Vulnerability Instance
Lookup for vulnerabilities affecting packages.
GET /api/vulnerabilities/54440?format=api
{ "url": "http://public2.vulnerablecode.io/api/vulnerabilities/54440?format=api", "vulnerability_id": "VCID-phwu-rdm2-ufhr", "summary": "Command Injection\nArbitrary PHP code execution vulnerability in Drupal Core under certain circumstances. An attacker could trick an administrator into visiting a malicious site that could result in creating a carefully named directory on the file system. With this directory in place, an attacker could attempt to brute force a remote code execution vulnerability.", "aliases": [ { "alias": "CVE-2020-13664" }, { "alias": "GHSA-x72f-ggjw-v5xh" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/80628?format=api", "purl": "pkg:composer/drupal/core@8.8.8", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-5jy9-mhbb-nuh7" }, { "vulnerability": "VCID-9dfs-rpqy-6kfa" }, { "vulnerability": "VCID-9rmk-e8zd-9bcw" }, { "vulnerability": "VCID-sg4r-hncm-dqcq" }, { "vulnerability": "VCID-zr84-4jzv-2fd3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/drupal/core@8.8.8" }, { "url": "http://public2.vulnerablecode.io/api/packages/80629?format=api", "purl": "pkg:composer/drupal/core@8.9.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-5jy9-mhbb-nuh7" }, { "vulnerability": "VCID-67da-qxh5-aydx" }, { "vulnerability": "VCID-9dfs-rpqy-6kfa" }, { "vulnerability": "VCID-9rmk-e8zd-9bcw" }, { "vulnerability": "VCID-sg4r-hncm-dqcq" }, { "vulnerability": "VCID-zr84-4jzv-2fd3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/drupal/core@8.9.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/80630?format=api", "purl": "pkg:composer/drupal/core@9.0.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-5jy9-mhbb-nuh7" }, { "vulnerability": "VCID-67da-qxh5-aydx" }, { "vulnerability": "VCID-9dfs-rpqy-6kfa" }, { "vulnerability": "VCID-9rmk-e8zd-9bcw" }, { "vulnerability": "VCID-sg4r-hncm-dqcq" }, { "vulnerability": "VCID-zr84-4jzv-2fd3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/drupal/core@9.0.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/80625?format=api", "purl": "pkg:composer/drupal/core-recommended@8.8.8", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-5jy9-mhbb-nuh7" }, { "vulnerability": "VCID-9dfs-rpqy-6kfa" }, { "vulnerability": "VCID-9rmk-e8zd-9bcw" }, { "vulnerability": "VCID-sg4r-hncm-dqcq" }, { "vulnerability": "VCID-wsv7-je8g-sqet" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/drupal/core-recommended@8.8.8" }, { "url": "http://public2.vulnerablecode.io/api/packages/80626?format=api", "purl": "pkg:composer/drupal/core-recommended@8.9.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-5jy9-mhbb-nuh7" }, { "vulnerability": "VCID-67da-qxh5-aydx" }, { "vulnerability": "VCID-9dfs-rpqy-6kfa" }, { "vulnerability": "VCID-9rmk-e8zd-9bcw" }, { "vulnerability": "VCID-sg4r-hncm-dqcq" }, { "vulnerability": "VCID-wsv7-je8g-sqet" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/drupal/core-recommended@8.9.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/80627?format=api", "purl": "pkg:composer/drupal/core-recommended@9.0.