Django REST framework

Vulnerability Instance

Lookup for vulnerabilities affecting packages.

Vulnerability_idVCID-zru2-9g25-77dc
Summary
TYPO3 Frontend vulnerable to Unauthenticated Path Disclosure
It has been discovered, that calling a PHP script which is delivered with TYPO3 for testing purposes, discloses the absolute server path to the TYPO3 installation.
Aliases
0
alias GHSA-pqfv-97hj-g97g
Fixed_packages
0
url pkg:composer/typo3/cms@6.2.15
purl pkg:composer/typo3/cms@6.2.15
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1efr-h9gq-r7h1
1
vulnerability VCID-2r7u-mc45-8yhe
2
vulnerability VCID-39jx-muqb-nkfq
3
vulnerability VCID-5dxs-cdht-27hw
4
vulnerability VCID-5hm4-ms5p-uuae
5
vulnerability VCID-727q-h3ey-6yc9
6
vulnerability VCID-8jcy-3kje-fqeh
7
vulnerability VCID-8p64-6zpt-t3av
8
vulnerability VCID-8vum-snng-jfcv
9
vulnerability VCID-ansr-8m5j-pya6
10
vulnerability VCID-dd9u-w2y2-87h9
11
vulnerability VCID-dw8z-wtph-skey
12
vulnerability VCID-e82x-2cdb-7fgn
13
vulnerability VCID-ebku-sk43-m7bf
14
vulnerability VCID-eutz-mj58-audb
15
vulnerability VCID-ev4k-5k1d-2bhu
16
vulnerability VCID-exjy-5cyn-zfg1
17
vulnerability VCID-fqkx-v8t5-q3h6
18
vulnerability VCID-g9ns-sxkx-aqh1
19
vulnerability VCID-h217-xe8x-nua3
20
vulnerability VCID-h7hf-sf2q-73ay
21
vulnerability VCID-huxd-2e6q-abak
22
vulnerability VCID-hzma-cduk-3uhp
23
vulnerability VCID-jeqr-9tfu-f7b2
24
vulnerability VCID-kj76-rsr8-yqb3
25
vulnerability VCID-kqu8-8c1n-73hr
26
vulnerability VCID-ks1q-a8x2-uqht
27
vulnerability VCID-m3nc-xbb4-yubr
28
vulnerability VCID-n18b-qe5x-z7cj
29
vulnerability VCID-n326-yy8y-xuap
30
vulnerability VCID-nhjv-nke2-2kf8
31
vulnerability VCID-nqqc-nkwq-rqhx
32
vulnerability VCID-p7gd-anw2-1qbz
33
vulnerability VCID-s97a-nmk8-y3ay
34
vulnerability VCID-sn8n-mawq-3uht
35
vulnerability VCID-tgyt-axv1-c7ag
36
vulnerability VCID-u4tq-8qnk-5fd7
37
vulnerability VCID-u6h1-ccgw-jqds
38
vulnerability VCID-ub3e-hrb1-wqac
39
vulnerability VCID-vq15-t92r-5bhx
40
vulnerability VCID-wk4s-4bcd-2yb5
41
vulnerability VCID-wms8-dnuz-b3hc
42
vulnerability VCID-xw1s-93bu-wuh9
43
vulnerability VCID-y1ap-y4az-x7ec
44
vulnerability VCID-yn6z-9v7k-x7br
45
vulnerability VCID-zrz3-3dnf-tbay
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@6.2.15
1
url pkg:composer/typo3/cms@7.4.0
purl pkg:composer/typo3/cms@7.4.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3ugj-6m1e-e3hr
1
vulnerability VCID-5hm4-ms5p-uuae
2
vulnerability VCID-8jcy-3kje-fqeh
3
vulnerability VCID-953t-q1cr-zyd6
4
vulnerability VCID-abjx-8v46-d7d8
5
vulnerability VCID-ansr-8m5j-pya6
6
vulnerability VCID-dsqm-9q3e-dudw
7
vulnerability VCID-e82x-2cdb-7fgn
8
vulnerability VCID-ev4k-5k1d-2bhu
9
vulnerability VCID-fdnw-2tz5-4fdr
10
vulnerability VCID-fqkx-v8t5-q3h6
11
