Vulnerability Instance
Lookup for vulnerabilities affecting packages.
GET /api/vulnerabilities/51285?format=api
{ "url": "http://public2.vulnerablecode.io/api/vulnerabilities/51285?format=api", "vulnerability_id": "VCID-4u2v-fy8u-vqbh", "summary": "Cross-Site Request Forgery in Spina\nA vulnerability classified as problematic was found in\nSpina CMS 2.18.0.\n\nAffected by this vulnerability is an unknown functionality\nof the file /admin/media_folders.\n\nThe manipulation leads to cross-site request forgery.\nThe attack can be launched remotely.\n\nThe exploit has been disclosed to the public and may be used.\n\nThe associated identifier of this vulnerability is VDB-272431.\n\nNOTE: The vendor was contacted early about this disclosure\nbut did not respond in any way.", "aliases": [ { "alias": "CVE-2024-7106" }, { "alias": "GHSA-wqw3-p83g-r24v" } ], "fixed_packages": [], "affected_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/194488?format=api", "purl": "pkg:gem/spina@0.6.11", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4u2v-fy8u-vqbh" }, { "vulnerability": "VCID-5zzh-vq9s-hfbh" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:gem/spina@0.6.11" }, { "url": "http://public2.vulnerablecode.io/api/packages/194489?format=api", "purl": "pkg:gem/spina@0.6.12", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4u2v-fy8u-vqbh" }, { "vulnerability": "VCID-5zzh-vq9s-hfbh" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:gem/spina@0.6.12" }, { "url": "http://public2.vulnerablecode.io/api/packages/194490?format=api", "purl": "pkg:gem/spina@0.6.13", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4u2v-fy8u-vqbh" }, { "vulnerability": "VCID-5zzh-vq9s-hfbh" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:gem/spina@0.6.13" }, { "url": "http://public2.vulnerablecode.io/api/packages/194491?format=api", "purl": "pkg:gem/spina@0.6.14", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4u2v-fy8u-vqbh" }, { "vulnerability": "VCID-5zzh-vq9s-hfbh" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:gem/spina@0.6.14" }, { "url": "http://public2.vulnerablecode.io/api/packages/194492?format=api", "purl": "pkg:gem/spina@0.6.15", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4u2v-fy8u-vqbh" }, { "vulnerability": "VCID-5zzh-vq9s-hfbh" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:gem/spina@0.6.15" }, { "url": "http://public2.vulnerablecode.io/api/packages/194493?format=api", "purl": "pkg:gem/spina@0.6.16", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4u2v-fy8u-vqbh" }, { "vulnerability": "VCID-5zzh-vq9s-hfbh" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:gem/spina@0.6.16" }, { "url": "http://public2.vulnerablecode.io/api/packages/194494?format=api", "purl": "pkg:gem/spina@0.6.17", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4u2v-fy8u-vqbh" }, { "vulnerability": "VCID-5zzh-vq9s-hfbh" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:gem/spina@0.6.17" }, { "url": "http://public2.vulnerablecode.io/api/packages/194495?format=api", "purl": "pkg:gem/spina@0.6.18", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4u2v-fy8u-vqbh" }, { "vulnerability": "VCID-5zzh-vq9s-hfbh" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:gem/spina@0.6.18" }, { "url": "http://public2.vulnerablecode.io/api/packages/194496?format=api", "purl": "pkg:gem/spina@0.6.19", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4u2v-fy8u-vqbh" }, { "vulnerability": "VCID-5zzh-vq9s-hfbh" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:gem/spina@0.6.19" }, { "url": "http://public2.vulnerablecode.io/api/packages/194497?format=api", "purl": "pkg:gem/spina@0.6.20", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4u2v-fy8u-vqbh" }, { "vulnerability": "VCID-5zzh-vq9s-hfbh" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:gem/spina@0.6.20" }, { "url": "http://public2.vulnerablecode.io/api/packages/194498?format=api", "purl": "pkg:gem/spina@0.6.21", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4u2v-fy8u-vqbh" }, { "vulnerability": "VCID-5zzh-vq9s-hfbh" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:gem/spina@0.6.21" }, { "url": "http://public2.vulnerablecode.io/api/packages/194499?format=api", "purl": "pkg:gem/spina@0.6.22", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4u2v-fy8u-vqbh" }, { "vulnerability": "VCID-5zzh-vq9s-hfbh" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:gem/spina@0.6.22" }, { "url": "http://public2.vulnerablecode.io/api/packages/194500?format=api", "purl": "pkg:gem/spina@0.6.23", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4u2v-fy8u-vqbh" }, { "vulnerability": "VCID-5zzh-vq9s-hfbh" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:gem/spina@0.6.23" }, { "url": "http://public2.vulnerablecode.io/api/packages/194501?format=api", "purl": "pkg:gem/spina@0.6.24", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4u2v-fy8u-vqbh" }, { "vulnerability": "VCID-5zzh-vq9s-hfbh" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:gem/spina@0.6.24" }, { "url": "http://public2.vulnerablecode.io/api/packages/194502?format=api", "purl": "pkg:gem/spina@0.6.25", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4u2v-fy8u-vqbh" }, { "vulnerability": "VCID-5zzh-vq9s-hfbh" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:gem/spina@0.6.25" }, { "url": "http://public2.vulnerablecode.io/api/packages/194503?format=api", "purl": "pkg:gem/spina@0.6.26", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4u2v-fy8u-vqbh" }, { "vulnerability": "VCID-5zzh-vq9s-hfbh" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:gem/spina@0.6.26" }, { "url": "http://public2.vulnerablecode.io/api/packages/194504?format=api", "purl": "pkg:gem/spina@0.6.27", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4u2v-fy8u-vqbh" }, { "vulnerability": "VCID-5zzh-vq9s-hfbh" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:gem/spina@0.6.27" }, { "url": "http://public2.vulnerablecode.io/api/packages/194505?format=api", "purl": "pkg:gem/spina@0.6.28", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4u2v-fy8u-vqbh" }, { "vulnerability": "VCID-5zzh-vq9s-hfbh" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:gem/spina@0.6.28" }, { "url": "http://public2.vulnerablecode.io/api/packages/54057?format=api", "purl": "pkg:gem/spina@0.6.29", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4u2v-fy8u-vqbh" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:gem/spina@0.6.29" }, { "url": "http://public2.vulnerablecode.io/api/packages/194506?format=api", "purl": "pkg:gem/spina@0.7.