Django REST framework

Vulnerability Instance

Lookup for vulnerabilities affecting packages.

Vulnerability_idVCID-xnb4-zjws-vuhu
Summary
silverstripe/framework uploaded PHP script execution in assets
A weakness in the .htaccess rules preventing requests to uploaded PHP scripts allows PHP scripts that had made their way into the assets directory to be successfully executed through the use of a specially crafted URL. There are protections in place to disallow upload of PHP scripts through the CMS, meaning this weakness does not lead to direct vulnerabilities.

In addition, sites hosted on the New Zealand Common Web Platform or SilverStripe Platform have additional configuration in place which prevents PHP script execution in assets, even in a malicious party manages to upload these into the folder.
Aliases
0
alias GHSA-f43j-8hq4-2xj9
Fixed_packages
0
url pkg:composer/silverstripe/framework@4.0.4
purl pkg:composer/silverstripe/framework@4.0.4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2rbk-47h6-d7d8
1
vulnerability VCID-4f9c-aun4-wfep
2
vulnerability VCID-4x32-t75c-u3bj
3
vulnerability VCID-5pkg-j4wg-7fcn
4
vulnerability VCID-6du5-hdvd-fueb
5
vulnerability VCID-6epx-c68d-d7bv
6
vulnerability VCID-7dk3-gcup-2kc9
7
vulnerability VCID-86yd-4mkt-hydr
8
vulnerability VCID-a3yc-fxa1-gfhy
9
vulnerability VCID-ajga-3b99-yugh
10
vulnerability VCID-axxx-gpfn-mqc9
11
vulnerability VCID-bdcq-z11u-zyh5
12
vulnerability VCID-c75p-3hdz-q3b6
13
vulnerability VCID-cdgj-bdpy-ukak
14
vulnerability VCID-cfgg-fgjt-z3hn
15
vulnerability VCID-d5q3-jrdb-euav
16
vulnerability VCID-dc9y-v257-6bhf
17
vulnerability VCID-enkd-4y44-4ueq
18
vulnerability VCID-fpb7-5pwu-tyg5
19
vulnerability VCID-ftdr-uzuh-8ybc
20
vulnerability VCID-fyxa-vzeq-ubeq
21
vulnerability VCID-gme6-wj87-ekfw
22
vulnerability VCID-kak1-btjp-kqgz
23
vulnerability VCID-kd3t-2gzd-q3hq
24
vulnerability VCID-kgm4-g26x-gken
25
vulnerability VCID-kvhv-9fj5-7kgk
26
vulnerability VCID-kw9p-5fbc-hudg
27
vulnerability VCID-kxa8-dmva-ayff
28
vulnerability VCID-kxyq-vg6e-6uac
29
vulnerability VCID-m8w1-g9h9-vuce
30
vulnerability VCID-p2kq-rkh6-ayeu
31
vulnerability VCID-pq29-qe7h-tkcp
32
vulnerability VCID-qak9-2t7g-w3fv
33
vulnerability VCID-qjgf-hxng-j3g9
34
vulnerability VCID-qm38-1cwk-b3hq
35
vulnerability VCID-tc2y-zrea-vyb2
36
vulnerability VCID-u49v-31sv-eqc3
37
vulnerability VCID-ua49-snhx-dqa4
38
vulnerability VCID-w4fh-cpaq-nqat
39
vulnerability VCID-yuer-yn1w-q3gw
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/silverstripe/framework@4.0.4
1
url pkg:composer/silverstripe/framework@4.1.1
purl pkg:composer/silverstripe/framework@4.1.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2rbk-47h6-d7d8
1
vulnerability VCID-4f9c-aun4-wfep
2
vulnerability VCID-4x32-t75c-u3bj
3
vulnerability VCID-5pkg-j4wg-7fcn
4
vulnerability VCID-658d-vmwt-f7e8
5
vulnerability VCID-6du5-hdvd-fueb
6
vulnerability VCID-6epx-c68d-d7bv
7
vulnerability VCID-7dk3-gcup-2kc9
8
vulnerability VCID-86yd-4mkt-hydr
9
vulnerability VCID-a3yc-fxa1-gfhy
10
vulnerability VCID-ajga-3b99-yugh
11
vulnerability VCID-axxx-gpfn-mqc9
12
vulnerability VCID-bdcq-z11u-zyh5
13
vulnerability VCID-c75p-3hdz-q3b6
14
vulnerability VCID-cdgj-bdpy-ukak
15
vulnerability VCID-cfgg-fgjt-z3hn
16
vulnerability VCID-d5q3-jrdb-euav
17
vulnerability VCID-dc9y-v257-6bhf
