Django REST framework

Vulnerability Instance

Lookup for vulnerabilities affecting packages.

Vulnerability_idVCID-ks7b-f17t-dfd4
Summary
Code Injection in PHPUnit
Util/PHP/eval-stdin.php in PHPUnit starting with 4.8.19 and before 4.8.28, as well as 5.x before 5.6.3, allows remote attackers to execute arbitrary PHP code via HTTP POST data beginning with a `<?php ` substring, as demonstrated by an attack on a site with an exposed /vendor folder, i.e., external access to the /vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php URI.
Aliases
0
alias CVE-2017-9841
1
alias GHSA-r7c9-c69m-rph8
Fixed_packages
0
url pkg:alpm/archlinux/mediawiki@1.28.3-1
purl pkg:alpm/archlinux/mediawiki@1.28.3-1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/mediawiki@1.28.3-1
1
url pkg:composer/phpunit/phpunit@4.8.28
purl pkg:composer/phpunit/phpunit@4.8.28
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-6bt7-kw89-v3dt
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/phpunit/phpunit@4.8.28
2
url pkg:composer/phpunit/phpunit@5.6.3
purl pkg:composer/phpunit/phpunit@5.6.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-6bt7-kw89-v3dt
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/phpunit/phpunit@5.6.3
3
url pkg:deb/debian/phpunit@5.4.6-2?distro=trixie
purl pkg:deb/debian/phpunit@5.4.6-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpunit@5.4.6-2%3Fdistro=trixie
4
url pkg:deb/debian/phpunit@7.5.6-1
purl pkg:deb/debian/phpunit@7.5.6-1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-6bt7-kw89-v3dt
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpunit@7.5.6-1
5
url pkg:deb/debian/phpunit@9.5.2-1?distro=trixie
purl pkg:deb/debian/phpunit@9.5.2-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpunit@9.5.2-1%3Fdistro=trixie
6
url pkg:deb/debian/phpunit@9.6.7-1?distro=trixie
purl pkg:deb/debian/phpunit@9.6.7-1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-6bt7-kw89-v3dt
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpunit@9.6.7-1%3Fdistro=trixie
7
url pkg:deb/debian/phpunit@11.5.19-1%2Bdeb13u1?distro=trixie
purl pkg:deb/debian/phpunit@11.5.19-1%2Bdeb13u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpunit@11.5.19-1%252Bdeb13u1%3Fdistro=trixie
8
url pkg:deb/debian/phpunit@13.0.0-2?distro=trixie
purl pkg:deb/debian/phpunit@13.0.0-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpunit@13.0.0-2%3Fdistro=trixie
9
url pkg:deb/debian/phpunit@13.0.6-1?distro=trixie
purl pkg:deb/debian/phpunit@13.0.6-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpunit@13.0.6-1%3Fdistro=trixie
10
url pkg:deb/debian/phpunit@13.0.6-2?distro=trixie
purl pkg:deb/debian/phpunit@13.0.6-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpunit@13.0.6-2%3Fdistro=trixie
11
url pkg:ebuild/dev-php/phpunit@5.7.15-r1
purl pkg:ebuild/dev-php/phpunit@5.7.15-r1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-php/phpunit@5.7.15-r1
Affected_packages
0
url pkg:alpm/archlinux/mediawiki@1.28.2-1
purl pkg:alpm/archlinux/mediawiki@1.28.2-1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-ks7b-f17t-dfd4
resource_url http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/mediawiki@1.28.2-1
1
url pkg:composer/phpunit/phpunit@4.8.19
purl pkg:composer/phpunit/phpunit@4.8.19
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-6bt7-kw89-v3dt
1
vulnerability VCID-ks7b-f17t-dfd4
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/phpunit/phpunit@4.8.19
2
url pkg:composer/phpunit/phpunit@4.8.20
purl pkg:composer/phpunit/phpunit@4.8.20
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-6bt7-kw89-v3dt
1
vulnerability VCID-ks7b-f17t-dfd4
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/phpunit/phpunit@4.8.20
3
url pkg:composer/phpunit/phpunit@4.8.21
purl pkg:composer/phpunit/phpunit@4.8.21
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-6bt7-kw89-v3dt
1
vulnerability VCID-ks7b-f17t-dfd4
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/phpunit/phpunit@4.8.21
4
url pkg:composer/phpunit/phpunit@4.8.22
purl pkg:composer/phpunit/phpunit@4.8.22
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-6bt7-kw89-v3dt
1
vulnerability VCID-ks7b-f17t-dfd4
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/phpunit/phpunit@4.8.22
5
url pkg:composer/phpunit/phpunit@4.8.23
purl pkg:composer/phpunit/phpunit@4.8.23
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-6bt7-kw89-v3dt
1
vulnerability VCID-ks7b-f17t-dfd4
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/phpunit/phpunit@4.8.23