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4u2v-fy8u-vqbh" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:gem/spina@0.7.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/194507?format=api", "purl": "pkg:gem/spina@0.7.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4u2v-fy8u-vqbh" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:gem/spina@0.7.2" }, { "url": "http://public2.vulnerablecode.io/api/packages/194508?format=api", "purl": "pkg:gem/spina@0.7.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4u2v-fy8u-vqbh" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:gem/spina@0.7.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/194509?format=api", "purl": "pkg:gem/spina@0.8.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4u2v-fy8u-vqbh" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:gem/spina@0.8.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/194510?format=api", "purl": "pkg:gem/spina@0.8.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4u2v-fy8u-vqbh" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:gem/spina@0.8.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/194511?format=api", "purl": "pkg:gem/spina@0.8.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4u2v-fy8u-vqbh" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:gem/spina@0.8.2" }, { "url": "http://public2.vulnerablecode.io/api/packages/194512?format=api", "purl": "pkg:gem/spina@0.8.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4u2v-fy8u-vqbh" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:gem/spina@0.8.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/194513?format=api", "purl": "pkg:gem/spina@0.9.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4u2v-fy8u-vqbh" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:gem/spina@0.9.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/194514?format=api", "purl": "pkg:gem/spina@0.10.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4u2v-fy8u-vqbh" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:gem/spina@0.10.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/194515?format=api", "purl": "pkg:gem/spina@0.11.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4u2v-fy8u-vqbh" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:gem/spina@0.11.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/194516?format=api", "purl": "pkg:gem/spina@0.11.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4u2v-fy8u-vqbh" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:gem/spina@0.11.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/194517?format=api", "purl": "pkg:gem/spina@0.12.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4u2v-fy8u-vqbh" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:gem/spina@0.12.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/194518?format=api", "purl": "pkg:gem/spina@1.0.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4u2v-fy8u-vqbh" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:gem/spina@1.0.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/194519?format=api", "purl": "pkg:gem/spina@1.0.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4u2v-fy8u-vqbh" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:gem/spina@1.0.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/194520?format=api", "purl": "pkg:gem/spina@1.0.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4u2v-fy8u-vqbh" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:gem/spina@1.0.2" }, { "url": "http://public2.vulnerablecode.io/api/packages/194521?format=api", "purl": "pkg:gem/spina@1.0.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4u2v-fy8u-vqbh" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:gem/spina@1.0.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/194522?format=api", "purl": "pkg:gem/spina@1.1.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4u2v-fy8u-vqbh" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:gem/spina@1.1.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/194523?format=api", "purl": "pkg:gem/spina@1.1.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4u2v-fy8u-vqbh" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:gem/spina@1.1.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/194524?format=api", "purl": "pkg:gem/spina@1.1.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4u2v-fy8u-vqbh" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:gem/spina@1.1.2" }, { "url": "http://public2.vulnerablecode.io/api/packages/194525?format=api", "purl": "pkg:gem/spina@1.1.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4u2v-fy8u-vqbh" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:gem/spina@1.1.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/194526?format=api", "purl": "pkg:gem/spina@1.1.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4u2v-fy8u-vqbh" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:gem/spina@1.1.4" }, { "url": "http://public2.vulnerablecode.io/api/packages/194527?format=api", "purl": "pkg:gem/spina@1.2.