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-5jy9-mhbb-nuh7" }, { "vulnerability": "VCID-67da-qxh5-aydx" }, { "vulnerability": "VCID-9dfs-rpqy-6kfa" }, { "vulnerability": "VCID-9rmk-e8zd-9bcw" }, { "vulnerability": "VCID-sg4r-hncm-dqcq" }, { "vulnerability": "VCID-wsv7-je8g-sqet" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/drupal/core-recommended@9.0.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/150781?format=api", "purl": "pkg:composer/drupal/drupal@8.8.8", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-5jy9-mhbb-nuh7" }, { "vulnerability": "VCID-9dfs-rpqy-6kfa" }, { "vulnerability": "VCID-sg4r-hncm-dqcq" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/drupal/drupal@8.8.8" }, { "url": "http://public2.vulnerablecode.io/api/packages/150782?format=api", "purl": "pkg:composer/drupal/drupal@8.9.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-5jy9-mhbb-nuh7" }, { "vulnerability": "VCID-67da-qxh5-aydx" }, { "vulnerability": "VCID-9dfs-rpqy-6kfa" }, { "vulnerability": "VCID-sg4r-hncm-dqcq" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/drupal/drupal@8.9.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/150783?format=api", "purl": "pkg:composer/drupal/drupal@9.0.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-5jy9-mhbb-nuh7" }, { "vulnerability": "VCID-67da-qxh5-aydx" }, { "vulnerability": "VCID-9dfs-rpqy-6kfa" }, { "vulnerability": "VCID-sg4r-hncm-dqcq" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/drupal/drupal@9.0.1" } ], "affected_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/76829?format=api", "purl": "pkg:composer/drupal/core@8.8.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3pj1-y73r-vyhh" }, { "vulnerability": "VCID-4q59-j6u4-qfhk" }, { "vulnerability": "VCID-5jy9-mhbb-nuh7" }, { "vulnerability": "VCID-67w7-gq9f-ukf1" }, { "vulnerability": "VCID-6s93-1cpz-yyg8" }, { "vulnerability": "VCID-6x4v-da7x-uyhh" }, { "vulnerability": "VCID-9dfs-rpqy-6kfa" }, { "vulnerability": "VCID-9rmk-e8zd-9bcw" }, { "vulnerability": "VCID-b266-wste-eqh6" }, { "vulnerability": "VCID-ckvk-xm4a-2qey" }, { "vulnerability": "VCID-jed8-4cv5-6bcr" }, { "vulnerability": "VCID-phwu-rdm2-ufhr" }, { "vulnerability": "VCID-qwge-qrwn-1faj" }, { "vulnerability": "VCID-sg4r-hncm-dqcq" }, { "vulnerability": "VCID-tp81-dw6e-9qah" }, { "vulnerability": "VCID-vjrr-h9sh-3bcu" }, { "vulnerability": "VCID-vz31-7246-aken" }, { "vulnerability": "VCID-x783-ggg8-auck" }, { "vulnerability": "VCID-xv4d-ped2-4udz" }, { "vulnerability": "VCID-zr84-4jzv-2fd3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/drupal/core@8.8.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/81348?format=api", "purl": "pkg:composer/drupal/core@8.8.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-5jy9-mhbb-nuh7" }, { "vulnerability": "VCID-9dfs-rpqy-6kfa" }, { "vulnerability": "VCID-9rmk-e8zd-9bcw" }, { "vulnerability": "VCID-jed8-4cv5-6bcr" }, { "vulnerability": "VCID-phwu-rdm2-ufhr" }, { "vulnerability": "VCID-sg4r-hncm-dqcq" }, { "vulnerability": "VCID-tp81-dw6e-9qah" }, { "vulnerability": "VCID-vjrr-h9sh-3bcu" }, { "vulnerability": "VCID-vz31-7246-aken" }, { "vulnerability": "VCID-x783-ggg8-auck" }, { "vulnerability": "VCID-zr84-4jzv-2fd3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/drupal/core@8.8.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/249829?format=api", "purl": "pkg:composer/drupal/core@8.8.