
Qualifiers
Subpath
Is_vulnerablefalse
Next_non_vulnerable_version13.5.3
Latest_non_vulnerable_version17.2.2
Affected_by_vulnerabilities
Fixing_vulnerabilities
0
url VCID-2cmy-5q87-5bgb
vulnerability_id VCID-2cmy-5q87-5bgb
summary 
Umbraco CMS logout page displayed before session expiration
The Backoffice displays the logout page with a session timeout message before the server session has fully expired, causing users to believe they have been logged out approximately 30 seconds before they actually are.
references
0
reference_url https://github.com/umbraco/Umbraco-CMS
reference_id
reference_type
scores
0
value 4.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/umbraco/Umbraco-CMS
1
reference_url https://nvd.nist.gov/vuln/detail/CVE-2024-48926
reference_id CVE-2024-48926
reference_type
scores
0
value 4.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2024-48926
2
reference_url https://github.com/advisories/GHSA-fp6q-gccw-7qqm
reference_id GHSA-fp6q-gccw-7qqm
reference_type
scores
url https://github.com/advisories/GHSA-fp6q-gccw-7qqm
3
reference_url https://github.com/umbraco/Umbraco-CMS/security/advisories/GHSA-fp6q-gccw-7qqm
reference_id GHSA-fp6q-gccw-7qqm
reference_type
scores
0
value 4.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/umbraco/Umbraco-CMS/security/advisories/GHSA-fp6q-gccw-7qqm
fixed_packages
0
url pkg:nuget/Umbraco.CMS@10.8.7
purl pkg:nuget/Umbraco.CMS@10.8.7
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:nuget/Umbraco.CMS@10.8.7
1
url pkg:nuget/Umbraco.CMS@13.5.2
purl pkg:nuget/Umbraco.CMS@13.5.2
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:nuget/Umbraco.CMS@13.5.2
aliases CVE-2024-48926, GHSA-fp6q-gccw-7qqm
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-2cmy-5q87-5bgb
1
url VCID-2hwx-v48x-4bav
vulnerability_id VCID-2hwx-v48x-4bav
summary 
Umbraco CMS Has Incomplete Server Termination During Explicit Sign-Out
During an explicit sign-out, the server session is not fully terminated.
references
0
reference_url https://github.com/umbraco/Umbraco-CMS
reference_id
reference_type
scores
0
value 4.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/umbraco/Umbraco-CMS
1
reference_url https://nvd.nist.gov/vuln/detail/CVE-2024-48929
reference_id CVE-2024-48929
reference_type
scores
0
value 4.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2024-48929
2
reference_url https://github.com/advisories/GHSA-wxw9-6pv9-c3xc
reference_id GHSA-wxw9-6pv9-c3xc
reference_type
scores
url https://github.com/advisories/GHSA-wxw9-6pv9-c3xc
3
reference_url https://github.com/umbraco/Umbraco-CMS/security/advisories/GHSA-wxw9-6pv9-c3xc
reference_id GHSA-wxw9-6pv9-c3xc
reference_type
scores
0
value 4.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/umbraco/Umbraco-CMS/security/advisories/GHSA-wxw9-6pv9-c3xc
fixed_packages
0
url pkg:nuget/Umbraco.CMS@10.8.7
purl pkg:nuget/Umbraco.CMS@10.8.7
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:nuget/Umbraco.CMS@10.8.7
1
url pkg:nuget/Umbraco.CMS@13.5.2
purl pkg:nuget/Umbraco.CMS@13.5.2
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:nuget/Umbraco.CMS@13.5.2
aliases CVE-2024-48929, GHSA-wxw9-6pv9-c3xc
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-2hwx-v48x-4bav
2
url VCID-e5g9-xgrk-eqaf
vulnerability_id VCID-e5g9-xgrk-eqaf
summary 
Umbraco has a Potential Code Execution Risk When Viewing SVG Files in Full Screen in Backoffice
There is a potential risk of code execution for Backoffice users when they “preview” SVG files in full screen mode.
references
0
reference_url https://github.com/umbraco/Umbraco-CMS
reference_id
reference_type
scores
0
value 4.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/umbraco/Umbraco-CMS
1
reference_url https://nvd.nist.gov/vuln/detail/CVE-2024-48927
reference_id CVE-2024-48927
reference_type
scores
0
value 4.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2024-48927
2
reference_url https://github.com/advisories/GHSA-5955-cwv4-h7qh
reference_id GHSA-5955-cwv4-h7qh
reference_type
scores
url https://github.com/advisories/GHSA-5955-cwv4-h7qh
3
reference_url https://github.com/umbraco/Umbraco-CMS/security/advisories/GHSA-5955-cwv4-h7qh
reference_id GHSA-5955-cwv4-h7qh
reference_type
scores
0
value 4.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/umbraco/Umbraco-CMS/security/advisories/GHSA-5955-cwv4-h7qh
fixed_packages
0
url pkg:nuget/Umbraco.CMS@10.8.7
purl pkg:nuget/Umbraco.CMS@10.8.7
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:nuget/Umbraco.CMS@10.8.7
1
url pkg:nuget/Umbraco.CMS@13.5.2
purl pkg:nuget/Umbraco.CMS@13.5.2
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:nuget/Umbraco.CMS@13.5.2
aliases CVE-2024-48927, GHSA-5955-cwv4-h7qh
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-e5g9-xgrk-eqaf
Risk_scorenull
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:nuget/Umbraco.CMS@13.5.2