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4u2v-fy8u-vqbh" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:gem/spina@1.2.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/194528?format=api", "purl": "pkg:gem/spina@2.0.0.alpha", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4u2v-fy8u-vqbh" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:gem/spina@2.0.0.alpha" }, { "url": "http://public2.vulnerablecode.io/api/packages/194529?format=api", "purl": "pkg:gem/spina@2.0.0.beta", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4u2v-fy8u-vqbh" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:gem/spina@2.0.0.beta" }, { "url": "http://public2.vulnerablecode.io/api/packages/194530?format=api", "purl": "pkg:gem/spina@2.0.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4u2v-fy8u-vqbh" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:gem/spina@2.0.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/194531?format=api", "purl": "pkg:gem/spina@2.0.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4u2v-fy8u-vqbh" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:gem/spina@2.0.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/194532?format=api", "purl": "pkg:gem/spina@2.0.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4u2v-fy8u-vqbh" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:gem/spina@2.0.2" }, { "url": "http://public2.vulnerablecode.io/api/packages/194533?format=api", "purl": "pkg:gem/spina@2.1.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4u2v-fy8u-vqbh" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:gem/spina@2.1.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/194534?format=api", "purl": "pkg:gem/spina@2.1.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4u2v-fy8u-vqbh" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:gem/spina@2.1.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/194535?format=api", "purl": "pkg:gem/spina@2.2.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4u2v-fy8u-vqbh" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:gem/spina@2.2.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/194536?format=api", "purl": "pkg:gem/spina@2.3.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4u2v-fy8u-vqbh" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:gem/spina@2.3.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/194537?format=api", "purl": "pkg:gem/spina@2.3.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4u2v-fy8u-vqbh" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:gem/spina@2.3.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/194538?format=api", "purl": "pkg:gem/spina@2.3.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4u2v-fy8u-vqbh" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:gem/spina@2.3.2" }, { "url": "http://public2.vulnerablecode.io/api/packages/194539?format=api", "purl": "pkg:gem/spina@2.3.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4u2v-fy8u-vqbh" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:gem/spina@2.3.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/194540?format=api", "purl": "pkg:gem/spina@2.3.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4u2v-fy8u-vqbh" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:gem/spina@2.3.4" }, { "url": "http://public2.vulnerablecode.io/api/packages/194541?format=api", "purl": "pkg:gem/spina@2.3.5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4u2v-fy8u-vqbh" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:gem/spina@2.3.5" }, { "url": "http://public2.vulnerablecode.io/api/packages/194542?format=api", "purl": "pkg:gem/spina@2.4.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4u2v-fy8u-vqbh" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:gem/spina@2.4.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/194543?format=api", "purl": "pkg:gem/spina@2.5.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4u2v-fy8u-vqbh" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:gem/spina@2.5.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/194544?format=api", "purl": "pkg:gem/spina@2.6.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4u2v-fy8u-vqbh" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:gem/spina@2.6.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/194545?format=api", "purl": "pkg:gem/spina@2.6.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4u2v-fy8u-vqbh" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:gem/spina@2.6.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/194546?format=api", "purl": "pkg:gem/spina@2.6.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4u2v-fy8u-vqbh" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:gem/spina@2.6.2" }, { "url": "http://public2.vulnerablecode.io/api/packages/194547?format=api", "purl": "pkg:gem/spina@2.7.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4u2v-fy8u-vqbh" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:gem/spina@2.7.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/194548?format=api", "purl": "pkg:gem/spina@2.8.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4u2v-fy8u-vqbh" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:gem/spina@2.8.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/194549?format=api", "purl": "pkg:gem/spina@2.8.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4u2v-fy8u-vqbh" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:gem/spina@2.8.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/194550?format=api", "purl": "pkg:gem/spina@2.9.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4u2v-fy8u-vqbh" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:gem/spina@2.9.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/194551?format=api", "purl": "pkg:gem/spina@2.9.