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-5jy9-mhbb-nuh7" }, { "vulnerability": "VCID-9dfs-rpqy-6kfa" }, { "vulnerability": "VCID-9rmk-e8zd-9bcw" }, { "vulnerability": "VCID-jed8-4cv5-6bcr" }, { "vulnerability": "VCID-phwu-rdm2-ufhr" }, { "vulnerability": "VCID-sg4r-hncm-dqcq" }, { "vulnerability": "VCID-tp81-dw6e-9qah" }, { "vulnerability": "VCID-vjrr-h9sh-3bcu" }, { "vulnerability": "VCID-vz31-7246-aken" }, { "vulnerability": "VCID-x783-ggg8-auck" }, { "vulnerability": "VCID-zr84-4jzv-2fd3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/drupal/core@8.8.2" }, { "url": "http://public2.vulnerablecode.io/api/packages/249830?format=api", "purl": "pkg:composer/drupal/core@8.8.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-5jy9-mhbb-nuh7" }, { "vulnerability": "VCID-9dfs-rpqy-6kfa" }, { "vulnerability": "VCID-9rmk-e8zd-9bcw" }, { "vulnerability": "VCID-jed8-4cv5-6bcr" }, { "vulnerability": "VCID-phwu-rdm2-ufhr" }, { "vulnerability": "VCID-sg4r-hncm-dqcq" }, { "vulnerability": "VCID-tp81-dw6e-9qah" }, { "vulnerability": "VCID-vjrr-h9sh-3bcu" }, { "vulnerability": "VCID-vz31-7246-aken" }, { "vulnerability": "VCID-x783-ggg8-auck" }, { "vulnerability": "VCID-zr84-4jzv-2fd3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/drupal/core@8.8.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/76831?format=api", "purl": "pkg:composer/drupal/core@8.8.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-5jy9-mhbb-nuh7" }, { "vulnerability": "VCID-9dfs-rpqy-6kfa" }, { "vulnerability": "VCID-9rmk-e8zd-9bcw" }, { "vulnerability": "VCID-jed8-4cv5-6bcr" }, { "vulnerability": "VCID-phwu-rdm2-ufhr" }, { "vulnerability": "VCID-sg4r-hncm-dqcq" }, { "vulnerability": "VCID-vjrr-h9sh-3bcu" }, { "vulnerability": "VCID-vz31-7246-aken" }, { "vulnerability": "VCID-x783-ggg8-auck" }, { "vulnerability": "VCID-zr84-4jzv-2fd3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/drupal/core@8.8.4" }, { "url": "http://public2.vulnerablecode.io/api/packages/253813?format=api", "purl": "pkg:composer/drupal/core@8.8.5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-5jy9-mhbb-nuh7" }, { "vulnerability": "VCID-9dfs-rpqy-6kfa" }, { "vulnerability": "VCID-9rmk-e8zd-9bcw" }, { "vulnerability": "VCID-jed8-4cv5-6bcr" }, { "vulnerability": "VCID-phwu-rdm2-ufhr" }, { "vulnerability": "VCID-sg4r-hncm-dqcq" }, { "vulnerability": "VCID-vjrr-h9sh-3bcu" }, { "vulnerability": "VCID-vz31-7246-aken" }, { "vulnerability": "VCID-x783-ggg8-auck" }, { "vulnerability": "VCID-zr84-4jzv-2fd3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/drupal/core@8.8.5" }, { "url": "http://public2.vulnerablecode.io/api/packages/77201?format=api", "purl": "pkg:composer/drupal/core@8.8.6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-5jy9-mhbb-nuh7" }, { "vulnerability": "VCID-9dfs-rpqy-6kfa" }, { "vulnerability": "VCID-9rmk-e8zd-9bcw" }, { "vulnerability": "VCID-phwu-rdm2-ufhr" }, { "vulnerability": "VCID-sg4r-hncm-dqcq" }, { "vulnerability": "VCID-vz31-7246-aken" }, { "vulnerability": "VCID-x783-ggg8-auck" }, { "vulnerability": "VCID-zr84-4jzv-2fd3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/drupal/core@8.8.6" }, { "url": "http://public2.vulnerablecode.io/api/packages/280794?format=api", "purl": "pkg:composer/drupal/core@8.8.7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-5jy9-mhbb-nuh7" }