Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:composer/cakephp/cakephp@2.6.3
Typecomposer
Namespacecakephp
Namecakephp
Version2.6.3
Qualifiers
Subpath
Is_vulnerabletrue
Next_non_vulnerable_version3.10.3
Latest_non_vulnerable_version5.3.1
Affected_by_vulnerabilities
0
url VCID-6x9m-nyfs-a7hq
vulnerability_id VCID-6x9m-nyfs-a7hq
summary 
CakePHP vulnerable to Denial of Service attack through XML payloads
RequestHandlerComponent had a vulnerability that would allow well crafted requests to create a denial of service attack. RequestHandlerComponent leverages `Xml::build()` which allows reading local files. We recommend that all applications using RequestHandlerComponent upgrade, or disable parsing XML payloads.
references
0
reference_url https://bakery.cakephp.org/2015/05/28/cakephp_2_6_6_and_3_0_6_released.html
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url https://bakery.cakephp.org/2015/05/28/cakephp_2_6_6_and_3_0_6_released.html
1
reference_url https://github.com/cakephp/cakephp
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/cakephp/cakephp
2
reference_url https://github.com/cakephp/cakephp/commit/c186487151356a8d7c6e2cae05f87b9df0e59fbb
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/cakephp/cakephp/commit/c186487151356a8d7c6e2cae05f87b9df0e59fbb
3
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/cakephp/cakephp/2015-05-28.yaml
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/cakephp/cakephp/2015-05-28.yaml
4
reference_url https://github.com/advisories/GHSA-q79m-c546-2g63
reference_id GHSA-q79m-c546-2g63
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-q79m-c546-2g63
fixed_packages
0
url pkg:composer/cakephp/cakephp@2.6.6
purl pkg:composer/cakephp/cakephp@2.6.6
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-84hg-51gr-2qhx
1
vulnerability VCID-cp8q-ar71-mqdf
2
vulnerability VCID-cz9h-hf83-eycy
3
vulnerability VCID-f8wn-raej-7qg4
4
vulnerability VCID-qun9-tgkq-d7an
5
vulnerability VCID-qzjr-cpgd-uba7
6
vulnerability VCID-s536-vx42-xbhk
7
vulnerability VCID-wyxz-rb2r-zfck
8
vulnerability VCID-zbjb-pafr-uudq
9
vulnerability VCID-zfgg-dd4t-zyhq
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/cakephp/cakephp@2.6.6
1
url pkg:composer/cakephp/cakephp@3.0.6
purl pkg:composer/cakephp/cakephp@3.0.6
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-84hg-51gr-2qhx
1
vulnerability VCID-cp8q-ar71-mqdf
2
vulnerability VCID-cz9h-hf83-eycy
3
vulnerability VCID-dha1-eyc9-7qff
4
vulnerability VCID-f8wn-raej-7qg4
5
vulnerability VCID-s536-vx42-xbhk
6
vulnerability VCID-zbjb-pafr-uudq
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/cakephp/cakephp@3.0.6
aliases GHSA-q79m-c546-2g63, GMS-2023-71
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-6x9m-nyfs-a7hq
1
url VCID-84hg-51gr-2qhx
vulnerability_id VCID-84hg-51gr-2qhx
summary 
Cross-Site Request Forgery (CSRF)
CakePHP 2.x and 3.x before 3.1.5 might allow remote attackers to bypass the CSRF protection mechanism via the _method parameter.