18
vulnerability VCID-enkd-4y44-4ueq
19
vulnerability VCID-fpb7-5pwu-tyg5
20
vulnerability VCID-ftdr-uzuh-8ybc
21
vulnerability VCID-fyxa-vzeq-ubeq
22
vulnerability VCID-gme6-wj87-ekfw
23
vulnerability VCID-kak1-btjp-kqgz
24
vulnerability VCID-kd3t-2gzd-q3hq
25
vulnerability VCID-kgm4-g26x-gken
26
vulnerability VCID-kvhv-9fj5-7kgk
27
vulnerability VCID-kw9p-5fbc-hudg
28
vulnerability VCID-kxa8-dmva-ayff
29
vulnerability VCID-kxyq-vg6e-6uac
30
vulnerability VCID-m8w1-g9h9-vuce
31
vulnerability VCID-p2kq-rkh6-ayeu
32
vulnerability VCID-pq29-qe7h-tkcp
33
vulnerability VCID-qak9-2t7g-w3fv
34
vulnerability VCID-qjgf-hxng-j3g9
35
vulnerability VCID-qm38-1cwk-b3hq
36
vulnerability VCID-tc2y-zrea-vyb2
37
vulnerability VCID-u49v-31sv-eqc3
38
vulnerability VCID-ua49-snhx-dqa4
39
vulnerability VCID-w4fh-cpaq-nqat
40
vulnerability VCID-yuer-yn1w-q3gw
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/silverstripe/framework@4.1.1
Affected_packages
0
url pkg:composer/silverstripe/framework@4.0.0-rc1
purl pkg:composer/silverstripe/framework@4.0.0-rc1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1nes-cr3m-j3dv
1
vulnerability VCID-2rbk-47h6-d7d8
2
vulnerability VCID-4f9c-aun4-wfep
3
vulnerability VCID-4x32-t75c-u3bj
4
vulnerability VCID-5pkg-j4wg-7fcn
5
vulnerability VCID-6du5-hdvd-fueb
6
vulnerability VCID-6epx-c68d-d7bv
7
vulnerability VCID-6xwk-ee7f-5ubd
8
vulnerability VCID-71cx-seqr-3fh5
9
vulnerability VCID-7dk3-gcup-2kc9
10
vulnerability VCID-86yd-4mkt-hydr
11
vulnerability VCID-a3yc-fxa1-gfhy
12
vulnerability VCID-ajga-3b99-yugh
13
vulnerability VCID-axxx-gpfn-mqc9
14
vulnerability VCID-bdcq-z11u-zyh5
15
vulnerability VCID-c75p-3hdz-q3b6
16
vulnerability VCID-cdgj-bdpy-ukak
17
vulnerability VCID-eddc-w9wx-c3gq
18
vulnerability VCID-enkd-4y44-4ueq
19
vulnerability VCID-ff5q-59gf-nugg
20
vulnerability VCID-fpb7-5pwu-tyg5
21
vulnerability VCID-g3kz-796v-4qf1
22
vulnerability VCID-jx5m-bqc6-h3bv
23
vulnerability VCID-kak1-btjp-kqgz
24
vulnerability VCID-kvhv-9fj5-7kgk
25
vulnerability VCID-kw9p-5fbc-hudg
26
vulnerability VCID-kxa8-dmva-ayff
27
vulnerability VCID-kxyq-vg6e-6uac
28
vulnerability VCID-p554-wkxw-gfdh
29
vulnerability VCID-pq29-qe7h-tkcp
30
vulnerability VCID-qak9-2t7g-w3fv
31
vulnerability VCID-qm38-1cwk-b3hq
32
vulnerability VCID-tc2y-zrea-vyb2
33
vulnerability VCID-tm1s-2m92-uyh9
34
vulnerability VCID-u49v-31sv-eqc3
35
vulnerability VCID-v116-gayp-mbfu
36
vulnerability VCID-xnb4-zjws-vuhu
37
vulnerability VCID-yuer-yn1w-q3gw
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/silverstripe/framework@4.0.0-rc1
1
url pkg:composer/silverstripe/framework@4.0.0-rc2
purl pkg:composer/silverstripe/framework@4.0.0-rc2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1nes-cr3m-j3dv
1
vulnerability VCID-2rbk-47h6-d7d8
2
vulnerability VCID-4f9c-aun4-wfep
3
vulnerability VCID-4x32-t75c-u3bj
4
vulnerability VCID-5pkg-j4wg-7fcn
5
vulnerability VCID-6du5-hdvd-fueb
6
vulnerability VCID-6epx-c68d-d7bv
7
vulnerability VCID-6xwk-ee7f-5ubd
8
vulnerability VCID-71cx-seqr-3fh5
9
vulnerability VCID-7dk3-gcup-2kc9
10
vulnerability VCID-86yd-4mkt-hydr
11
vulnerability VCID-a3yc-fxa1-gfhy
12
vulnerability VCID-ajga-3b99-yugh
13
vulnerability VCID-axxx-gpfn-mqc9
14
vulnerability VCID-bdcq-z11u-zyh5
15
vulnerability VCID-c75p-3hdz-q3b6
16
vulnerability VCID-cdgj-bdpy-ukak
