Django REST framework

Vulnerability Instance

Lookup for vulnerabilities affecting packages.

Vulnerability_idVCID-a1kt-str6-rqec
Summary
TYPO3 Arbitrary Shell Execution in Swiftmailer library
The swiftmailer library in use allows to execute arbitrary shell commands if the "From" header comes from a non-trusted source and no "Return-Path" is configured. Affected are only TYPO3 installation the configuration option
```
$GLOBALS['TYPO3_CONF_VARS']['MAIL']['transport']
```
is set to "sendmail". Installations with the default configuration are not affected.
Aliases
0
alias GHSA-45xg-4w5x-j429
Fixed_packages
0
url pkg:composer/typo3/cms@6.2.6
purl pkg:composer/typo3/cms@6.2.6
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1efr-h9gq-r7h1
1
vulnerability VCID-1u4r-r97q-3yfk
2
vulnerability VCID-2r7u-mc45-8yhe
3
vulnerability VCID-39jx-muqb-nkfq
4
vulnerability VCID-5dxs-cdht-27hw
5
vulnerability VCID-5hm4-ms5p-uuae
6
vulnerability VCID-6u6t-uy5y-5fd6
7
vulnerability VCID-727q-h3ey-6yc9
8
vulnerability VCID-7n9x-c9gs-9yb3
9
vulnerability VCID-8jcy-3kje-fqeh
10
vulnerability VCID-8p64-6zpt-t3av
11
vulnerability VCID-8vum-snng-jfcv
12
vulnerability VCID-ansr-8m5j-pya6
13
vulnerability VCID-c57c-akce-xufq
14
vulnerability VCID-dd9u-w2y2-87h9
15
vulnerability VCID-dw8z-wtph-skey
16
vulnerability VCID-dwjk-7sqh-hqa8
17
vulnerability VCID-e1gr-txgg-fqa6
18
vulnerability VCID-e82x-2cdb-7fgn
19
vulnerability VCID-ebku-sk43-m7bf
20
vulnerability VCID-ec17-eauu-67d3
21
vulnerability VCID-eutz-mj58-audb
22
vulnerability VCID-ev4k-5k1d-2bhu
23
vulnerability VCID-exjy-5cyn-zfg1
24
vulnerability VCID-fqkx-v8t5-q3h6
25
vulnerability VCID-g9ns-sxkx-aqh1
26
vulnerability VCID-h217-xe8x-nua3
27
vulnerability VCID-h7hf-sf2q-73ay
28
vulnerability VCID-huxd-2e6q-abak
29
vulnerability VCID-hzma-cduk-3uhp
30
vulnerability VCID-j6x1-dfre-2bdq
31
vulnerability VCID-jeqr-9tfu-f7b2
32
vulnerability VCID-jx9x-wxwq-5khx
33
vulnerability VCID-kj76-rsr8-yqb3
34
vulnerability VCID-kqu8-8c1n-73hr
35
vulnerability VCID-ks1q-a8x2-uqht
36
vulnerability VCID-m3nc-xbb4-yubr
37
vulnerability VCID-n18b-qe5x-z7cj
38
vulnerability VCID-n326-yy8y-xuap
39
vulnerability VCID-nhjv-nke2-2kf8
40
vulnerability VCID-nqqc-nkwq-rqhx
41
vulnerability VCID-p7gd-anw2-1qbz
42
vulnerability VCID-q5f3-nhjn-hyb4
43
vulnerability VCID-rae3-cugy-hbh5
44
vulnerability VCID-s97a-nmk8-y3ay
45
vulnerability VCID-sn8n-mawq-3uht
46
vulnerability VCID-tgyt-axv1-c7ag
47
vulnerability VCID-u4tq-8qnk-5fd7
48
vulnerability VCID-u6h1-ccgw-jqds
49
vulnerability VCID-ub3e-hrb1-wqac
50
vulnerability VCID-vq15-t92r-5bhx
51
vulnerability VCID-wk4s-4bcd-2yb5
52
vulnerability VCID-wms8-dnuz-b3hc
53
vulnerability VCID-xw1s-93bu-wuh9
54
vulnerability VCID-y1ap-y4az-x7ec
55
vulnerability VCID-yn6z-9v7k-x7br
56
vulnerability VCID-zrz3-3dnf-tbay
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@6.2.6
Affected_packages
0
url pkg:composer/typo3/cms@4.5.0
purl pkg:composer/typo3/cms@4.5.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1txa-3guj-4fe2
1
vulnerability VCID-2rb1-4nfa-sba1
2
vulnerability VCID-531r-qzmx-1yfa
3
vulnerability VCID-75xh-4935-mqa9
4
vulnerability VCID-88un-etsg-2qas
5
vulnerability VCID-a1kt-str6-rqec
6
vulnerability VCID-ae89-sz78-kydg
7
vulnerability VCID-bdx9-qjnn-ybbh
8
vulnerability VCID-brj5-1b16-fbb2
9
vulnerability VCID-e958-8xq7-1qh4
10
vulnerability VCID-eku4-xr4n-vbg8
11
vulnerability VCID-etsd-q5s7-2qcy
12
vulnerability VCID-mebb-nda6-fbfk
13
vulnerability VCID-nx7p-v66a-vfg1
14
vulnerability VCID-ra42-mjmq-cfa6