references
0
reference_url http://bakery.cakephp.org/2015/11/29/cakephp_315_released.html
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://bakery.cakephp.org/2015/11/29/cakephp_315_released.html
1
reference_url http://blog.mindedsecurity.com/2016/01/request-parameter-method-may-lead-to.html
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://blog.mindedsecurity.com/2016/01/request-parameter-method-may-lead-to.html
2
reference_url http://karmainsecurity.com/KIS-2016-01
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://karmainsecurity.com/KIS-2016-01
3
reference_url http://packetstormsecurity.com/files/135301/CakePHP-3.2.0-CSRF-Bypass.html
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://packetstormsecurity.com/files/135301/CakePHP-3.2.0-CSRF-Bypass.html
4
reference_url https://api.first.org/data/v1/epss?cve=CVE-2015-8379
reference_id
reference_type
scores
0
value 0.0006
scoring_system epss
scoring_elements 0.19059
published_at 2026-06-09T12:55:00Z
1
value 0.0006
scoring_system epss
scoring_elements 0.1908
published_at 2026-06-04T12:55:00Z
2
value 0.0006
scoring_system epss
scoring_elements 0.19154
published_at 2026-06-05T12:55:00Z
3
value 0.0006
scoring_system epss
scoring_elements 0.19151
published_at 2026-06-06T12:55:00Z
4
value 0.0006
scoring_system epss
scoring_elements 0.1911
published_at 2026-06-07T12:55:00Z
5
value 0.0006
scoring_system epss
scoring_elements 0.19038
published_at 2026-06-08T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2015-8379
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8379
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8379
6
reference_url http://seclists.org/fulldisclosure/2016/Jan/42
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://seclists.org/fulldisclosure/2016/Jan/42
7
reference_url https://github.com/cakephp/cakephp
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/cakephp/cakephp
8
reference_url https://github.com/cakephp/cakephp/commit/0f818a23a876c01429196bf7623e1e94a50230f0
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/cakephp/cakephp/commit/0f818a23a876c01429196bf7623e1e94a50230f0
9
reference_url http://www.securityfocus.com/archive/1/537317/100/0/threaded
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.securityfocus.com/archive/1/537317/100/0/threaded
10
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=832316
reference_id 832316
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=832316
11
reference_url https://nvd.nist.gov/vuln/detail/CVE-2015-8379
reference_id CVE-2015-8379
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2015-8379
12
reference_url https://github.com/advisories/GHSA-556q-h4vr-pgh2
reference_id GHSA-556q-h4vr-pgh2
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-556q-h4vr-pgh2
fixed_packages
0
url pkg:composer/cakephp/cakephp@3.1.5
purl pkg:composer/cakephp/cakephp@3.1.5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-cp8q-ar71-mqdf
1
vulnerability VCID-dha1-eyc9-7qff
2
vulnerability VCID-f8wn-raej-7qg4
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/cakephp/cakephp@3.1.5
aliases CVE-2015-8379, GHSA-556q-h4vr-pgh2
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-84hg-51gr-2qhx
2
url VCID-cp8q-ar71-mqdf
vulnerability_id VCID-cp8q-ar71-mqdf
summary 
Cross-Site Request Forgery (CSRF)
CakePHP mishandles CSRF token generation. This might be remotely exploitable in conjunction with XSS.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-15400
reference_id
reference_type
scores
0
value 0.00085
scoring_system epss
scoring_elements 0.2462
published_at 2026-06-09T12:55:00Z
1
value 0.00085
scoring_system epss
scoring_elements 0.24635
published_at 2026-06-04T12:55:00Z
2
value 0.00085
scoring_system epss
scoring_elements 0.24735
published_at 2026-06-05T12:55:00Z
3
value 0.00085
scoring_system epss
scoring_elements 0.24725
published_at 2026-06-06T12:55:00Z
4
value 0.00085
scoring_system epss
scoring_elements 0.24669
published_at 2026-06-07T12:55:00Z
5
value 0.00085
scoring_system epss
scoring_elements 0.24611
published_at 2026-06-08T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-15400
1
reference_url https://bakery.cakephp.org/2020/04/18/cakephp_406_released.html
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://bakery.cakephp.org/2020/04/18/cakephp_406_released.html
2
reference_url https://bakery.cakephp.org/2022/05/08/cakephp_3103_released.html
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://bakery.cakephp.org/2022/05/08/cakephp_3103_released.html
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15400
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15400
4
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=985673
reference_id 985673
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=985673
5
reference_url https://nvd.nist.gov/vuln/detail/CVE-2020-15400
reference_id CVE-2020-15400
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2020-15400
6
reference_url https://github.com/advisories/GHSA-j33j-fg2g-mcv2
reference_id GHSA-j33j-fg2g-mcv2
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-j33j-fg2g-mcv2
fixed_packages
0
url pkg:composer/cakephp/cakephp@3.10.3
purl pkg:composer/cakephp/cakephp@3.10.3
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/cakephp/cakephp@3.10.3
1
url pkg:composer/cakephp/cakephp@4.0.6
purl pkg:composer/cakephp/cakephp@4.0.6
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-xsdu-qsw4-ebaz
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/cakephp/cakephp@4.0.6
aliases CVE-2020-15400, GHSA-j33j-fg2g-mcv2
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-cp8q-ar71-mqdf
3
url VCID-cz9h-hf83-eycy
vulnerability_id VCID-cz9h-hf83-eycy
summary 
CakePHP vulnerable to Remote File Inclusion through View template name manipulation
CakePHP 2.x prior to 2.0.99, 2.1.99, 2.2.99, 2.3.99, 2.4.99, 2.5.99, 2.6.12, and 2.7.6 and 3.x prior to 3.0.15 and 3.1.4 is vulnerable to Remote File Inclusion through View template name manipulation.