6
url pkg:composer/phpunit/phpunit@4.8.24
purl pkg:composer/phpunit/phpunit@4.8.24
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-6bt7-kw89-v3dt
1
vulnerability VCID-ks7b-f17t-dfd4
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/phpunit/phpunit@4.8.24
7
url pkg:composer/phpunit/phpunit@4.8.25
purl pkg:composer/phpunit/phpunit@4.8.25
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-6bt7-kw89-v3dt
1
vulnerability VCID-ks7b-f17t-dfd4
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/phpunit/phpunit@4.8.25
8
url pkg:composer/phpunit/phpunit@4.8.26
purl pkg:composer/phpunit/phpunit@4.8.26
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-6bt7-kw89-v3dt
1
vulnerability VCID-ks7b-f17t-dfd4
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/phpunit/phpunit@4.8.26
9
url pkg:composer/phpunit/phpunit@4.8.27
purl pkg:composer/phpunit/phpunit@4.8.27
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-6bt7-kw89-v3dt
1
vulnerability VCID-ks7b-f17t-dfd4
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/phpunit/phpunit@4.8.27
10
url pkg:composer/phpunit/phpunit@5.0.10
purl pkg:composer/phpunit/phpunit@5.0.10
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-6bt7-kw89-v3dt
1
vulnerability VCID-ks7b-f17t-dfd4
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/phpunit/phpunit@5.0.10
11
url pkg:composer/phpunit/phpunit@5.1.0
purl pkg:composer/phpunit/phpunit@5.1.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-6bt7-kw89-v3dt
1
vulnerability VCID-ks7b-f17t-dfd4
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/phpunit/phpunit@5.1.0
12
url pkg:composer/phpunit/phpunit@5.1.1
purl pkg:composer/phpunit/phpunit@5.1.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-6bt7-kw89-v3dt
1
vulnerability VCID-ks7b-f17t-dfd4
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/phpunit/phpunit@5.1.1
13
url pkg:composer/phpunit/phpunit@5.1.2
purl pkg:composer/phpunit/phpunit@5.1.2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-6bt7-kw89-v3dt
1
vulnerability VCID-ks7b-f17t-dfd4
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/phpunit/phpunit@5.1.2
14
url pkg:composer/phpunit/phpunit@5.1.3
purl pkg:composer/phpunit/phpunit@5.1.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-6bt7-kw89-v3dt
1
vulnerability VCID-ks7b-f17t-dfd4
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/phpunit/phpunit@5.1.3
15
url pkg:composer/phpunit/phpunit@5.1.4
purl pkg:composer/phpunit/phpunit@5.1.4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-6bt7-kw89-v3dt
1
vulnerability VCID-ks7b-f17t-dfd4
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/phpunit/phpunit@5.1.4
16
url pkg:composer/phpunit/phpunit@5.1.5
purl pkg:composer/phpunit/phpunit@5.1.5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-6bt7-kw89-v3dt
1
vulnerability VCID-ks7b-f17t-dfd4
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/phpunit/phpunit@5.1.5
17
url pkg:composer/phpunit/phpunit@5.1.6
purl pkg:composer/phpunit/phpunit@5.1.6
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-6bt7-kw89-v3dt
1
vulnerability VCID-ks7b-f17t-dfd4
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/phpunit/phpunit@5.1.6
18
url pkg:composer/phpunit/phpunit@5.1.7
purl pkg:composer/phpunit/phpunit@5.1.7
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-6bt7-kw89-v3dt
1
vulnerability VCID-ks7b-f17t-dfd4
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/phpunit/phpunit@5.1.7
19
url pkg:composer/phpunit/phpunit@5.2.0
purl pkg:composer/phpunit/phpunit@5.2.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-6bt7-kw89-v3dt
1
vulnerability VCID-ks7b-f17t-dfd4
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/phpunit/phpunit@5.2.0
20
url pkg:composer/phpunit/phpunit@5.2.1
purl pkg:composer/phpunit/phpunit@5.2.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-6bt7-kw89-v3dt
1
vulnerability VCID-ks7b-f17t-dfd4
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/phpunit/phpunit@5.2.1
21
url pkg:composer/phpunit/phpunit@5.2.2
purl pkg:composer/phpunit/phpunit@5.2.2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-6bt7-kw89-v3dt
1
vulnerability VCID-ks7b-f17t-dfd4
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/phpunit/phpunit@5.2.2
22
url pkg:composer/phpunit/phpunit@5.2.3
purl pkg:composer/phpunit/phpunit@5.2.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-6bt7-kw89-v3dt
1
vulnerability VCID-ks7b-f17t-dfd4
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/phpunit/phpunit@5.2.3
23