, { "vulnerability": "VCID-9dfs-rpqy-6kfa" }, { "vulnerability": "VCID-9rmk-e8zd-9bcw" }, { "vulnerability": "VCID-phwu-rdm2-ufhr" }, { "vulnerability": "VCID-sg4r-hncm-dqcq" }, { "vulnerability": "VCID-vz31-7246-aken" }, { "vulnerability": "VCID-x783-ggg8-auck" }, { "vulnerability": "VCID-zr84-4jzv-2fd3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/drupal/core@8.8.7" }, { "url": "http://public2.vulnerablecode.io/api/packages/59265?format=api", "purl": "pkg:composer/drupal/core@8.9.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-31qy-vagp-83b6" }, { "vulnerability": "VCID-5jy9-mhbb-nuh7" }, { "vulnerability": "VCID-67da-qxh5-aydx" }, { "vulnerability": "VCID-9dfs-rpqy-6kfa" }, { "vulnerability": "VCID-9rmk-e8zd-9bcw" }, { "vulnerability": "VCID-avmn-kqky-83dd" }, { "vulnerability": "VCID-nacy-y1qt-5yhb" }, { "vulnerability": "VCID-phwu-rdm2-ufhr" }, { "vulnerability": "VCID-sg4r-hncm-dqcq" }, { "vulnerability": "VCID-uq9s-79g7-rqh6" }, { "vulnerability": "VCID-vz31-7246-aken" }, { "vulnerability": "VCID-wsv7-je8g-sqet" }, { "vulnerability": "VCID-x783-ggg8-auck" }, { "vulnerability": "VCID-zr84-4jzv-2fd3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/drupal/core@8.9.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/59266?format=api", "purl": "pkg:composer/drupal/core@9.0.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-31qy-vagp-83b6" }, { "vulnerability": "VCID-5jy9-mhbb-nuh7" }, { "vulnerability": "VCID-67da-qxh5-aydx" }, { "vulnerability": "VCID-9dfs-rpqy-6kfa" }, { "vulnerability": "VCID-9rmk-e8zd-9bcw" }, { "vulnerability": "VCID-avmn-kqky-83dd" }, { "vulnerability": "VCID-bge7-rqsx-gfee" }, { "vulnerability": "VCID-nacy-y1qt-5yhb" }, { "vulnerability": "VCID-phwu-rdm2-ufhr" }, { "vulnerability": "VCID-sg4r-hncm-dqcq" }, { "vulnerability": "VCID-tpzm-u3qp-akc8" }, { "vulnerability": "VCID-uq9s-79g7-rqh6" }, { "vulnerability": "VCID-vz31-7246-aken" }, { "vulnerability": "VCID-wsv7-je8g-sqet" }, { "vulnerability": "VCID-x783-ggg8-auck" }, { "vulnerability": "VCID-zr84-4jzv-2fd3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/drupal/core@9.0.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/77183?format=api", "purl": "pkg:composer/drupal/core-recommended@8.8.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-5jy9-mhbb-nuh7" }, { "vulnerability": "VCID-6x4v-da7x-uyhh" }, { "vulnerability": "VCID-9dfs-rpqy-6kfa" }, { "vulnerability": "VCID-9rmk-e8zd-9bcw" }, { "vulnerability": "VCID-b266-wste-eqh6" }, { "vulnerability": "VCID-jed8-4cv5-6bcr" }, { "vulnerability": "VCID-phwu-rdm2-ufhr" }, { "vulnerability": "VCID-qwge-qrwn-1faj" }, { "vulnerability": "VCID-sg4r-hncm-dqcq" }, { "vulnerability": "VCID-vjrr-h9sh-3bcu" }, { "vulnerability": "VCID-wsv7-je8g-sqet" }, { "vulnerability": "VCID-x783-ggg8-auck" }, { "vulnerability": "VCID-xv4d-ped2-4udz" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/drupal/core-recommended@8.8.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/253685?format=api", "purl": "pkg:composer/drupal/core-recommended@8.8.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-5jy9-mhbb-nuh7" }, { "vulnerability": "VCID-9dfs-rpqy-6kfa" }, { "vulnerability": "VCID-9rmk-e8zd-9bcw" }, { "vulnerability": "VCID-jed8-4cv5-6bcr" }, { "vulnerability": "VCID-phwu-rdm2-ufhr" }, { "vulnerability": "VCID-sg4r-hncm-dqcq" }, { "vulnerability": "VCID-vjrr-h9sh-3bcu" }, { "vulnerability": "VCID-wsv7-je8g-sqet" }, { "vulnerability": "VCID-x783-ggg8-auck" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/drupal/core-recommended@8.8.