references
0
reference_url https://bakery.cakephp.org/2015/11/05/cakephp_3015_314_2612_276_released.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://bakery.cakephp.org/2015/11/05/cakephp_3015_314_2612_276_released.html
1
reference_url https://github.com/cakephp/cakephp
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/cakephp/cakephp
2
reference_url https://github.com/cakephp/cakephp/commit/5e60cc5d182e6131e3fbdfdf69f49d560c9ff78b
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/cakephp/cakephp/commit/5e60cc5d182e6131e3fbdfdf69f49d560c9ff78b
3
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/cakephp/cakephp/2015-11-05.yaml
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/cakephp/cakephp/2015-11-05.yaml
4
reference_url https://github.com/advisories/GHSA-p76f-wr22-4rv6
reference_id GHSA-p76f-wr22-4rv6
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-p76f-wr22-4rv6
fixed_packages
0
url pkg:composer/cakephp/cakephp@2.6.12
purl pkg:composer/cakephp/cakephp@2.6.12
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-84hg-51gr-2qhx
1
vulnerability VCID-cp8q-ar71-mqdf
2
vulnerability VCID-f8wn-raej-7qg4
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/cakephp/cakephp@2.6.12
1
url pkg:composer/cakephp/cakephp@2.7.6
purl pkg:composer/cakephp/cakephp@2.7.6
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-84hg-51gr-2qhx
1
vulnerability VCID-cp8q-ar71-mqdf
2
vulnerability VCID-f8wn-raej-7qg4
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/cakephp/cakephp@2.7.6
2
url pkg:composer/cakephp/cakephp@3.0.15
purl pkg:composer/cakephp/cakephp@3.0.15
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-84hg-51gr-2qhx
1
vulnerability VCID-cp8q-ar71-mqdf
2
vulnerability VCID-dha1-eyc9-7qff
3
vulnerability VCID-f8wn-raej-7qg4
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/cakephp/cakephp@3.0.15
3
url pkg:composer/cakephp/cakephp@3.1.4
purl pkg:composer/cakephp/cakephp@3.1.4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-84hg-51gr-2qhx
1
vulnerability VCID-cp8q-ar71-mqdf
2
vulnerability VCID-dha1-eyc9-7qff
3
vulnerability VCID-f8wn-raej-7qg4
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/cakephp/cakephp@3.1.4
aliases GHSA-p76f-wr22-4rv6, GMS-2023-70
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-cz9h-hf83-eycy
4
url VCID-f8wn-raej-7qg4
vulnerability_id VCID-f8wn-raej-7qg4
summary 
Improper Input Validation
The `clientIp` function in CakePHP allows remote attackers to spoof their IP via the `CLIENT-IP` HTTP header.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-4793
reference_id
reference_type
scores
0
value 0.08275
scoring_system epss
scoring_elements 0.92398
published_at 2026-06-05T12:55:00Z
1
value 0.08275
scoring_system epss
scoring_elements 0.92385
published_at 2026-06-04T12:55:00Z
2
value 0.08275
scoring_system epss
scoring_elements 0.92389
published_at 2026-06-08T12:55:00Z
3
value 0.08275
scoring_system epss
scoring_elements 0.92394
published_at 2026-06-06T12:55:00Z
4
value 0.08275
scoring_system epss
scoring_elements 0.92406
published_at 2026-06-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-4793
1
reference_url https://bakery.cakephp.org/2016/03/13/cakephp_2613_2711_282_3017_3112_325_released.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://bakery.cakephp.org/2016/03/13/cakephp_2613_2711_282_3017_3112_325_released.html
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4793
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4793
3
reference_url https://github.com/cakephp/cakephp
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/cakephp/cakephp
4
reference_url https://github.com/cakephp/cakephp/commit/908754649f70bab2b1093942e17c9a46a2fcf6c2