url pkg:composer/phpunit/phpunit@5.2.4
purl pkg:composer/phpunit/phpunit@5.2.4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-6bt7-kw89-v3dt
1
vulnerability VCID-ks7b-f17t-dfd4
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/phpunit/phpunit@5.2.4
24
url pkg:composer/phpunit/phpunit@5.2.5
purl pkg:composer/phpunit/phpunit@5.2.5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-6bt7-kw89-v3dt
1
vulnerability VCID-ks7b-f17t-dfd4
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/phpunit/phpunit@5.2.5
25
url pkg:composer/phpunit/phpunit@5.2.6
purl pkg:composer/phpunit/phpunit@5.2.6
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-6bt7-kw89-v3dt
1
vulnerability VCID-ks7b-f17t-dfd4
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/phpunit/phpunit@5.2.6
26
url pkg:composer/phpunit/phpunit@5.2.7
purl pkg:composer/phpunit/phpunit@5.2.7
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-6bt7-kw89-v3dt
1
vulnerability VCID-ks7b-f17t-dfd4
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/phpunit/phpunit@5.2.7
27
url pkg:composer/phpunit/phpunit@5.2.8
purl pkg:composer/phpunit/phpunit@5.2.8
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-6bt7-kw89-v3dt
1
vulnerability VCID-ks7b-f17t-dfd4
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/phpunit/phpunit@5.2.8
28
url pkg:composer/phpunit/phpunit@5.2.9
purl pkg:composer/phpunit/phpunit@5.2.9
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-6bt7-kw89-v3dt
1
vulnerability VCID-ks7b-f17t-dfd4
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/phpunit/phpunit@5.2.9
29
url pkg:composer/phpunit/phpunit@5.2.10
purl pkg:composer/phpunit/phpunit@5.2.10
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-6bt7-kw89-v3dt
1
vulnerability VCID-ks7b-f17t-dfd4
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/phpunit/phpunit@5.2.10
30
url pkg:composer/phpunit/phpunit@5.2.11
purl pkg:composer/phpunit/phpunit@5.2.11
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-6bt7-kw89-v3dt
1
vulnerability VCID-ks7b-f17t-dfd4
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/phpunit/phpunit@5.2.11
31
url pkg:composer/phpunit/phpunit@5.2.12
purl pkg:composer/phpunit/phpunit@5.2.12
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-6bt7-kw89-v3dt
1
vulnerability VCID-ks7b-f17t-dfd4
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/phpunit/phpunit@5.2.12
32
url pkg:composer/phpunit/phpunit@5.3.0
purl pkg:composer/phpunit/phpunit@5.3.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-6bt7-kw89-v3dt
1
vulnerability VCID-ks7b-f17t-dfd4
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/phpunit/phpunit@5.3.0
33
url pkg:composer/phpunit/phpunit@5.3.1
purl pkg:composer/phpunit/phpunit@5.3.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-6bt7-kw89-v3dt
1
vulnerability VCID-ks7b-f17t-dfd4
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/phpunit/phpunit@5.3.1
34
url pkg:composer/phpunit/phpunit@5.3.2
purl pkg:composer/phpunit/phpunit@5.3.2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-6bt7-kw89-v3dt
1
vulnerability VCID-ks7b-f17t-dfd4
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/phpunit/phpunit@5.3.2
35
url pkg:composer/phpunit/phpunit@5.3.3
purl pkg:composer/phpunit/phpunit@5.3.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-6bt7-kw89-v3dt
1
vulnerability VCID-ks7b-f17t-dfd4
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/phpunit/phpunit@5.3.3
36
url pkg:composer/phpunit/phpunit@5.3.4
purl pkg:composer/phpunit/phpunit@5.3.4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-6bt7-kw89-v3dt
1
vulnerability VCID-ks7b-f17t-dfd4
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/phpunit/phpunit@5.3.4
37
url pkg:composer/phpunit/phpunit@5.3.5
purl pkg:composer/phpunit/phpunit@5.3.5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-6bt7-kw89-v3dt
1
vulnerability VCID-ks7b-f17t-dfd4
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/phpunit/phpunit@5.3.5
38
url pkg:composer/phpunit/phpunit@5.4.0
purl pkg:composer/phpunit/phpunit@5.4.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-6bt7-kw89-v3dt
1
vulnerability VCID-ks7b-f17t-dfd4
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/phpunit/phpunit@5.4.0
39
url pkg:composer/phpunit/phpunit@5.4.1
purl pkg:composer/phpunit/phpunit@5.4.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-6bt7-kw89-v3dt
1
vulnerability VCID-ks7b-f17t-dfd4
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/phpunit/phpunit@5.4.1
40