15
vulnerability VCID-uqt6-d8qh-vbcr
16
vulnerability VCID-wasp-gawc-cbca
17
vulnerability VCID-yphc-ujay-7fcs
18
vulnerability VCID-zqe5-53je-mfaw
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@4.5.0
1
url pkg:composer/typo3/cms@4.7.0
purl pkg:composer/typo3/cms@4.7.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-88un-etsg-2qas
1
vulnerability VCID-a1kt-str6-rqec
2
vulnerability VCID-mebb-nda6-fbfk
3
vulnerability VCID-nx7p-v66a-vfg1
4
vulnerability VCID-ra42-mjmq-cfa6
5
vulnerability VCID-wasp-gawc-cbca
6
vulnerability VCID-yphc-ujay-7fcs
7
vulnerability VCID-zqe5-53je-mfaw
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@4.7.0
2
url pkg:composer/typo3/cms@6.1.0
purl pkg:composer/typo3/cms@6.1.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-88un-etsg-2qas
1
vulnerability VCID-a1kt-str6-rqec
2
vulnerability VCID-nx7p-v66a-vfg1
3
vulnerability VCID-wasp-gawc-cbca
4
vulnerability VCID-yphc-ujay-7fcs
5
vulnerability VCID-zqe5-53je-mfaw
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@6.1.0
3
url pkg:composer/typo3/cms@6.2.0
purl pkg:composer/typo3/cms@6.2.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1efr-h9gq-r7h1
1
vulnerability VCID-1u4r-r97q-3yfk
2
vulnerability VCID-2r7u-mc45-8yhe
3
vulnerability VCID-39jx-muqb-nkfq
4
vulnerability VCID-3ump-aca5-g7b6
5
vulnerability VCID-4fse-74hb-x3c9
6
vulnerability VCID-4wnp-gusy-43b8
7
vulnerability VCID-5dxs-cdht-27hw
8
vulnerability VCID-5hm4-ms5p-uuae
9
vulnerability VCID-5ppx-p8eq-mbgk
10
vulnerability VCID-5ru2-1n1f-afa4
11
vulnerability VCID-6su8-bbrw-hbhp
12
vulnerability VCID-6u6t-uy5y-5fd6
13
vulnerability VCID-727q-h3ey-6yc9
14
vulnerability VCID-7n9x-c9gs-9yb3
15
vulnerability VCID-83y4-7q4j-h7f8
16
vulnerability VCID-88un-etsg-2qas
17
vulnerability VCID-8jcy-3kje-fqeh
18
vulnerability VCID-8p64-6zpt-t3av
19
vulnerability VCID-8vum-snng-jfcv
20
vulnerability VCID-95wn-6r9b-q7et
21
vulnerability VCID-9899-uxyb-73gg
22
vulnerability VCID-a1kt-str6-rqec
23
vulnerability VCID-ansr-8m5j-pya6
24
vulnerability VCID-bstt-ybrs-5ua3
25
vulnerability VCID-c57c-akce-xufq
26
vulnerability VCID-cgqm-1wwf-kbg6
27
vulnerability VCID-dd9u-w2y2-87h9
28
vulnerability VCID-dw8z-wtph-skey
29
vulnerability VCID-dwjk-7sqh-hqa8
30
vulnerability VCID-dyhd-5p1e-fya6
31
vulnerability VCID-e1gr-txgg-fqa6
32
vulnerability VCID-e1ms-4r4s-g7e7
33
vulnerability VCID-e2bk-pfbe-puek
34
vulnerability VCID-e82x-2cdb-7fgn
35
vulnerability VCID-ebku-sk43-m7bf
36
vulnerability VCID-ec17-eauu-67d3
37
vulnerability VCID-ekvp-u4kk-kqdd
38
vulnerability VCID-eutz-mj58-audb
39
vulnerability VCID-ev4k-5k1d-2bhu
40
vulnerability VCID-exjy-5cyn-zfg1
41
vulnerability VCID-fgn1-hswd-ekdf
42
vulnerability VCID-fgqa-5fx9-nkaz
43
vulnerability VCID-fqkx-v8t5-q3h6
44
vulnerability VCID-g7mm-vjbw-bbhd
45
vulnerability VCID-g9ns-sxkx-aqh1
46
vulnerability VCID-gbdn-7ce2-zuf7
47
vulnerability VCID-h217-xe8x-nua3
48
vulnerability VCID-h7hf-sf2q-73ay
49
vulnerability VCID-huxd-2e6q-abak
50
vulnerability VCID-hzma-cduk-3uhp
51
vulnerability VCID-j6x1-dfre-2bdq
52
vulnerability VCID-jenc-czvj-g3gw
53
vulnerability VCID-jeqr-9tfu-f7b2
54
vulnerability VCID-jf28-91be-6kbr
55
vulnerability VCID-jmea-qzsr-wkf4
56
vulnerability VCID-jn38-wfec-7bb2
57
vulnerability VCID-jx9x-wxwq-5khx
58
vulnerability VCID-kj76-rsr8-yqb3
59
vulnerability VCID-kp2p-nbmg-ufen
60
vulnerability VCID-kqu8-8c1n-73hr
61
vulnerability VCID-ks1q-a8x2-uqht
62
vulnerability VCID-m3nc-xbb4-yubr
63
vulnerability VCID-n18b-qe5x-z7cj
64
vulnerability VCID-n326-yy8y-xuap