17
vulnerability VCID-eddc-w9wx-c3gq
18
vulnerability VCID-enkd-4y44-4ueq
19
vulnerability VCID-ff5q-59gf-nugg
20
vulnerability VCID-fpb7-5pwu-tyg5
21
vulnerability VCID-g3kz-796v-4qf1
22
vulnerability VCID-jx5m-bqc6-h3bv
23
vulnerability VCID-kak1-btjp-kqgz
24
vulnerability VCID-kvhv-9fj5-7kgk
25
vulnerability VCID-kw9p-5fbc-hudg
26
vulnerability VCID-kxa8-dmva-ayff
27
vulnerability VCID-kxyq-vg6e-6uac
28
vulnerability VCID-p554-wkxw-gfdh
29
vulnerability VCID-pq29-qe7h-tkcp
30
vulnerability VCID-qak9-2t7g-w3fv
31
vulnerability VCID-qm38-1cwk-b3hq
32
vulnerability VCID-tc2y-zrea-vyb2
33
vulnerability VCID-tm1s-2m92-uyh9
34
vulnerability VCID-u49v-31sv-eqc3
35
vulnerability VCID-v116-gayp-mbfu
36
vulnerability VCID-xnb4-zjws-vuhu
37
vulnerability VCID-yuer-yn1w-q3gw
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/silverstripe/framework@4.0.0-rc2
2
url pkg:composer/silverstripe/framework@4.0.0-rc3
purl pkg:composer/silverstripe/framework@4.0.0-rc3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1nes-cr3m-j3dv
1
vulnerability VCID-2rbk-47h6-d7d8
2
vulnerability VCID-4f9c-aun4-wfep
3
vulnerability VCID-4x32-t75c-u3bj
4
vulnerability VCID-5pkg-j4wg-7fcn
5
vulnerability VCID-6du5-hdvd-fueb
6
vulnerability VCID-6epx-c68d-d7bv
7
vulnerability VCID-6xwk-ee7f-5ubd
8
vulnerability VCID-71cx-seqr-3fh5
9
vulnerability VCID-7dk3-gcup-2kc9
10
vulnerability VCID-86yd-4mkt-hydr
11
vulnerability VCID-a3yc-fxa1-gfhy
12
vulnerability VCID-ajga-3b99-yugh
13
vulnerability VCID-axxx-gpfn-mqc9
14
vulnerability VCID-bdcq-z11u-zyh5
15
vulnerability VCID-c75p-3hdz-q3b6
16
vulnerability VCID-cdgj-bdpy-ukak
17
vulnerability VCID-eddc-w9wx-c3gq
18
vulnerability VCID-enkd-4y44-4ueq
19
vulnerability VCID-ff5q-59gf-nugg
20
vulnerability VCID-fpb7-5pwu-tyg5
21
vulnerability VCID-g3kz-796v-4qf1
22
vulnerability VCID-jx5m-bqc6-h3bv
23
vulnerability VCID-kak1-btjp-kqgz
24
vulnerability VCID-kvhv-9fj5-7kgk
25
vulnerability VCID-kw9p-5fbc-hudg
26
vulnerability VCID-kxa8-dmva-ayff
27
vulnerability VCID-kxyq-vg6e-6uac
28
vulnerability VCID-p554-wkxw-gfdh
29
vulnerability VCID-pq29-qe7h-tkcp
30
vulnerability VCID-qak9-2t7g-w3fv
31
vulnerability VCID-qm38-1cwk-b3hq
32
vulnerability VCID-tc2y-zrea-vyb2
33
vulnerability VCID-tm1s-2m92-uyh9
34
vulnerability VCID-u49v-31sv-eqc3
35
vulnerability VCID-v116-gayp-mbfu
36
vulnerability VCID-xnb4-zjws-vuhu
37
vulnerability VCID-yuer-yn1w-q3gw
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/silverstripe/framework@4.0.0-rc3
3
url pkg:composer/silverstripe/framework@4.0.0
purl pkg:composer/silverstripe/framework@4.0.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1nes-cr3m-j3dv
1
vulnerability VCID-2rbk-47h6-d7d8
2
vulnerability VCID-4f9c-aun4-wfep
3
vulnerability VCID-4x32-t75c-u3bj
4
vulnerability VCID-5pkg-j4wg-7fcn
5
vulnerability VCID-6du5-hdvd-fueb
6
vulnerability VCID-6epx-c68d-d7bv
7
vulnerability VCID-6xwk-ee7f-5ubd
8
vulnerability VCID-71cx-seqr-3fh5
9
vulnerability VCID-7dk3-gcup-2kc9
10
vulnerability VCID-86yd-4mkt-hydr
11
vulnerability VCID-a3yc-fxa1-gfhy
12
vulnerability VCID-ab5z-bqka-xudb
13
vulnerability VCID-ajga-3b99-yugh
14
vulnerability VCID-axxx-gpfn-mqc9
15
vulnerability VCID-bdcq-z11u-zyh5
16
vulnerability VCID-c75p-3hdz-q3b6
17
vulnerability VCID-cdgj-bdpy-ukak
18
vulnerability VCID-cfgg-fgjt-z3hn
19