url pkg:composer/phpunit/phpunit@5.4.2
purl pkg:composer/phpunit/phpunit@5.4.2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-6bt7-kw89-v3dt
1
vulnerability VCID-ks7b-f17t-dfd4
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/phpunit/phpunit@5.4.2
41
url pkg:composer/phpunit/phpunit@5.4.3
purl pkg:composer/phpunit/phpunit@5.4.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-6bt7-kw89-v3dt
1
vulnerability VCID-ks7b-f17t-dfd4
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/phpunit/phpunit@5.4.3
42
url pkg:composer/phpunit/phpunit@5.4.4
purl pkg:composer/phpunit/phpunit@5.4.4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-6bt7-kw89-v3dt
1
vulnerability VCID-ks7b-f17t-dfd4
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/phpunit/phpunit@5.4.4
43
url pkg:composer/phpunit/phpunit@5.4.5
purl pkg:composer/phpunit/phpunit@5.4.5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-6bt7-kw89-v3dt
1
vulnerability VCID-ks7b-f17t-dfd4
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/phpunit/phpunit@5.4.5
44
url pkg:composer/phpunit/phpunit@5.4.6
purl pkg:composer/phpunit/phpunit@5.4.6
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-6bt7-kw89-v3dt
1
vulnerability VCID-ks7b-f17t-dfd4
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/phpunit/phpunit@5.4.6
45
url pkg:composer/phpunit/phpunit@5.4.7
purl pkg:composer/phpunit/phpunit@5.4.7
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-6bt7-kw89-v3dt
1
vulnerability VCID-ks7b-f17t-dfd4
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/phpunit/phpunit@5.4.7
46
url pkg:composer/phpunit/phpunit@5.4.8
purl pkg:composer/phpunit/phpunit@5.4.8
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-6bt7-kw89-v3dt
1
vulnerability VCID-ks7b-f17t-dfd4
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/phpunit/phpunit@5.4.8
47
url pkg:composer/phpunit/phpunit@5.5.0
purl pkg:composer/phpunit/phpunit@5.5.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-6bt7-kw89-v3dt
1
vulnerability VCID-ks7b-f17t-dfd4
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/phpunit/phpunit@5.5.0
48
url pkg:composer/phpunit/phpunit@5.5.1
purl pkg:composer/phpunit/phpunit@5.5.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-6bt7-kw89-v3dt
1
vulnerability VCID-ks7b-f17t-dfd4
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/phpunit/phpunit@5.5.1
49
url pkg:composer/phpunit/phpunit@5.5.2
purl pkg:composer/phpunit/phpunit@5.5.2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-6bt7-kw89-v3dt
1
vulnerability VCID-ks7b-f17t-dfd4
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/phpunit/phpunit@5.5.2
50
url pkg:composer/phpunit/phpunit@5.5.3
purl pkg:composer/phpunit/phpunit@5.5.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-6bt7-kw89-v3dt
1
vulnerability VCID-ks7b-f17t-dfd4
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/phpunit/phpunit@5.5.3
51
url pkg:composer/phpunit/phpunit@5.5.4
purl pkg:composer/phpunit/phpunit@5.5.4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-6bt7-kw89-v3dt
1
vulnerability VCID-ks7b-f17t-dfd4
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/phpunit/phpunit@5.5.4
52
url pkg:composer/phpunit/phpunit@5.5.5
purl pkg:composer/phpunit/phpunit@5.5.5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-6bt7-kw89-v3dt
1
vulnerability VCID-ks7b-f17t-dfd4
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/phpunit/phpunit@5.5.5
53
url pkg:composer/phpunit/phpunit@5.5.6
purl pkg:composer/phpunit/phpunit@5.5.6
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-6bt7-kw89-v3dt
1
vulnerability VCID-ks7b-f17t-dfd4
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/phpunit/phpunit@5.5.6
54
url pkg:composer/phpunit/phpunit@5.5.7
purl pkg:composer/phpunit/phpunit@5.5.7
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-6bt7-kw89-v3dt
1
vulnerability VCID-ks7b-f17t-dfd4
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/phpunit/phpunit@5.5.7
55
url pkg:composer/phpunit/phpunit@5.6.0
purl pkg:composer/phpunit/phpunit@5.6.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-6bt7-kw89-v3dt
1
vulnerability VCID-ks7b-f17t-dfd4
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/phpunit/phpunit@5.6.0
56
url pkg:composer/phpunit/phpunit@5.6.1
purl pkg:composer/phpunit/phpunit@5.6.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-6bt7-kw89-v3dt
1
vulnerability VCID-ks7b-f17t-dfd4
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/phpunit/phpunit@5.6.1
57
url pkg:composer/phpunit/phpunit@5.6.2