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/cakephp/cakephp/commit/908754649f70bab2b1093942e17c9a46a2fcf6c2
5
reference_url https://support.citrix.com/article/CTX236992
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://support.citrix.com/article/CTX236992
6
reference_url https://www.exploit-db.com/exploits/39813
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.exploit-db.com/exploits/39813
7
reference_url https://www.exploit-db.com/exploits/39813/
reference_id
reference_type
scores
url https://www.exploit-db.com/exploits/39813/
8
reference_url http://www.securityfocus.com/bid/95846
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.securityfocus.com/bid/95846
9
reference_url http://legalhackers.com/advisories/CakePHP-IP-Spoofing-Vulnerability.txt
reference_id CVE-2016-4793
reference_type exploit
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://legalhackers.com/advisories/CakePHP-IP-Spoofing-Vulnerability.txt
10
reference_url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/webapps/39813.txt
reference_id CVE-2016-4793
reference_type exploit
scores
url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/webapps/39813.txt
11
reference_url https://nvd.nist.gov/vuln/detail/CVE-2016-4793
reference_id CVE-2016-4793
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2016-4793
12
reference_url https://github.com/advisories/GHSA-j8p3-8m69-2hqq
reference_id GHSA-j8p3-8m69-2hqq
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-j8p3-8m69-2hqq
fixed_packages
0
url pkg:composer/cakephp/cakephp@2.6.13
purl pkg:composer/cakephp/cakephp@2.6.13
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-84hg-51gr-2qhx
1
vulnerability VCID-cp8q-ar71-mqdf
2
vulnerability VCID-f8wn-raej-7qg4
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/cakephp/cakephp@2.6.13
1
url pkg:composer/cakephp/cakephp@2.7.11
purl pkg:composer/cakephp/cakephp@2.7.11
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-84hg-51gr-2qhx
1
vulnerability VCID-cp8q-ar71-mqdf
2
vulnerability VCID-f8wn-raej-7qg4
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/cakephp/cakephp@2.7.11
2
url pkg:composer/cakephp/cakephp@2.8.2
purl pkg:composer/cakephp/cakephp@2.8.2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-84hg-51gr-2qhx
1
vulnerability VCID-cp8q-ar71-mqdf
2
vulnerability VCID-f8wn-raej-7qg4
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/cakephp/cakephp@2.8.2
3
url pkg:composer/cakephp/cakephp@3.0.17
purl pkg:composer/cakephp/cakephp@3.0.17
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-84hg-51gr-2qhx
1
vulnerability VCID-cp8q-ar71-mqdf
2
vulnerability VCID-dha1-eyc9-7qff
3
vulnerability VCID-f8wn-raej-7qg4
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/cakephp/cakephp@3.0.17
4
url pkg:composer/cakephp/cakephp@3.1.12
purl pkg:composer/cakephp/cakephp@3.1.12
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-cp8q-ar71-mqdf
1
vulnerability VCID-dha1-eyc9-7qff
2
vulnerability VCID-f8wn-raej-7qg4
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/cakephp/cakephp@3.1.12
5
url pkg:composer/cakephp/cakephp@3.2.5
purl pkg:composer/cakephp/cakephp@3.2.5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-cp8q-ar71-mqdf
1
vulnerability VCID-dha1-eyc9-7qff
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/cakephp/cakephp@3.2.5
aliases CVE-2016-4793, GHSA-j8p3-8m69-2hqq
risk_score 10.0
exploitability 2.0
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-f8wn-raej-7qg4
5
url VCID-qun9-tgkq-d7an
vulnerability_id VCID-qun9-tgkq-d7an
summary 
CakePHP allows direct access of prefixed controller actions
Unconventional URL paths would allow direct access to prefixed actions without setting the correct request parameters.
