Django REST framework

Lookup for vulnerabilities affecting packages.

Vulnerability_id VCID-chq1-2qx1-qqe9

Summary

Insecure Deserialization
By-passing Protection of `PharStreamWrapper` Interceptor.

Aliases

alias	2018-10-18-1

Fixed_packages

url pkg:composer/typo3/phar-stream-wrapper@3.0.1

purl pkg:composer/typo3/phar-stream-wrapper@3.0.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-349d-w26k-mqfw

vulnerability	VCID-ddsb-8rn2-x7gb

vulnerability	VCID-hsez-yx7s-uuhn

vulnerability	VCID-xvf6-5tjp-b7bu

resource_url http://public2.vulnerablecode.io/packages/pkg:composer/typo3/phar-stream-wrapper@3.0.1

Affected_packages

url pkg:composer/typo3/phar-stream-wrapper@1.0.0

purl pkg:composer/typo3/phar-stream-wrapper@1.0.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-4ehm-4k5n-mkfk

vulnerability	VCID-chq1-2qx1-qqe9

resource_url http://public2.vulnerablecode.io/packages/pkg:composer/typo3/phar-stream-wrapper@1.0.0

url pkg:composer/typo3/phar-stream-wrapper@1.0.1

purl pkg:composer/typo3/phar-stream-wrapper@1.0.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-4ehm-4k5n-mkfk

vulnerability	VCID-chq1-2qx1-qqe9

resource_url http://public2.vulnerablecode.io/packages/pkg:composer/typo3/phar-stream-wrapper@1.0.1

url pkg:composer/typo3/phar-stream-wrapper@1.1.0

purl pkg:composer/typo3/phar-stream-wrapper@1.1.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-4ehm-4k5n-mkfk

vulnerability	VCID-chq1-2qx1-qqe9

resource_url http://public2.vulnerablecode.io/packages/pkg:composer/typo3/phar-stream-wrapper@1.1.0

url pkg:composer/typo3/phar-stream-wrapper@1.9.9

purl pkg:composer/typo3/phar-stream-wrapper@1.9.9

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-4ehm-4k5n-mkfk

vulnerability	VCID-chq1-2qx1-qqe9

resource_url http://public2.vulnerablecode.io/packages/pkg:composer/typo3/phar-stream-wrapper@1.9.9

url pkg:composer/typo3/phar-stream-wrapper@2.0.0

purl pkg:composer/typo3/phar-stream-wrapper@2.0.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-349d-w26k-mqfw

vulnerability	VCID-4ehm-4k5n-mkfk

vulnerability	VCID-chq1-2qx1-qqe9

vulnerability	VCID-ddsb-8rn2-x7gb

vulnerability	VCID-hsez-yx7s-uuhn

vulnerability	VCID-xvf6-5tjp-b7bu

resource_url http://public2.vulnerablecode.io/packages/pkg:composer/typo3/phar-stream-wrapper@2.0.0

url pkg:composer/typo3/phar-stream-wrapper@3.0.0

purl pkg:composer/typo3/phar-stream-wrapper@3.0.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-349d-w26k-mqfw

vulnerability	VCID-4ehm-4k5n-mkfk

vulnerability	VCID-chq1-2qx1-qqe9

vulnerability	VCID-ddsb-8rn2-x7gb

vulnerability	VCID-hsez-yx7s-uuhn

vulnerability	VCID-xvf6-5tjp-b7bu

resource_url http://public2.vulnerablecode.io/packages/pkg:composer/typo3/phar-stream-wrapper@3.0.0

References

reference_url	https://typo3.org/security/advisory/typo3-psa-2018-001/
reference_id
reference_type
scores
url	https://typo3.org/security/advisory/typo3-psa-2018-001/

Weaknesses

Exploits

Severity_range_score null

Exploitability 0.5

Weighted_severity 0.0

Risk_score null

Resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-chq1-2qx1-qqe9

Vulnerability Instance