vulnerability VCID-d5q3-jrdb-euav
20
vulnerability VCID-dc9y-v257-6bhf
21
vulnerability VCID-eddc-w9wx-c3gq
22
vulnerability VCID-enkd-4y44-4ueq
23
vulnerability VCID-ff5q-59gf-nugg
24
vulnerability VCID-fpb7-5pwu-tyg5
25
vulnerability VCID-ftdr-uzuh-8ybc
26
vulnerability VCID-fyxa-vzeq-ubeq
27
vulnerability VCID-g3kz-796v-4qf1
28
vulnerability VCID-gme6-wj87-ekfw
29
vulnerability VCID-jx5m-bqc6-h3bv
30
vulnerability VCID-kak1-btjp-kqgz
31
vulnerability VCID-kd3t-2gzd-q3hq
32
vulnerability VCID-kgm4-g26x-gken
33
vulnerability VCID-kvhv-9fj5-7kgk
34
vulnerability VCID-kw9p-5fbc-hudg
35
vulnerability VCID-kxa8-dmva-ayff
36
vulnerability VCID-kxyq-vg6e-6uac
37
vulnerability VCID-m8w1-g9h9-vuce
38
vulnerability VCID-p2kq-rkh6-ayeu
39
vulnerability VCID-p554-wkxw-gfdh
40
vulnerability VCID-pq29-qe7h-tkcp
41
vulnerability VCID-qak9-2t7g-w3fv
42
vulnerability VCID-qjgf-hxng-j3g9
43
vulnerability VCID-qm38-1cwk-b3hq
44
vulnerability VCID-tc2y-zrea-vyb2
45
vulnerability VCID-tm1s-2m92-uyh9
46
vulnerability VCID-u49v-31sv-eqc3
47
vulnerability VCID-ua49-snhx-dqa4
48
vulnerability VCID-v116-gayp-mbfu
49
vulnerability VCID-w4fh-cpaq-nqat
50
vulnerability VCID-xnb4-zjws-vuhu
51
vulnerability VCID-xw77-b18v-8kc4
52
vulnerability VCID-yuer-yn1w-q3gw
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/silverstripe/framework@4.0.0
4
url pkg:composer/silverstripe/framework@4.0.1-rc1
purl pkg:composer/silverstripe/framework@4.0.1-rc1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1nes-cr3m-j3dv
1
vulnerability VCID-2rbk-47h6-d7d8
2
vulnerability VCID-4f9c-aun4-wfep
3
vulnerability VCID-4x32-t75c-u3bj
4
vulnerability VCID-5pkg-j4wg-7fcn
5
vulnerability VCID-6du5-hdvd-fueb
6
vulnerability VCID-6epx-c68d-d7bv
7
vulnerability VCID-6xwk-ee7f-5ubd
8
vulnerability VCID-71cx-seqr-3fh5
9
vulnerability VCID-7dk3-gcup-2kc9
10
vulnerability VCID-86yd-4mkt-hydr
11
vulnerability VCID-a3yc-fxa1-gfhy
12
vulnerability VCID-ajga-3b99-yugh
13
vulnerability VCID-axxx-gpfn-mqc9
14
vulnerability VCID-bdcq-z11u-zyh5
15
vulnerability VCID-c75p-3hdz-q3b6
16
vulnerability VCID-cdgj-bdpy-ukak
17
vulnerability VCID-cfgg-fgjt-z3hn
18
vulnerability VCID-d5q3-jrdb-euav
19
vulnerability VCID-dc9y-v257-6bhf
20
vulnerability VCID-enkd-4y44-4ueq
21
vulnerability VCID-ff5q-59gf-nugg
22
vulnerability VCID-fpb7-5pwu-tyg5
23
vulnerability VCID-ftdr-uzuh-8ybc
24
vulnerability VCID-fyxa-vzeq-ubeq
25
vulnerability VCID-g3kz-796v-4qf1
26
vulnerability VCID-gme6-wj87-ekfw
27
vulnerability VCID-jx5m-bqc6-h3bv
28
vulnerability VCID-kak1-btjp-kqgz
29
vulnerability VCID-kd3t-2gzd-q3hq
30
vulnerability VCID-kgm4-g26x-gken
31
vulnerability VCID-kvhv-9fj5-7kgk
32
vulnerability VCID-kw9p-5fbc-hudg
33
vulnerability VCID-kxa8-dmva-ayff
34
vulnerability VCID-kxyq-vg6e-6uac
35
vulnerability VCID-m8w1-g9h9-vuce
36
vulnerability VCID-p2kq-rkh6-ayeu
37
vulnerability VCID-p554-wkxw-gfdh
38
vulnerability VCID-pq29-qe7h-tkcp
39
vulnerability VCID-qak9-2t7g-w3fv
40
vulnerability VCID-qjgf-hxng-j3g9
41
vulnerability VCID-qm38-1cwk-b3hq
42
vulnerability VCID-tc2y-zrea-vyb2
43
vulnerability VCID-u49v-31sv-eqc3
44
vulnerability VCID-ua49-snhx-dqa4
45
vulnerability VCID-v116-gayp-mbfu
46
vulnerability VCID-w4fh-cpaq-nqat
47
vulnerability VCID-xnb4-zjws-vuhu
48
vulnerability VCID-yuer-yn1w-q3gw
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/silverstripe/framework@4.0.1-rc1