vulnerability VCID-hp99-ncuh-6ugv
12
vulnerability VCID-jp1p-rfxa-hyd9
13
vulnerability VCID-jq5y-7h9g-mufa
14
vulnerability VCID-n18b-qe5x-z7cj
15
vulnerability VCID-nhjv-nke2-2kf8
16
vulnerability VCID-njsj-bwjq-fyap
17
vulnerability VCID-p7gd-anw2-1qbz
18
vulnerability VCID-u6h1-ccgw-jqds
19
vulnerability VCID-ub3e-hrb1-wqac
20
vulnerability VCID-vq15-t92r-5bhx
21
vulnerability VCID-wms8-dnuz-b3hc
22
vulnerability VCID-xw1s-93bu-wuh9
23
vulnerability VCID-yz6t-ge1y-qfgr
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@7.4.0
Affected_packages
0
url pkg:composer/typo3/cms@6.2.0
purl pkg:composer/typo3/cms@6.2.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1efr-h9gq-r7h1
1
vulnerability VCID-1u4r-r97q-3yfk
2
vulnerability VCID-2r7u-mc45-8yhe
3
vulnerability VCID-39jx-muqb-nkfq
4
vulnerability VCID-3ump-aca5-g7b6
5
vulnerability VCID-4fse-74hb-x3c9
6
vulnerability VCID-4wnp-gusy-43b8
7
vulnerability VCID-5dxs-cdht-27hw
8
vulnerability VCID-5hm4-ms5p-uuae
9
vulnerability VCID-5ppx-p8eq-mbgk
10
vulnerability VCID-5ru2-1n1f-afa4
11
vulnerability VCID-6su8-bbrw-hbhp
12
vulnerability VCID-6u6t-uy5y-5fd6
13
vulnerability VCID-727q-h3ey-6yc9
14
vulnerability VCID-7n9x-c9gs-9yb3
15
vulnerability VCID-83y4-7q4j-h7f8
16
vulnerability VCID-88un-etsg-2qas
17
vulnerability VCID-8jcy-3kje-fqeh
18
vulnerability VCID-8p64-6zpt-t3av
19
vulnerability VCID-8vum-snng-jfcv
20
vulnerability VCID-95wn-6r9b-q7et
21
vulnerability VCID-9899-uxyb-73gg
22
vulnerability VCID-a1kt-str6-rqec
23
vulnerability VCID-ansr-8m5j-pya6
24
vulnerability VCID-bstt-ybrs-5ua3
25
vulnerability VCID-c57c-akce-xufq
26
vulnerability VCID-cgqm-1wwf-kbg6
27
vulnerability VCID-dd9u-w2y2-87h9
28
vulnerability VCID-dw8z-wtph-skey
29
vulnerability VCID-dwjk-7sqh-hqa8
30
vulnerability VCID-dyhd-5p1e-fya6
31
vulnerability VCID-e1gr-txgg-fqa6
32
vulnerability VCID-e1ms-4r4s-g7e7
33
vulnerability VCID-e2bk-pfbe-puek
34
vulnerability VCID-e82x-2cdb-7fgn
35
vulnerability VCID-ebku-sk43-m7bf
36
vulnerability VCID-ec17-eauu-67d3
37
vulnerability VCID-ekvp-u4kk-kqdd
38
vulnerability VCID-eutz-mj58-audb
39
vulnerability VCID-ev4k-5k1d-2bhu
40
vulnerability VCID-exjy-5cyn-zfg1
41
vulnerability VCID-fgn1-hswd-ekdf
42
vulnerability VCID-fgqa-5fx9-nkaz
43
vulnerability VCID-fqkx-v8t5-q3h6
44
vulnerability VCID-g7mm-vjbw-bbhd
45
vulnerability VCID-g9ns-sxkx-aqh1
46
vulnerability VCID-gbdn-7ce2-zuf7
47
vulnerability VCID-h217-xe8x-nua3
48
vulnerability VCID-h7hf-sf2q-73ay
49
vulnerability VCID-huxd-2e6q-abak
50
vulnerability VCID-hzma-cduk-3uhp
51
vulnerability VCID-j6x1-dfre-2bdq
52
vulnerability VCID-jenc-czvj-g3gw
53
vulnerability VCID-jeqr-9tfu-f7b2
54
vulnerability VCID-jf28-91be-6kbr
55
vulnerability VCID-jmea-qzsr-wkf4
56
vulnerability VCID-jn38-wfec-7bb2
57
vulnerability VCID-jx9x-wxwq-5khx