references
0
reference_url https://bakery.cakephp.org/2015/08/06/cakephp_2_5_9_2_6_10_2_7_2_released.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://bakery.cakephp.org/2015/08/06/cakephp_2_5_9_2_6_10_2_7_2_released.html
1
reference_url https://github.com/cakephp/cakephp
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/cakephp/cakephp
2
reference_url https://github.com/cakephp/cakephp/commit/056f24a77428ad35e23cab6840a72b7c25c4ccc0
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/cakephp/cakephp/commit/056f24a77428ad35e23cab6840a72b7c25c4ccc0
3
reference_url https://github.com/cakephp/cakephp/releases/tag/2.5.9
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/cakephp/cakephp/releases/tag/2.5.9
4
reference_url https://github.com/cakephp/cakephp/releases/tag/2.6.11
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/cakephp/cakephp/releases/tag/2.6.11
5
reference_url https://github.com/cakephp/cakephp/releases/tag/2.7.2
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/cakephp/cakephp/releases/tag/2.7.2
6
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/cakephp/cakephp/2015-08-06.yaml
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/cakephp/cakephp/2015-08-06.yaml
7
reference_url https://github.com/advisories/GHSA-6hg4-vp5q-47mw
reference_id GHSA-6hg4-vp5q-47mw
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-6hg4-vp5q-47mw
fixed_packages
0
url pkg:composer/cakephp/cakephp@2.6.11
purl pkg:composer/cakephp/cakephp@2.6.11
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-84hg-51gr-2qhx
1
vulnerability VCID-cp8q-ar71-mqdf
2
vulnerability VCID-cz9h-hf83-eycy
3
vulnerability VCID-f8wn-raej-7qg4
4
vulnerability VCID-s536-vx42-xbhk
5
vulnerability VCID-zbjb-pafr-uudq
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/cakephp/cakephp@2.6.11
1
url pkg:composer/cakephp/cakephp@2.7.2
purl pkg:composer/cakephp/cakephp@2.7.2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-84hg-51gr-2qhx
1
vulnerability VCID-cp8q-ar71-mqdf
2
vulnerability VCID-cz9h-hf83-eycy
3
vulnerability VCID-f8wn-raej-7qg4
4
vulnerability VCID-s536-vx42-xbhk
5
vulnerability VCID-zbjb-pafr-uudq
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/cakephp/cakephp@2.7.2
aliases GHSA-6hg4-vp5q-47mw, GMS-2023-67
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-qun9-tgkq-d7an
6
url VCID-qzjr-cpgd-uba7
vulnerability_id VCID-qzjr-cpgd-uba7
summary 
Potential direct access to prefixed actions
Unconventional URL paths would allow direct access to prefixed actions without setting the correct request parameters. If your authorization depends on the presence of the prefix routing key you should upgrade as soon as possible.
references
0
reference_url http://bakery.cakephp.org/2015/08/06/cakephp_2_5_9_2_6_10_2_7_2_released.html
reference_id
reference_type
scores
url http://bakery.cakephp.org/2015/08/06/cakephp_2_5_9_2_6_10_2_7_2_released.html
fixed_packages
0
url pkg:composer/cakephp/cakephp@2.6.11
purl pkg:composer/cakephp/cakephp@2.6.11
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-84hg-51gr-2qhx
1
vulnerability VCID-cp8q-ar71-mqdf
2
vulnerability VCID-cz9h-hf83-eycy
3
vulnerability VCID-f8wn-raej-7qg4
4
vulnerability VCID-s536-vx42-xbhk
5
vulnerability VCID-zbjb-pafr-uudq
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/cakephp/cakephp@2.6.11
1
url pkg:composer/cakephp/cakephp@2.7.0-RC
purl pkg:composer/cakephp/cakephp@2.7.0-RC
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-84hg-51gr-2qhx
1
vulnerability VCID-cp8q-ar71-mqdf
2
vulnerability VCID-f8wn-raej-7qg4
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/cakephp/cakephp@2.7.0-RC
2
url pkg:composer/cakephp/cakephp@2.7.2
purl pkg:composer/cakephp/cakephp@2.7.2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-84hg-51gr-2qhx
1
vulnerability VCID-cp8q-ar71-mqdf
2
vulnerability VCID-cz9h-hf83-eycy
3
vulnerability VCID-f8wn-raej-7qg4
4
vulnerability VCID-s536-vx42-xbhk
5
vulnerability VCID-zbjb-pafr-uudq
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/cakephp/cakephp@2.7.2
3
url pkg:composer/cakephp/cakephp@3.0.0-RC1
purl pkg:composer/cakephp/cakephp@3.0.0-RC1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-84hg-51gr-2qhx
1
vulnerability VCID-cp8q-ar71-mqdf
2
vulnerability VCID-f8wn-raej-7qg4
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/cakephp/cakephp@3.0.0-RC1
aliases GMS-2015-17
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-qzjr-cpgd-uba7
7
url VCID-s536-vx42-xbhk
vulnerability_id VCID-s536-vx42-xbhk
summary 
PHP Remote File Inclusion
Remote File Inclusion through View template name manipulation.
