Vulnerability Instance
Lookup for vulnerabilities affecting packages.
GET /api/vulnerabilities/38135?format=api
{ "url": "http://public2.vulnerablecode.io/api/vulnerabilities/38135?format=api", "vulnerability_id": "VCID-q74z-645k-c7dk", "summary": "Security Misconfiguration Vulnerability\nDoctrine uses `mkdir($cacheDirectory )` to create caches directories. if your application runs with a umask of", "aliases": [ { "alias": "CVE-2015-5723" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/52768?format=api", "purl": "pkg:composer/aws/aws-sdk-php@3.2.1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/aws/aws-sdk-php@3.2.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/52766?format=api", "purl": "pkg:composer/doctrine/annotations@1.2.7", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/doctrine/annotations@1.2.7" }, { "url": "http://public2.vulnerablecode.io/api/packages/52753?format=api", "purl": "pkg:composer/doctrine/cache@1.3.2", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/doctrine/cache@1.3.2" }, { "url": "http://public2.vulnerablecode.io/api/packages/52754?format=api", "purl": "pkg:composer/doctrine/cache@1.4.2", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/doctrine/cache@1.4.2" }, { "url": "http://public2.vulnerablecode.io/api/packages/52764?format=api", "purl": "pkg:composer/doctrine/common@2.4.3", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/doctrine/common@2.4.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/52765?format=api", "purl": "pkg:composer/doctrine/common@2.5.1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/doctrine/common@2.5.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/52769?format=api", "purl": "pkg:composer/doctrine/doctrine-bundle@1.5.2", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/doctrine/doctrine-bundle@1.5.2" }, { "url": "http://public2.vulnerablecode.io/api/packages/52759?format=api", "purl": "pkg:composer/doctrine/mongodb-odm@1.0.2", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/doctrine/mongodb-odm@1.0.2" }, { "url": "http://public2.vulnerablecode.io/api/packages/52750?format=api", "purl": "pkg:composer/doctrine/mongodb-odm-bundle@3.0.1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/doctrine/mongodb-odm-bundle@3.0.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/52761?format=api", "purl": "pkg:composer/doctrine/orm@2.4.8", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/doctrine/orm@2.4.8" }, { "url": "http://public2.vulnerablecode.io/api/packages/52762?format=api", "purl": "pkg:composer/doctrine/orm@2.5.1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/doctrine/orm@2.5.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/52756?format=api", "purl": "pkg:composer/zendframework/zend-cache@2.4.8", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/zendframework/zend-cache@2.4.8" }, { "url": "http://public2.vulnerablecode.io/api/packages/52757?format=api", "purl": "pkg:composer/zendframework/zend-cache@2.5.3", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/zendframework/zend-cache@2.5.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/52770?format=api", "purl": "pkg:composer/zendframework/zendframework@2.4.8", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/zendframework/zendframework@2.4.8" }, { "url": "http://public2.vulnerablecode.io/api/packages/52374?format=api", "purl": "pkg:composer/zendframework/zendframework1@1.12.16", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/zendframework/zendframework1@1.12.16" }, { "url": "http://public2.vulnerablecode.io/api/packages/52751?format=api", "purl": "pkg:composer/zfcampus/zf-apigility-doctrine@1.0.3", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/zfcampus/zf-apigility-doctrine@1.0.3" } ], "affected_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/52767?format=api", "purl": "pkg:composer/aws/aws-sdk-php@3.0.0-stable", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-q74z-645k-c7dk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/aws/aws-sdk-php@3.0.0-stable" }, { "url": "http://public2.vulnerablecode.io/api/packages/52752?format=api", "purl": "pkg:composer/doctrine/cache@1.4.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-q74z-645k-c7dk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/doctrine/cache@1.4.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/52763?format=api", "purl": "pkg:composer/doctrine/common@2.5.0-stable", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-q74z-645k-c7dk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/doctrine/common@2.5.0-stable" }, { "url": "http://public2.vulnerablecode.io/api/packages/52758?format=api", "purl": "pkg:composer/doctrine/mongodb-odm@1.0.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-q74z-645k-c7dk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/doctrine/mongodb-odm@1.0.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/51214?format=api", "purl": "pkg:composer/doctrine/orm@2.0.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-h4nz-j2pd-n3e7" }, { "vulnerability": "VCID-q74z-645k-c7dk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/doctrine/orm@2.0.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/52760?format=api", "purl": "pkg:composer/doctrine/orm@2.5.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-q74z-645k-c7dk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/doctrine/orm@2.5.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/52755?format=api", "purl": "pkg:composer/zendframework/zend-cache@2.5.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-q74z-645k-c7dk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/zendframework/zend-cache@2.5.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/51134?format=api", "purl": "pkg:composer/zendframework/zendframework1@1.12.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2ncq-wptr-k3ha" }, { "vulnerability": "VCID-5bm4-grk6-w7hk" }, { "vulnerability": "VCID-6xpr-93ef-27cu" }, { "vulnerability": "VCID-8atm-865q-mkf3" }, { "vulnerability": "VCID-a72a-7k6u-rqgr" }, { "vulnerability": "VCID-afnn-53q5-wqft" }, { "vulnerability": "VCID-cp1a-fprd-9fhk" }, { "vulnerability": "VCID-grk8-aj34-hqb4" }, { "vulnerability": "VCID-n2gy-93nd-gber" }, { "vulnerability": "VCID-q74z-645k-c7dk" }, { "vulnerability": "VCID-r5y8-nc2w-kqde" }, { "vulnerability": "VCID-uvgx-4m6v-2bg7" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/zendframework/zendframework1@1.12.0" } ], "references": [ { "reference_url": "http://framework.zend.com/security/advisory/ZF2015-07", "reference_id": "", "reference_type": "", "scores": [], "url": "http://framework.zend.com/security/advisory/ZF2015-07" }, { "reference_url": "https://github.com/aws/aws-sdk-php/releases/tag/3.2.1", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/aws/aws-sdk-php/releases/tag/3.2.1" }, { "reference_url": "https://www.doctrine-project.org/2015/08/31/security_misconfiguration_vulnerability_in_various_doctrine_projects.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.doctrine-project.org/2015/08/31/security_misconfiguration_vulnerability_in_various_doctrine_projects.html" }, { "reference_url": "http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=2015-5723", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=2015-5723" }, { "reference_url": "http://www.doctrine-project.org/2015/08/31/security_misconfiguration_vulnerability_in_various_doctrine_projects.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.doctrine-project.org/2015/08/31/security_misconfiguration_vulnerability_in_various_doctrine_projects.html" } ], "weaknesses": [ { "cwe_id": 1035, "name": "OWASP Top Ten 2017 Category A9 - Using Components with Known Vulnerabilities", "description": "Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2017." }, { "cwe_id": 264, "name": "Permissions, Privileges, and Access Controls", "description": "Weaknesses in this category are related to the management of permissions, privileges, and other security features that are used to perform access control." }, { "cwe_id": 937, "name": "OWASP Top Ten 2013 Category A9 - Using Components with Known Vulnerabilities", "description": "Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2013." } ], "exploits": [], "severity_range_score": null, "exploitability": null, "weighted_severity": null, "risk_score": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-q74z-645k-c7dk" }