5
url pkg:composer/silverstripe/framework@4.0.1
purl pkg:composer/silverstripe/framework@4.0.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1nes-cr3m-j3dv
1
vulnerability VCID-2rbk-47h6-d7d8
2
vulnerability VCID-4f9c-aun4-wfep
3
vulnerability VCID-4x32-t75c-u3bj
4
vulnerability VCID-5pkg-j4wg-7fcn
5
vulnerability VCID-6du5-hdvd-fueb
6
vulnerability VCID-6epx-c68d-d7bv
7
vulnerability VCID-7dk3-gcup-2kc9
8
vulnerability VCID-86yd-4mkt-hydr
9
vulnerability VCID-a3yc-fxa1-gfhy
10
vulnerability VCID-ajga-3b99-yugh
11
vulnerability VCID-axxx-gpfn-mqc9
12
vulnerability VCID-bdcq-z11u-zyh5
13
vulnerability VCID-c75p-3hdz-q3b6
14
vulnerability VCID-cdgj-bdpy-ukak
15
vulnerability VCID-cfgg-fgjt-z3hn
16
vulnerability VCID-d5q3-jrdb-euav
17
vulnerability VCID-dc9y-v257-6bhf
18
vulnerability VCID-enkd-4y44-4ueq
19
vulnerability VCID-ff5q-59gf-nugg
20
vulnerability VCID-fpb7-5pwu-tyg5
21
vulnerability VCID-ftdr-uzuh-8ybc
22
vulnerability VCID-fyxa-vzeq-ubeq
23
vulnerability VCID-gme6-wj87-ekfw
24
vulnerability VCID-jx5m-bqc6-h3bv
25
vulnerability VCID-kak1-btjp-kqgz
26
vulnerability VCID-kd3t-2gzd-q3hq
27
vulnerability VCID-kgm4-g26x-gken
28
vulnerability VCID-kvhv-9fj5-7kgk
29
vulnerability VCID-kw9p-5fbc-hudg
30
vulnerability VCID-kxa8-dmva-ayff
31
vulnerability VCID-kxyq-vg6e-6uac
32
vulnerability VCID-m8w1-g9h9-vuce
33
vulnerability VCID-p2kq-rkh6-ayeu
34
vulnerability VCID-p554-wkxw-gfdh
35
vulnerability VCID-pq29-qe7h-tkcp
36
vulnerability VCID-qak9-2t7g-w3fv
37
vulnerability VCID-qjgf-hxng-j3g9
38
vulnerability VCID-qm38-1cwk-b3hq
39
vulnerability VCID-tc2y-zrea-vyb2
40
vulnerability VCID-u49v-31sv-eqc3
41
vulnerability VCID-ua49-snhx-dqa4
42
vulnerability VCID-w4fh-cpaq-nqat
43
vulnerability VCID-xnb4-zjws-vuhu
44
vulnerability VCID-yuer-yn1w-q3gw
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/silverstripe/framework@4.0.1
6
url pkg:composer/silverstripe/framework@4.0.2
purl pkg:composer/silverstripe/framework@4.0.2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1nes-cr3m-j3dv
1
vulnerability VCID-2rbk-47h6-d7d8
2
vulnerability VCID-4f9c-aun4-wfep
3
vulnerability VCID-4x32-t75c-u3bj
4
vulnerability VCID-5pkg-j4wg-7fcn
5
vulnerability VCID-6du5-hdvd-fueb
6
vulnerability VCID-6epx-c68d-d7bv
7
vulnerability VCID-7dk3-gcup-2kc9
8
vulnerability VCID-86yd-4mkt-hydr
9
vulnerability VCID-a3yc-fxa1-gfhy
10
vulnerability VCID-ajga-3b99-yugh
11
vulnerability VCID-axxx-gpfn-mqc9
12
vulnerability VCID-bdcq-z11u-zyh5
13
vulnerability VCID-c75p-3hdz-q3b6
14
vulnerability VCID-cdgj-bdpy-ukak
15
vulnerability VCID-cfgg-fgjt-z3hn
16
vulnerability VCID-d5q3-jrdb-euav
17
vulnerability VCID-dc9y-v257-6bhf
18
vulnerability VCID-enkd-4y44-4ueq
19
vulnerability VCID-ff5q-59gf-nugg
20
vulnerability VCID-fpb7-5pwu-tyg5
21
vulnerability VCID-ftdr-uzuh-8ybc
22
vulnerability VCID-fyxa-vzeq-ubeq
23
vulnerability VCID-gme6-wj87-ekfw
24
vulnerability VCID-jx5m-bqc6-h3bv
25
vulnerability VCID-kak1-btjp-kqgz
26
vulnerability VCID-kd3t-2gzd-q3hq
27
vulnerability VCID-kgm4-g26x-gken
28
vulnerability VCID-kvhv-9fj5-7kgk
29
vulnerability VCID-kw9p-5fbc-hudg
30
vulnerability VCID-kxa8-dmva-ayff
31
vulnerability VCID-kxyq-vg6e-6uac
32
vulnerability VCID-m8w1-g9h9-vuce
33
vulnerability VCID-p2kq-rkh6-ayeu
34
vulnerability VCID-p554-wkxw-gfdh