purl pkg:composer/phpunit/phpunit@5.6.2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-6bt7-kw89-v3dt
1
vulnerability VCID-ks7b-f17t-dfd4
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/phpunit/phpunit@5.6.2
58
url pkg:deb/debian/phpunit@1.1.1-2
purl pkg:deb/debian/phpunit@1.1.1-2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-6bt7-kw89-v3dt
1
vulnerability VCID-ks7b-f17t-dfd4
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpunit@1.1.1-2
59
url pkg:deb/debian/phpunit@1.3.2-2
purl pkg:deb/debian/phpunit@1.3.2-2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-6bt7-kw89-v3dt
1
vulnerability VCID-ks7b-f17t-dfd4
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpunit@1.3.2-2
60
url pkg:deb/debian/phpunit@3.2.16-1
purl pkg:deb/debian/phpunit@3.2.16-1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-6bt7-kw89-v3dt
1
vulnerability VCID-ks7b-f17t-dfd4
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpunit@3.2.16-1
61
url pkg:deb/debian/phpunit@3.4.14-1
purl pkg:deb/debian/phpunit@3.4.14-1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-6bt7-kw89-v3dt
1
vulnerability VCID-ks7b-f17t-dfd4
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpunit@3.4.14-1
62
url pkg:deb/debian/phpunit@3.6.10-1
purl pkg:deb/debian/phpunit@3.6.10-1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-6bt7-kw89-v3dt
1
vulnerability VCID-ks7b-f17t-dfd4
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpunit@3.6.10-1
63
url pkg:deb/debian/phpunit@3.7.28-1~bpo70%2B1
purl pkg:deb/debian/phpunit@3.7.28-1~bpo70%2B1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-6bt7-kw89-v3dt
1
vulnerability VCID-ks7b-f17t-dfd4
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpunit@3.7.28-1~bpo70%252B1
64
url pkg:deb/debian/phpunit@4.2.6-2
purl pkg:deb/debian/phpunit@4.2.6-2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-6bt7-kw89-v3dt
1
vulnerability VCID-ks7b-f17t-dfd4
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpunit@4.2.6-2
65
url pkg:deb/debian/phpunit@5.4.6-2~deb9u1
purl pkg:deb/debian/phpunit@5.4.6-2~deb9u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-6bt7-kw89-v3dt
1
vulnerability VCID-ks7b-f17t-dfd4
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpunit@5.4.6-2~deb9u1
References
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2017-9841
reference_id
reference_type
scores
0
value 0.9421
scoring_system epss
scoring_elements 0.99923
published_at 2026-04-18T12:55:00Z
1
value 0.9421
scoring_system epss
scoring_elements 0.99922
published_at 2026-04-21T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2017-9841
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9841
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9841
2
reference_url https://github.com/sebastianbergmann/phpunit
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/sebastianbergmann/phpunit
3
reference_url https://github.com/sebastianbergmann/phpunit/commit/284a69fb88a2d0845d23f42974a583d8f59bf5a5
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H
2
value CRITICAL
scoring_system generic_textual
scoring_elements
3
value Act
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-07T14:09:44Z/
url https://github.com/sebastianbergmann/phpunit/commit/284a69fb88a2d0845d23f42974a583d8f59bf5a5
4
reference_url https://github.com/sebastianbergmann/phpunit/commit/3aaddb1c5bd9b9b8d070b4cf120e71c36fd08412
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/sebastianbergmann/phpunit/commit/3aaddb1c5bd9b9b8d070b4cf120e71c36fd08412
5
reference_url https://github.com/sebastianbergmann/phpunit/pull/1955
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/sebastianbergmann/phpunit/pull/1955
6
reference_url https://github.com/sebastianbergmann/phpunit/pull/1956
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H
2
value CRITICAL
scoring_system generic_textual
scoring_elements
3
value Act
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-07T14:09:44Z/
url https://github.com/sebastianbergmann/phpunit/pull/1956
7
reference_url https://security.gentoo.org/glsa/201711-15
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H
2
value CRITICAL
scoring_system generic_textual
scoring_elements
3
value Act
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-07T14:09:44Z/
url https://security.gentoo.org/glsa/201711-15
8
reference_url https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2017-9841
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2017-9841
9
reference_url https://www.oracle.com/security-alerts/cpuoct2021.html