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/253686?format=api", "purl": "pkg:composer/drupal/core-recommended@8.8.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-5jy9-mhbb-nuh7" }, { "vulnerability": "VCID-9dfs-rpqy-6kfa" }, { "vulnerability": "VCID-9rmk-e8zd-9bcw" }, { "vulnerability": "VCID-jed8-4cv5-6bcr" }, { "vulnerability": "VCID-phwu-rdm2-ufhr" }, { "vulnerability": "VCID-sg4r-hncm-dqcq" }, { "vulnerability": "VCID-vjrr-h9sh-3bcu" }, { "vulnerability": "VCID-wsv7-je8g-sqet" }, { "vulnerability": "VCID-x783-ggg8-auck" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/drupal/core-recommended@8.8.2" }, { "url": "http://public2.vulnerablecode.io/api/packages/253687?format=api", "purl": "pkg:composer/drupal/core-recommended@8.8.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-5jy9-mhbb-nuh7" }, { "vulnerability": "VCID-9dfs-rpqy-6kfa" }, { "vulnerability": "VCID-9rmk-e8zd-9bcw" }, { "vulnerability": "VCID-jed8-4cv5-6bcr" }, { "vulnerability": "VCID-phwu-rdm2-ufhr" }, { "vulnerability": "VCID-sg4r-hncm-dqcq" }, { "vulnerability": "VCID-vjrr-h9sh-3bcu" }, { "vulnerability": "VCID-wsv7-je8g-sqet" }, { "vulnerability": "VCID-x783-ggg8-auck" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/drupal/core-recommended@8.8.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/253688?format=api", "purl": "pkg:composer/drupal/core-recommended@8.8.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-5jy9-mhbb-nuh7" }, { "vulnerability": "VCID-9dfs-rpqy-6kfa" }, { "vulnerability": "VCID-9rmk-e8zd-9bcw" }, { "vulnerability": "VCID-jed8-4cv5-6bcr" }, { "vulnerability": "VCID-phwu-rdm2-ufhr" }, { "vulnerability": "VCID-sg4r-hncm-dqcq" }, { "vulnerability": "VCID-vjrr-h9sh-3bcu" }, { "vulnerability": "VCID-wsv7-je8g-sqet" }, { "vulnerability": "VCID-x783-ggg8-auck" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/drupal/core-recommended@8.8.4" }, { "url": "http://public2.vulnerablecode.io/api/packages/253689?format=api", "purl": "pkg:composer/drupal/core-recommended@8.8.5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-5jy9-mhbb-nuh7" }, { "vulnerability": "VCID-9dfs-rpqy-6kfa" }, { "vulnerability": "VCID-9rmk-e8zd-9bcw" }, { "vulnerability": "VCID-jed8-4cv5-6bcr" }, { "vulnerability": "VCID-phwu-rdm2-ufhr" }, { "vulnerability": "VCID-sg4r-hncm-dqcq" }, { "vulnerability": "VCID-vjrr-h9sh-3bcu" }, { "vulnerability": "VCID-wsv7-je8g-sqet" }, { "vulnerability": "VCID-x783-ggg8-auck" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/drupal/core-recommended@8.8.5" }, { "url": "http://public2.vulnerablecode.io/api/packages/77185?format=api", "purl": "pkg:composer/drupal/core-recommended@8.8.6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-5jy9-mhbb-nuh7" }, { "vulnerability": "VCID-9dfs-rpqy-6kfa" }, { "vulnerability": "VCID-9rmk-e8zd-9bcw" }, { "vulnerability": "VCID-phwu-rdm2-ufhr" }, { "vulnerability": "VCID-sg4r-hncm-dqcq" }, { "vulnerability": "VCID-wsv7-je8g-sqet" }, { "vulnerability": "VCID-x783-ggg8-auck" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/drupal/core-recommended@8.8.6" }, { "url": "http://public2.vulnerablecode.io/api/packages/280767?format=api", "purl": "pkg:composer/drupal/core-recommended@8.8.7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-5jy9-mhbb-nuh7" }, { "vulnerability": "VCID-9dfs-rpqy-6kfa" }, { "vulnerability": "VCID-9rmk-e8zd-9bcw" }, { "vulnerability": "VCID-phwu-rdm2-ufhr" }, { "vulnerability": "VCID-sg4r-hncm-dqcq" }, { "vulnerability": "VCID-wsv7-je8g-sqet" }, { "vulnerability": "VCID-x783-ggg8-auck" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/drupal/core-recommended@8.8.7" }, { "url": "http://public2.vulnerablecode.io/api/packages/79191?format=api", "purl": "pkg:composer/drupal/core-recommended@8.9.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-5jy9-mhbb-nuh7" }, { "vulnerability": "VCID-67da-qxh5-aydx" }, { "vulnerability": "VCID-9dfs-rpqy-6kfa" }, { "vulnerability": "VCID-9rmk-e8zd-9bcw" }, { "vulnerability": "VCID-phwu-rdm2-ufhr" }, { "vulnerability": "VCID-sg4r-hncm-dqcq" }, { "vulnerability": "VCID-wsv7-je8g-sqet" }, { "vulnerability": "VCID-x783-ggg8-auck" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/drupal/core-recommended@8.9.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/79178?format=api", "purl": "pkg:composer/drupal/core-recommended@9.0.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-5jy9-mhbb-nuh7" }, { "vulnerability": "VCID-67da-qxh5-aydx" }, { "vulnerability": "VCID-9dfs-rpqy-6kfa" }, { "vulnerability": "VCID-9rmk-e8zd-9bcw" }, { "vulnerability": "VCID-phwu-rdm2-ufhr" }, { "vulnerability": "VCID-sg4r-hncm-dqcq" }, { "vulnerability": "VCID-wsv7-je8g-sqet" }, { "vulnerability": "VCID-x783-ggg8-auck" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/drupal/core-recommended@9.0.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/76832?format=api", "purl": "pkg:composer/drupal/drupal@8.8.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3dgm-qju3-aqh5" }, { "vulnerability": "VCID-5jy9-mhbb-nuh7" }, { "vulnerability": "VCID-6x4v-da7x-uyhh" }, { "vulnerability": "VCID-7n8f-bdkf-sqfu" }, { "vulnerability": "VCID-9dfs-rpqy-6kfa" }, { "vulnerability": "VCID-9rmk-e8zd-9bcw" }, { "vulnerability": "VCID-b266-wste-eqh6" }, { "vulnerability": "VCID-jed8-4cv5-6bcr" }, { "vulnerability": "VCID-n318-rcfy-uybg" }, { "vulnerability": "VCID-phwu-rdm2-ufhr" }, { "vulnerability": "VCID-pxwv-fhy9-ckfm" }, { "vulnerability": "VCID-qwge-qrwn-1faj" }, { "vulnerability": "VCID-sg4r-hncm-dqcq" }, { "vulnerability": "VCID-tcan-28ga-j3h1" }, { "vulnerability": "VCID-tp81-dw6e-9qah" }, { "vulnerability": "VCID-vjrr-h9sh-3bcu" }, { "vulnerability": "VCID-x783-ggg8-auck" }, { "vulnerability": "VCID-xv4d-ped2-4udz" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/drupal/drupal@8.8.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/59238?format=api", "purl": "pkg:composer/drupal/drupal@8.9.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-31qy-vagp-83b6" }, { "vulnerability": "VCID-5jy9-mhbb-nuh7" }, { "vulnerability": "VCID-67da-qxh5-aydx" }, { "vulnerability": "VCID-9dfs-rpqy-6kfa" }, { "vulnerability": "VCID-9rmk-e8zd-9bcw" }, { "vulnerability": "VCID-avmn-kqky-83dd" }, { "vulnerability": "VCID-nacy-y1qt-5yhb" }, { "vulnerability": "VCID-phwu-rdm2-ufhr" }, { "vulnerability": "VCID-sg4r-hncm-dqcq" }, { "vulnerability": "VCID-vz31-7246-aken" }, { "vulnerability": "VCID-wsv7-je8g-sqet" }, { "vulnerability": "VCID-x783-ggg8-auck" }, { "vulnerability": "VCID-xz7z-trbh-j7dk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/drupal/drupal@8.9.