35
vulnerability VCID-pq29-qe7h-tkcp
36
vulnerability VCID-qak9-2t7g-w3fv
37
vulnerability VCID-qjgf-hxng-j3g9
38
vulnerability VCID-qm38-1cwk-b3hq
39
vulnerability VCID-tc2y-zrea-vyb2
40
vulnerability VCID-u49v-31sv-eqc3
41
vulnerability VCID-ua49-snhx-dqa4
42
vulnerability VCID-w4fh-cpaq-nqat
43
vulnerability VCID-xnb4-zjws-vuhu
44
vulnerability VCID-yuer-yn1w-q3gw
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/silverstripe/framework@4.0.2
7
url pkg:composer/silverstripe/framework@4.0.3
purl pkg:composer/silverstripe/framework@4.0.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1nes-cr3m-j3dv
1
vulnerability VCID-2rbk-47h6-d7d8
2
vulnerability VCID-4f9c-aun4-wfep
3
vulnerability VCID-4x32-t75c-u3bj
4
vulnerability VCID-5pkg-j4wg-7fcn
5
vulnerability VCID-6du5-hdvd-fueb
6
vulnerability VCID-6epx-c68d-d7bv
7
vulnerability VCID-7dk3-gcup-2kc9
8
vulnerability VCID-86yd-4mkt-hydr
9
vulnerability VCID-a3yc-fxa1-gfhy
10
vulnerability VCID-ajga-3b99-yugh
11
vulnerability VCID-axxx-gpfn-mqc9
12
vulnerability VCID-b9th-m3ys-7bat
13
vulnerability VCID-bdcq-z11u-zyh5
14
vulnerability VCID-c75p-3hdz-q3b6
15
vulnerability VCID-cdgj-bdpy-ukak
16
vulnerability VCID-cfgg-fgjt-z3hn
17
vulnerability VCID-d5q3-jrdb-euav
18
vulnerability VCID-dc9y-v257-6bhf
19
vulnerability VCID-dgke-xzhn-dkg5
20
vulnerability VCID-enkd-4y44-4ueq
21
vulnerability VCID-ff5q-59gf-nugg
22
vulnerability VCID-fpb7-5pwu-tyg5
23
vulnerability VCID-ftdr-uzuh-8ybc
24
vulnerability VCID-fyxa-vzeq-ubeq
25
vulnerability VCID-gme6-wj87-ekfw
26
vulnerability VCID-jx5m-bqc6-h3bv
27
vulnerability VCID-kak1-btjp-kqgz
28
vulnerability VCID-kd3t-2gzd-q3hq
29
vulnerability VCID-kgm4-g26x-gken
30
vulnerability VCID-kvhv-9fj5-7kgk
31
vulnerability VCID-kw9p-5fbc-hudg
32
vulnerability VCID-kxa8-dmva-ayff
33
vulnerability VCID-kxyq-vg6e-6uac
34
vulnerability VCID-m8w1-g9h9-vuce
35
vulnerability VCID-p2kq-rkh6-ayeu
36
vulnerability VCID-p554-wkxw-gfdh
37
vulnerability VCID-pffp-vtk7-pqby
38
vulnerability VCID-pq29-qe7h-tkcp
39
vulnerability VCID-qak9-2t7g-w3fv
40
vulnerability VCID-qjgf-hxng-j3g9
41
vulnerability VCID-qm38-1cwk-b3hq
42
vulnerability VCID-tc2y-zrea-vyb2
43
vulnerability VCID-u49v-31sv-eqc3
44
vulnerability VCID-ua49-snhx-dqa4
45
vulnerability VCID-w4fh-cpaq-nqat
46
vulnerability VCID-xnb4-zjws-vuhu
47
vulnerability VCID-yuer-yn1w-q3gw
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/silverstripe/framework@4.0.3
8
url pkg:composer/silverstripe/framework@4.1.0-rc1
purl pkg:composer/silverstripe/framework@4.1.0-rc1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1nes-cr3m-j3dv
1
vulnerability VCID-2rbk-47h6-d7d8
2
vulnerability VCID-4f9c-aun4-wfep
3
vulnerability VCID-4x32-t75c-u3bj
4
vulnerability VCID-5pkg-j4wg-7fcn
5
vulnerability VCID-6du5-hdvd-fueb
6
vulnerability VCID-6epx-c68d-d7bv
7
vulnerability VCID-7dk3-gcup-2kc9
8
vulnerability VCID-86yd-4mkt-hydr
9
vulnerability VCID-a3yc-fxa1-gfhy
10
vulnerability VCID-ajga-3b99-yugh
11
vulnerability VCID-axxx-gpfn-mqc9
12
vulnerability VCID-b9th-m3ys-7bat
13
vulnerability VCID-bdcq-z11u-zyh5
14
vulnerability VCID-c75p-3hdz-q3b6
15
vulnerability VCID-cdgj-bdpy-ukak
16
vulnerability VCID-cfgg-fgjt-z3hn
17
vulnerability VCID-d5q3-jrdb-euav
18
vulnerability VCID-dc9y-v257-6bhf
19
vulnerability VCID-dgke-xzhn-dkg5
20
vulnerability VCID-enkd-4y44-4ueq