65
vulnerability VCID-nhjv-nke2-2kf8
66
vulnerability VCID-nqqc-nkwq-rqhx
67
vulnerability VCID-nvbp-pbjw-3qgx
68
vulnerability VCID-p7gd-anw2-1qbz
69
vulnerability VCID-q5f3-nhjn-hyb4
70
vulnerability VCID-qek9-g3h8-nfdz
71
vulnerability VCID-r6hu-hvdh-abb1
72
vulnerability VCID-rae3-cugy-hbh5
73
vulnerability VCID-rm7r-1pqj-3fbs
74
vulnerability VCID-s4re-vww7-sugb
75
vulnerability VCID-s97a-nmk8-y3ay
76
vulnerability VCID-sdz8-hju8-4bcb
77
vulnerability VCID-sn8n-mawq-3uht
78
vulnerability VCID-tgyt-axv1-c7ag
79
vulnerability VCID-u37d-tqqe-n7d4
80
vulnerability VCID-u4tq-8qnk-5fd7
81
vulnerability VCID-u6h1-ccgw-jqds
82
vulnerability VCID-ub3e-hrb1-wqac
83
vulnerability VCID-v2qy-dbf2-bffn
84
vulnerability VCID-vq15-t92r-5bhx
85
vulnerability VCID-w58p-3wg1-7ycr
86
vulnerability VCID-w65h-8a9d-ckgj
87
vulnerability VCID-wk4s-4bcd-2yb5
88
vulnerability VCID-wms8-dnuz-b3hc
89
vulnerability VCID-x175-xjek-97ds
90
vulnerability VCID-xpxg-qq49-b7fd
91
vulnerability VCID-xt7m-u9eb-fyd9
92
vulnerability VCID-xw1s-93bu-wuh9
93
vulnerability VCID-y1ap-y4az-x7ec
94
vulnerability VCID-yn6z-9v7k-x7br
95
vulnerability VCID-yphc-ujay-7fcs
96
vulnerability VCID-ys6f-g39p-fkfc
97
vulnerability VCID-zhvz-jzf3-2uac
98
vulnerability VCID-zpxz-291y-x3c7
99
vulnerability VCID-zqe5-53je-mfaw
100
vulnerability VCID-zru2-9g25-77dc
101
vulnerability VCID-zrz3-3dnf-tbay
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@6.2.0
References
0
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms/2014-10-22-2.yaml
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms/2014-10-22-2.yaml
1
reference_url https://github.com/TYPO3/typo3
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/TYPO3/typo3
2
reference_url https://github.com/TYPO3/typo3/commit/313c4bba53dd78803a9ee97c1f6f1d450a521521
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/TYPO3/typo3/commit/313c4bba53dd78803a9ee97c1f6f1d450a521521
3
reference_url https://github.com/TYPO3/typo3/commit/6af37574e063929eaab066dd9920b1fa8815da12
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/TYPO3/typo3/commit/6af37574e063929eaab066dd9920b1fa8815da12
4
reference_url https://github.com/TYPO3/typo3/commit/dbdd9f22b7cebf43f2e4abdb2a6a8a9f32af8f61
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/TYPO3/typo3/commit/dbdd9f22b7cebf43f2e4abdb2a6a8a9f32af8f61
5
reference_url https://github.com/TYPO3/typo3/commit/ead183c5acf25b7e1121adee5a5860bd9b5f05a2
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/TYPO3/typo3/commit/ead183c5acf25b7e1121adee5a5860bd9b5f05a2
6
reference_url https://typo3.org/security/advisory/typo3-core-sa-2014-002
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://typo3.org/security/advisory/typo3-core-sa-2014-002
7
reference_url https://github.com/advisories/GHSA-45xg-4w5x-j429
reference_id GHSA-45xg-4w5x-j429
reference_type
scores
url https://github.com/advisories/GHSA-45xg-4w5x-j429
Weaknesses
0
cwe_id 20
name Improper Input Validation
description The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.
1
cwe_id 937
name OWASP Top Ten 2013 Category A9 - Using Components with Known Vulnerabilities
description Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2013.
2
cwe_id 1035
name OWASP Top Ten 2017 Category A9 - Using Components with Known Vulnerabilities
description Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2017.
Exploits
Severity_range_score7.0 - 8.9
Exploitability0.5
Weighted_severity8.0
Risk_score4.0
Resource_urlhttp://public2.vulnerablecode.io/vulnerabilities/VCID-a1kt-str6-rqec