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/59239?format=api", "purl": "pkg:composer/drupal/drupal@9.0.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2w1s-g91k-xuhj" }, { "vulnerability": "VCID-31qy-vagp-83b6" }, { "vulnerability": "VCID-5jy9-mhbb-nuh7" }, { "vulnerability": "VCID-67da-qxh5-aydx" }, { "vulnerability": "VCID-9dfs-rpqy-6kfa" }, { "vulnerability": "VCID-9rmk-e8zd-9bcw" }, { "vulnerability": "VCID-avmn-kqky-83dd" }, { "vulnerability": "VCID-nacy-y1qt-5yhb" }, { "vulnerability": "VCID-phwu-rdm2-ufhr" }, { "vulnerability": "VCID-sg4r-hncm-dqcq" }, { "vulnerability": "VCID-tpzm-u3qp-akc8" }, { "vulnerability": "VCID-vz31-7246-aken" }, { "vulnerability": "VCID-wsv7-je8g-sqet" }, { "vulnerability": "VCID-x783-ggg8-auck" }, { "vulnerability": "VCID-xz7z-trbh-j7dk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/drupal/drupal@9.0.0" } ], "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-13664", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01962", "scoring_system": "epss", "scoring_elements": "0.83862", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.01962", "scoring_system": "epss", "scoring_elements": "0.83838", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-13664" }, { "reference_url": "https://github.com/drupal/core", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/drupal/core" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/drupal/core/CVE-2020-13664.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/drupal/core/CVE-2020-13664.yaml" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/drupal/drupal/CVE-2020-13664.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/drupal/drupal/CVE-2020-13664.yaml" }, { "reference_url": "https://www.drupal.org/sa-core-2020-005", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.drupal.org/sa-core-2020-005" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2020-13664", "reference_id": "CVE-2020-13664", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-13664" }, { "reference_url": "https://github.com/advisories/GHSA-x72f-ggjw-v5xh", "reference_id": "GHSA-x72f-ggjw-v5xh", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-x72f-ggjw-v5xh" } ], "weaknesses": [ { "cwe_id": 1035, "name": "OWASP Top Ten 2017 Category A9 - Using Components with Known Vulnerabilities", "description": "Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2017." }, { "cwe_id": 77, "name": "Improper Neutralization of Special Elements used in a Command ('Command Injection')", "description": "The product constructs all or part of a command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended command when it is sent to a downstream component." }, { "cwe_id": 937, "name": "OWASP Top Ten 2013 Category A9 - Using Components with Known Vulnerabilities", "description": "Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2013." } ], "exploits": [], "severity_range_score": "7.0 - 8.9", "exploitability": "0.5", "weighted_severity": "8.0", "risk_score": 4.0, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-phwu-rdm2-ufhr" }