references
0
reference_url https://bakery.cakephp.org/2015/11/05/cakephp_3015_314_2612_276_released.html
reference_id
reference_type
scores
url https://bakery.cakephp.org/2015/11/05/cakephp_3015_314_2612_276_released.html
fixed_packages
0
url pkg:composer/cakephp/cakephp@2.6.12
purl pkg:composer/cakephp/cakephp@2.6.12
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-84hg-51gr-2qhx
1
vulnerability VCID-cp8q-ar71-mqdf
2
vulnerability VCID-f8wn-raej-7qg4
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/cakephp/cakephp@2.6.12
1
url pkg:composer/cakephp/cakephp@2.7.0-RC
purl pkg:composer/cakephp/cakephp@2.7.0-RC
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-84hg-51gr-2qhx
1
vulnerability VCID-cp8q-ar71-mqdf
2
vulnerability VCID-f8wn-raej-7qg4
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/cakephp/cakephp@2.7.0-RC
2
url pkg:composer/cakephp/cakephp@2.7.6
purl pkg:composer/cakephp/cakephp@2.7.6
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-84hg-51gr-2qhx
1
vulnerability VCID-cp8q-ar71-mqdf
2
vulnerability VCID-f8wn-raej-7qg4
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/cakephp/cakephp@2.7.6
3
url pkg:composer/cakephp/cakephp@3.0.0-RC1
purl pkg:composer/cakephp/cakephp@3.0.0-RC1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-84hg-51gr-2qhx
1
vulnerability VCID-cp8q-ar71-mqdf
2
vulnerability VCID-f8wn-raej-7qg4
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/cakephp/cakephp@3.0.0-RC1
4
url pkg:composer/cakephp/cakephp@3.0.15
purl pkg:composer/cakephp/cakephp@3.0.15
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-84hg-51gr-2qhx
1
vulnerability VCID-cp8q-ar71-mqdf
2
vulnerability VCID-dha1-eyc9-7qff
3
vulnerability VCID-f8wn-raej-7qg4
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/cakephp/cakephp@3.0.15
5
url pkg:composer/cakephp/cakephp@3.1.0-RC1
purl pkg:composer/cakephp/cakephp@3.1.0-RC1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-84hg-51gr-2qhx
1
vulnerability VCID-cp8q-ar71-mqdf
2
vulnerability VCID-dha1-eyc9-7qff
3
vulnerability VCID-f8wn-raej-7qg4
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/cakephp/cakephp@3.1.0-RC1
6
url pkg:composer/cakephp/cakephp@3.1.4
purl pkg:composer/cakephp/cakephp@3.1.4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-84hg-51gr-2qhx
1
vulnerability VCID-cp8q-ar71-mqdf
2
vulnerability VCID-dha1-eyc9-7qff
3
vulnerability VCID-f8wn-raej-7qg4
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/cakephp/cakephp@3.1.4
aliases GMS-2015-64
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-s536-vx42-xbhk
8
url VCID-wyxz-rb2r-zfck
vulnerability_id VCID-wyxz-rb2r-zfck
summary 
Unreliable data validation
There's a flow in Validation::compare() and Validation::range() that makes possible to pass validation criteria using crafted data.