21
vulnerability VCID-ff5q-59gf-nugg
22
vulnerability VCID-fpb7-5pwu-tyg5
23
vulnerability VCID-ftdr-uzuh-8ybc
24
vulnerability VCID-fyxa-vzeq-ubeq
25
vulnerability VCID-gme6-wj87-ekfw
26
vulnerability VCID-jx5m-bqc6-h3bv
27
vulnerability VCID-kak1-btjp-kqgz
28
vulnerability VCID-kd3t-2gzd-q3hq
29
vulnerability VCID-kgm4-g26x-gken
30
vulnerability VCID-kvhv-9fj5-7kgk
31
vulnerability VCID-kw9p-5fbc-hudg
32
vulnerability VCID-kxa8-dmva-ayff
33
vulnerability VCID-kxyq-vg6e-6uac
34
vulnerability VCID-m8w1-g9h9-vuce
35
vulnerability VCID-p554-wkxw-gfdh
36
vulnerability VCID-pffp-vtk7-pqby
37
vulnerability VCID-pq29-qe7h-tkcp
38
vulnerability VCID-qak9-2t7g-w3fv
39
vulnerability VCID-qjgf-hxng-j3g9
40
vulnerability VCID-qm38-1cwk-b3hq
41
vulnerability VCID-tc2y-zrea-vyb2
42
vulnerability VCID-u49v-31sv-eqc3
43
vulnerability VCID-ua49-snhx-dqa4
44
vulnerability VCID-w4fh-cpaq-nqat
45
vulnerability VCID-xnb4-zjws-vuhu
46
vulnerability VCID-yuer-yn1w-q3gw
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/silverstripe/framework@4.1.0-rc1
9
url pkg:composer/silverstripe/framework@4.1.0-rc2
purl pkg:composer/silverstripe/framework@4.1.0-rc2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1nes-cr3m-j3dv
1
vulnerability VCID-2rbk-47h6-d7d8
2
vulnerability VCID-4f9c-aun4-wfep
3
vulnerability VCID-4x32-t75c-u3bj
4
vulnerability VCID-5pkg-j4wg-7fcn
5
vulnerability VCID-6du5-hdvd-fueb
6
vulnerability VCID-6epx-c68d-d7bv
7
vulnerability VCID-7dk3-gcup-2kc9
8
vulnerability VCID-86yd-4mkt-hydr
9
vulnerability VCID-a3yc-fxa1-gfhy
10
vulnerability VCID-ajga-3b99-yugh
11
vulnerability VCID-axxx-gpfn-mqc9
12
vulnerability VCID-b9th-m3ys-7bat
13
vulnerability VCID-bdcq-z11u-zyh5
14
vulnerability VCID-c75p-3hdz-q3b6
15
vulnerability VCID-cdgj-bdpy-ukak
16
vulnerability VCID-cfgg-fgjt-z3hn
17
vulnerability VCID-d5q3-jrdb-euav
18
vulnerability VCID-dc9y-v257-6bhf
19
vulnerability VCID-dgke-xzhn-dkg5
20
vulnerability VCID-enkd-4y44-4ueq
21
vulnerability VCID-ff5q-59gf-nugg
22
vulnerability VCID-fpb7-5pwu-tyg5
23
vulnerability VCID-ftdr-uzuh-8ybc
24
vulnerability VCID-fyxa-vzeq-ubeq
25
vulnerability VCID-gme6-wj87-ekfw
26
vulnerability VCID-jx5m-bqc6-h3bv
27
vulnerability VCID-kak1-btjp-kqgz
28
vulnerability VCID-kd3t-2gzd-q3hq
29
vulnerability VCID-kgm4-g26x-gken
30
vulnerability VCID-kvhv-9fj5-7kgk
31
vulnerability VCID-kw9p-5fbc-hudg
32
vulnerability VCID-kxa8-dmva-ayff
33
vulnerability VCID-kxyq-vg6e-6uac
34
vulnerability VCID-m8w1-g9h9-vuce
35
vulnerability VCID-p554-wkxw-gfdh
36
vulnerability VCID-pffp-vtk7-pqby
37
vulnerability VCID-pq29-qe7h-tkcp
38
vulnerability VCID-qak9-2t7g-w3fv
39
vulnerability VCID-qjgf-hxng-j3g9
40
vulnerability VCID-qm38-1cwk-b3hq
41
vulnerability VCID-tc2y-zrea-vyb2
42
vulnerability VCID-u49v-31sv-eqc3
43
vulnerability VCID-ua49-snhx-dqa4
44
vulnerability VCID-w4fh-cpaq-nqat
45
vulnerability VCID-xnb4-zjws-vuhu
46
vulnerability VCID-yuer-yn1w-q3gw
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/silverstripe/framework@4.1.0-rc2
10
url pkg:composer/silverstripe/framework@4.1.0
purl pkg:composer/silverstripe/framework@4.1.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1nes-cr3m-j3dv
1
vulnerability VCID-2rbk-47h6-d7d8
2
vulnerability VCID-4f9c-aun4-wfep
3
vulnerability VCID-4x32-t75c-u3bj
4
vulnerability VCID-5pkg-j4wg-7fcn
5