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4u2v-fy8u-vqbh" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:gem/spina@2.9.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/194552?format=api", "purl": "pkg:gem/spina@2.10.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4u2v-fy8u-vqbh" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:gem/spina@2.10.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/194553?format=api", "purl": "pkg:gem/spina@2.11.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4u2v-fy8u-vqbh" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:gem/spina@2.11.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/194554?format=api", "purl": "pkg:gem/spina@2.12.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4u2v-fy8u-vqbh" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:gem/spina@2.12.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/194555?format=api", "purl": "pkg:gem/spina@2.13.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4u2v-fy8u-vqbh" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:gem/spina@2.13.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/194556?format=api", "purl": "pkg:gem/spina@2.13.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4u2v-fy8u-vqbh" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:gem/spina@2.13.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/194557?format=api", "purl": "pkg:gem/spina@2.14.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4u2v-fy8u-vqbh" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:gem/spina@2.14.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/194558?format=api", "purl": "pkg:gem/spina@2.15.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4u2v-fy8u-vqbh" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:gem/spina@2.15.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/65792?format=api", "purl": "pkg:gem/spina@2.15.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4u2v-fy8u-vqbh" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:gem/spina@2.15.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/194559?format=api", "purl": "pkg:gem/spina@2.16.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4u2v-fy8u-vqbh" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:gem/spina@2.16.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/194560?format=api", "purl": "pkg:gem/spina@2.17.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4u2v-fy8u-vqbh" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:gem/spina@2.17.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/82263?format=api", "purl": "pkg:gem/spina@2.18.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4u2v-fy8u-vqbh" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:gem/spina@2.18.0" } ], "references": [ { "reference_url": "https://github.com/advisories/GHSA-wqw3-p83g-r24v", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-wqw3-p83g-r24v" }, { "reference_url": "https://github.com/SpinaCMS/Spina", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/SpinaCMS/Spina" }, { "reference_url": "https://github.com/topsky979/Security-Collections/blob/main/cve3/README.md", "reference_id": "", "reference_type": "", "scores": [ { "value": "5", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:N/I:P/A:N" }, { "value": "4.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N" }, { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-29T15:25:03Z/" } ], "url": "https://github.com/topsky979/Security-Collections/blob/main/cve3/README.md" }, { "reference_url": "https://vuldb.com/?ctiid.272431", "reference_id": "", "reference_type": "", "scores": [ { "value": "5", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:N/I:P/A:N" }, { "value": "4.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N" }, { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-29T15:25:03Z/" } ], "url": "https://vuldb.com/?ctiid.272431" }, { "reference_url": "https://vuldb.com/?id.272431", "reference_id": "", "reference_type": "", "scores": [ { "value": "5", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:N/I:P/A:N" }, { "value": "4.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N" }, { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-29T15:25:03Z/" } ], "url": "https://vuldb.com/?id.272431" }, { "reference_url": "https://vuldb.com/?submit.376769", "reference_id": "", "reference_type": "", "scores": [ { "value": "5", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:N/I:P/A:N" }, { "value": "4.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N" }, { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-29T15:25:03Z/" } ], "url": "https://vuldb.com/?submit.376769" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2024-7106", "reference_id": "CVE-2024-7106", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-7106" }, { "reference_url": "https://rubysec.com/advisories/CVE-2024-7106", "reference_id": "CVE-2024-7106", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://rubysec.com/advisories/CVE-2024-7106" } ], "weaknesses": [ { "cwe_id": 352, "name": "Cross-Site Request Forgery (CSRF)", "description": "The web application does not, or can not, sufficiently verify whether a well-formed, valid, consistent request was intentionally provided by the user who submitted the request." }, { "cwe_id": 937, "name": "OWASP Top Ten 2013 Category A9 - Using Components with Known Vulnerabilities", "description": "Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2013." }, { "cwe_id": 1035, "name": "OWASP Top Ten 2017 Category A9 - Using Components with Known Vulnerabilities", "description": "Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2017." } ], "exploits": [], "severity_range_score": "4.0 - 6.9", "exploitability": "0.5", "weighted_severity": "6.2", "risk_score": 3.1, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-4u2v-fy8u-vqbh" }