58
vulnerability VCID-kj76-rsr8-yqb3
59
vulnerability VCID-kp2p-nbmg-ufen
60
vulnerability VCID-kqu8-8c1n-73hr
61
vulnerability VCID-ks1q-a8x2-uqht
62
vulnerability VCID-m3nc-xbb4-yubr
63
vulnerability VCID-n18b-qe5x-z7cj
64
vulnerability VCID-n326-yy8y-xuap
65
vulnerability VCID-nhjv-nke2-2kf8
66
vulnerability VCID-nqqc-nkwq-rqhx
67
vulnerability VCID-nvbp-pbjw-3qgx
68
vulnerability VCID-p7gd-anw2-1qbz
69
vulnerability VCID-q5f3-nhjn-hyb4
70
vulnerability VCID-qek9-g3h8-nfdz
71
vulnerability VCID-r6hu-hvdh-abb1
72
vulnerability VCID-rae3-cugy-hbh5
73
vulnerability VCID-rm7r-1pqj-3fbs
74
vulnerability VCID-s4re-vww7-sugb
75
vulnerability VCID-s97a-nmk8-y3ay
76
vulnerability VCID-sdz8-hju8-4bcb
77
vulnerability VCID-sn8n-mawq-3uht
78
vulnerability VCID-tgyt-axv1-c7ag
79
vulnerability VCID-u37d-tqqe-n7d4
80
vulnerability VCID-u4tq-8qnk-5fd7
81
vulnerability VCID-u6h1-ccgw-jqds
82
vulnerability VCID-ub3e-hrb1-wqac
83
vulnerability VCID-v2qy-dbf2-bffn
84
vulnerability VCID-vq15-t92r-5bhx
85
vulnerability VCID-w58p-3wg1-7ycr
86
vulnerability VCID-w65h-8a9d-ckgj
87
vulnerability VCID-wk4s-4bcd-2yb5
88
vulnerability VCID-wms8-dnuz-b3hc
89
vulnerability VCID-x175-xjek-97ds
90
vulnerability VCID-xpxg-qq49-b7fd
91
vulnerability VCID-xt7m-u9eb-fyd9
92
vulnerability VCID-xw1s-93bu-wuh9
93
vulnerability VCID-y1ap-y4az-x7ec
94
vulnerability VCID-yn6z-9v7k-x7br
95
vulnerability VCID-yphc-ujay-7fcs
96
vulnerability VCID-ys6f-g39p-fkfc
97
vulnerability VCID-zhvz-jzf3-2uac
98
vulnerability VCID-zpxz-291y-x3c7
99
vulnerability VCID-zqe5-53je-mfaw
100
vulnerability VCID-zru2-9g25-77dc
101
vulnerability VCID-zrz3-3dnf-tbay
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@6.2.0
1
url pkg:composer/typo3/cms@7.0.0
purl pkg:composer/typo3/cms@7.0.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1u4r-r97q-3yfk
1
vulnerability VCID-28fn-ncj5-2ufk
2
vulnerability VCID-2rhr-8vaz-hqfj
3
vulnerability VCID-3ugj-6m1e-e3hr
4
vulnerability VCID-5ru2-1n1f-afa4
5
vulnerability VCID-66kh-c1dm-8fbf
6
vulnerability VCID-6u6t-uy5y-5fd6
7
vulnerability VCID-7n9x-c9gs-9yb3
8
vulnerability VCID-953t-q1cr-zyd6
9
vulnerability VCID-9899-uxyb-73gg
10
vulnerability VCID-abjx-8v46-d7d8
11
vulnerability VCID-ansr-8m5j-pya6
12
vulnerability VCID-c57c-akce-xufq
13
vulnerability VCID-cgqm-1wwf-kbg6
14
vulnerability VCID-dsqm-9q3e-dudw
15
vulnerability VCID-dwjk-7sqh-hqa8
16
vulnerability VCID-dyhd-5p1e-fya6
17
vulnerability VCID-e1gr-txgg-fqa6
18
vulnerability VCID-e1ms-4r4s-g7e7
19
vulnerability VCID-e2bk-pfbe-puek
20
vulnerability VCID-e82x-2cdb-7fgn
21
vulnerability VCID-ec17-eauu-67d3
22
vulnerability VCID-ev4k-5k1d-2bhu
23
vulnerability VCID-fdnw-2tz5-4fdr
24
vulnerability VCID-fqkx-v8t5-q3h6
25
vulnerability VCID-gpv4-4tpd-tbaa
26
vulnerability VCID-hp99-ncuh-6ugv
27