vulnerability VCID-658d-vmwt-f7e8
6
vulnerability VCID-6du5-hdvd-fueb
7
vulnerability VCID-6epx-c68d-d7bv
8
vulnerability VCID-7dk3-gcup-2kc9
9
vulnerability VCID-86yd-4mkt-hydr
10
vulnerability VCID-a3yc-fxa1-gfhy
11
vulnerability VCID-ajga-3b99-yugh
12
vulnerability VCID-axxx-gpfn-mqc9
13
vulnerability VCID-b9th-m3ys-7bat
14
vulnerability VCID-bdcq-z11u-zyh5
15
vulnerability VCID-c75p-3hdz-q3b6
16
vulnerability VCID-cdgj-bdpy-ukak
17
vulnerability VCID-cfgg-fgjt-z3hn
18
vulnerability VCID-d5q3-jrdb-euav
19
vulnerability VCID-dc9y-v257-6bhf
20
vulnerability VCID-dgke-xzhn-dkg5
21
vulnerability VCID-enkd-4y44-4ueq
22
vulnerability VCID-ff5q-59gf-nugg
23
vulnerability VCID-fpb7-5pwu-tyg5
24
vulnerability VCID-ftdr-uzuh-8ybc
25
vulnerability VCID-fyxa-vzeq-ubeq
26
vulnerability VCID-gme6-wj87-ekfw
27
vulnerability VCID-jx5m-bqc6-h3bv
28
vulnerability VCID-kak1-btjp-kqgz
29
vulnerability VCID-kd3t-2gzd-q3hq
30
vulnerability VCID-kgm4-g26x-gken
31
vulnerability VCID-kvhv-9fj5-7kgk
32
vulnerability VCID-kw9p-5fbc-hudg
33
vulnerability VCID-kxa8-dmva-ayff
34
vulnerability VCID-kxyq-vg6e-6uac
35
vulnerability VCID-m8w1-g9h9-vuce
36
vulnerability VCID-p2kq-rkh6-ayeu
37
vulnerability VCID-p554-wkxw-gfdh
38
vulnerability VCID-pffp-vtk7-pqby
39
vulnerability VCID-pq29-qe7h-tkcp
40
vulnerability VCID-qak9-2t7g-w3fv
41
vulnerability VCID-qjgf-hxng-j3g9
42
vulnerability VCID-qm38-1cwk-b3hq
43
vulnerability VCID-tc2y-zrea-vyb2
44
vulnerability VCID-u49v-31sv-eqc3
45
vulnerability VCID-ua49-snhx-dqa4
46
vulnerability VCID-w4fh-cpaq-nqat
47
vulnerability VCID-xnb4-zjws-vuhu
48
vulnerability VCID-yuer-yn1w-q3gw
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/silverstripe/framework@4.1.0
References
0
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/silverstripe/framework/SS-2018-012-1.yaml
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/silverstripe/framework/SS-2018-012-1.yaml
1
reference_url https://github.com/silverstripe/silverstripe-framework
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/silverstripe/silverstripe-framework
2
reference_url https://github.com/silverstripe/silverstripe-framework/commit/5b7eca2b6327556e2d5ad31bb00511b187e5992a
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/silverstripe/silverstripe-framework/commit/5b7eca2b6327556e2d5ad31bb00511b187e5992a
3
reference_url https://www.silverstripe.org/download/security-releases/ss-2018-012
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.silverstripe.org/download/security-releases/ss-2018-012
4
reference_url https://github.com/advisories/GHSA-f43j-8hq4-2xj9
reference_id GHSA-f43j-8hq4-2xj9
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-f43j-8hq4-2xj9
Weaknesses
0
cwe_id 20
name Improper Input Validation
description The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.
1
cwe_id 937
name OWASP Top Ten 2013 Category A9 - Using Components with Known Vulnerabilities
description Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2013.
2
cwe_id 1035
name OWASP Top Ten 2017 Category A9 - Using Components with Known Vulnerabilities
description Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2017.
Exploits
Severity_range_score4.0 - 6.9
Exploitability0.5
Weighted_severity6.2
Risk_score3.1
Resource_urlhttp://public2.vulnerablecode.io/vulnerabilities/VCID-xnb4-zjws-vuhu