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H
1
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
2
value CRITICAL
scoring_system generic_textual
scoring_elements
3
value Act
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-07T14:09:44Z/
url https://www.oracle.com/security-alerts/cpuoct2021.html
10
reference_url http://web.archive.org/web/20170701212357/http://phpunit.vulnbusters.com
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url http://web.archive.org/web/20170701212357/http://phpunit.vulnbusters.com
11
reference_url http://www.securityfocus.com/bid/101798
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H
2
value CRITICAL
scoring_system generic_textual
scoring_elements
3
value Act
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-07T14:09:44Z/
url http://www.securityfocus.com/bid/101798
12
reference_url http://www.securitytracker.com/id/1039812
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H
1
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
2
value CRITICAL
scoring_system generic_textual
scoring_elements
3
value Act
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-07T14:09:44Z/
url http://www.securitytracker.com/id/1039812
13
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=866200
reference_id 866200
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=866200
14
reference_url https://security.archlinux.org/AVG-491
reference_id AVG-491
reference_type
scores
0
value Critical
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-491
15
reference_url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/webapps/50702.py
reference_id CVE-2017-9841
reference_type exploit
scores
url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/webapps/50702.py
16
reference_url https://nvd.nist.gov/vuln/detail/CVE-2017-9841
reference_id CVE-2017-9841
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2017-9841
17
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/phpunit/phpunit/CVE-2017-9841.yaml
reference_id CVE-2017-9841.YAML
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/phpunit/phpunit/CVE-2017-9841.yaml
18
reference_url https://github.com/advisories/GHSA-r7c9-c69m-rph8
reference_id GHSA-r7c9-c69m-rph8
reference_type
scores
0
value CRITICAL
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-r7c9-c69m-rph8
19
reference_url http://web.archive.org/web/20170701212357/http://phpunit.vulnbusters.com/
reference_id phpunit.vulnbusters.com
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Act
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-07T14:09:44Z/
url http://web.archive.org/web/20170701212357/http://phpunit.vulnbusters.com/
20
reference_url https://usn.ubuntu.com/7171-1/
reference_id USN-7171-1
reference_type
scores
url https://usn.ubuntu.com/7171-1/
Weaknesses
0
cwe_id 94
name Improper Control of Generation of Code ('Code Injection')
description The product constructs all or part of a code segment using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the syntax or behavior of the intended code segment.
1
cwe_id 937
name OWASP Top Ten 2013 Category A9 - Using Components with Known Vulnerabilities
description Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2013.
2
cwe_id 1035
name OWASP Top Ten 2017 Category A9 - Using Components with Known Vulnerabilities
description Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2017.
Exploits
0
date_added 2022-02-15
description PHPUnit allows remote attackers to execute arbitrary PHP code via HTTP POST data beginning with a "<?php " substring, as demonstrated by an attack on a site with an exposed /vendor folder, i.e., external access to the /vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php URI.
required_action Apply updates per vendor instructions.
due_date 2022-08-15
notes https://nvd.nist.gov/vuln/detail/CVE-2017-9841
known_ransomware_campaign_use false
source_date_published null
exploit_type null
platform null
source_date_updated null
data_source KEV
source_url null
1
date_added 2022-02-02
description PHP Unit 4.8.28 - Remote Code Execution (RCE) (Unauthenticated)
required_action null
due_date null
notes null
known_ransomware_campaign_use false
source_date_published 2022-02-02
exploit_type webapps
platform php
source_date_updated 2022-02-02
data_source Exploit-DB
source_url
Severity_range_score9.0 - 10.0
Exploitability2.0
Weighted_severity9.0
Risk_score10.0
Resource_urlhttp://public2.vulnerablecode.io/vulnerabilities/VCID-ks7b-f17t-dfd4