vulnerability VCID-hyx9-8ae6-sba8
28
vulnerability VCID-j6x1-dfre-2bdq
29
vulnerability VCID-jp1p-rfxa-hyd9
30
vulnerability VCID-jq5y-7h9g-mufa
31
vulnerability VCID-jwb1-3sbg-kfa5
32
vulnerability VCID-jx9x-wxwq-5khx
33
vulnerability VCID-n18b-qe5x-z7cj
34
vulnerability VCID-nhjv-nke2-2kf8
35
vulnerability VCID-njsj-bwjq-fyap
36
vulnerability VCID-nqqc-nkwq-rqhx
37
vulnerability VCID-p576-w7dd-p3h7
38
vulnerability VCID-p7gd-anw2-1qbz
39
vulnerability VCID-q5f3-nhjn-hyb4
40
vulnerability VCID-qcnh-z4zh-myaw
41
vulnerability VCID-qek9-g3h8-nfdz
42
vulnerability VCID-r6hu-hvdh-abb1
43
vulnerability VCID-rae3-cugy-hbh5
44
vulnerability VCID-teby-zvvw-zkhv
45
vulnerability VCID-u6h1-ccgw-jqds
46
vulnerability VCID-ub3e-hrb1-wqac
47
vulnerability VCID-uq77-aax5-k7d8
48
vulnerability VCID-vq15-t92r-5bhx
49
vulnerability VCID-w65h-8a9d-ckgj
50
vulnerability VCID-wms8-dnuz-b3hc
51
vulnerability VCID-xvyu-2hb8-8ufh
52
vulnerability VCID-xw1s-93bu-wuh9
53
vulnerability VCID-ys6f-g39p-fkfc
54
vulnerability VCID-yz6t-ge1y-qfgr
55
vulnerability VCID-zru2-9g25-77dc
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@7.0.0
References
0
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms/2015-09-08-1.yaml
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms/2015-09-08-1.yaml
1
reference_url https://github.com/TYPO3/typo3
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/TYPO3/typo3
2
reference_url https://github.com/TYPO3/typo3/commit/ed1e46f89c8e5f699ced245e873d0eff21e5c75e
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/TYPO3/typo3/commit/ed1e46f89c8e5f699ced245e873d0eff21e5c75e
3
reference_url https://typo3.org/security/advisory/typo3-core-sa-2015-008
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://typo3.org/security/advisory/typo3-core-sa-2015-008
4
reference_url https://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2015-008
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2015-008
5
reference_url https://github.com/advisories/GHSA-pqfv-97hj-g97g
reference_id GHSA-pqfv-97hj-g97g
reference_type
scores
url https://github.com/advisories/GHSA-pqfv-97hj-g97g
Weaknesses
0
cwe_id 200
name Exposure of Sensitive Information to an Unauthorized Actor
description The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.
1
cwe_id 937
name OWASP Top Ten 2013 Category A9 - Using Components with Known Vulnerabilities
description Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2013.
2
cwe_id 1035
name OWASP Top Ten 2017 Category A9 - Using Components with Known Vulnerabilities
description Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2017.
Exploits
Severity_range_score4.0 - 6.9
Exploitability0.5
Weighted_severity6.2
Risk_score3.1
Resource_urlhttp://public2.vulnerablecode.io/vulnerabilities/VCID-zru2-9g25-77dc