references
0
reference_url http://bakery.cakephp.org/2015/08/06/cakephp_2_5_9_2_6_10_2_7_2_released.html
reference_id
reference_type
scores
url http://bakery.cakephp.org/2015/08/06/cakephp_2_5_9_2_6_10_2_7_2_released.html
fixed_packages
0
url pkg:composer/cakephp/cakephp@2.6.11
purl pkg:composer/cakephp/cakephp@2.6.11
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-84hg-51gr-2qhx
1
vulnerability VCID-cp8q-ar71-mqdf
2
vulnerability VCID-cz9h-hf83-eycy
3
vulnerability VCID-f8wn-raej-7qg4
4
vulnerability VCID-s536-vx42-xbhk
5
vulnerability VCID-zbjb-pafr-uudq
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/cakephp/cakephp@2.6.11
1
url pkg:composer/cakephp/cakephp@2.7.0-RC
purl pkg:composer/cakephp/cakephp@2.7.0-RC
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-84hg-51gr-2qhx
1
vulnerability VCID-cp8q-ar71-mqdf
2
vulnerability VCID-f8wn-raej-7qg4
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/cakephp/cakephp@2.7.0-RC
2
url pkg:composer/cakephp/cakephp@2.7.2
purl pkg:composer/cakephp/cakephp@2.7.2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-84hg-51gr-2qhx
1
vulnerability VCID-cp8q-ar71-mqdf
2
vulnerability VCID-cz9h-hf83-eycy
3
vulnerability VCID-f8wn-raej-7qg4
4
vulnerability VCID-s536-vx42-xbhk
5
vulnerability VCID-zbjb-pafr-uudq
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/cakephp/cakephp@2.7.2
3
url pkg:composer/cakephp/cakephp@3.0.0-RC1
purl pkg:composer/cakephp/cakephp@3.0.0-RC1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-84hg-51gr-2qhx
1
vulnerability VCID-cp8q-ar71-mqdf
2
vulnerability VCID-f8wn-raej-7qg4
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/cakephp/cakephp@3.0.0-RC1
aliases GMS-2015-18
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-wyxz-rb2r-zfck
9
url VCID-yps8-ffx6-3fay
vulnerability_id VCID-yps8-ffx6-3fay
summary 
Uncontrolled Resource Consumption
Denial of Service attack through XML payloads
references
0
reference_url https://bakery.cakephp.org/2015/05/28/cakephp_2_6_6_and_3_0_6_released.html
reference_id
reference_type
scores
url https://bakery.cakephp.org/2015/05/28/cakephp_2_6_6_and_3_0_6_released.html
fixed_packages
0
url pkg:composer/cakephp/cakephp@2.6.6
purl pkg:composer/cakephp/cakephp@2.6.6
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-84hg-51gr-2qhx
1
vulnerability VCID-cp8q-ar71-mqdf
2
vulnerability VCID-cz9h-hf83-eycy
3
vulnerability VCID-f8wn-raej-7qg4
4
vulnerability VCID-qun9-tgkq-d7an
5
vulnerability VCID-qzjr-cpgd-uba7
6
vulnerability VCID-s536-vx42-xbhk
7
vulnerability VCID-wyxz-rb2r-zfck
8
vulnerability VCID-zbjb-pafr-uudq
9
vulnerability VCID-zfgg-dd4t-zyhq
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/cakephp/cakephp@2.6.6
1
url pkg:composer/cakephp/cakephp@3.0.0-RC1
purl pkg:composer/cakephp/cakephp@3.0.0-RC1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-84hg-51gr-2qhx
1
vulnerability VCID-cp8q-ar71-mqdf
2
vulnerability VCID-f8wn-raej-7qg4
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/cakephp/cakephp@3.0.0-RC1
2
url pkg:composer/cakephp/cakephp@3.0.6
purl pkg:composer/cakephp/cakephp@3.0.6
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-84hg-51gr-2qhx
1
vulnerability VCID-cp8q-ar71-mqdf
2
vulnerability VCID-cz9h-hf83-eycy
3
vulnerability VCID-dha1-eyc9-7qff
4
vulnerability VCID-f8wn-raej-7qg4
5
vulnerability VCID-s536-vx42-xbhk
6
vulnerability VCID-zbjb-pafr-uudq
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/cakephp/cakephp@3.0.6
aliases GMS-2015-62
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-yps8-ffx6-3fay
10
url VCID-zbjb-pafr-uudq
vulnerability_id VCID-zbjb-pafr-uudq
summary Unsafe view template filenames result in a Remote File Inclusion vulnerability.
references
0
reference_url http://bakery.cakephp.org/2015/11/05/cakephp_3015_314_2612_276_released.html
reference_id
reference_type
scores
url http://bakery.cakephp.org/2015/11/05/cakephp_3015_314_2612_276_released.html
fixed_packages
0
url pkg:composer/cakephp/cakephp@2.6.12
purl pkg:composer/cakephp/cakephp@2.6.12
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-84hg-51gr-2qhx
1
vulnerability VCID-cp8q-ar71-mqdf
2
vulnerability VCID-f8wn-raej-7qg4
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/cakephp/cakephp@2.6.12
1
url pkg:composer/cakephp/cakephp@2.7.0-RC
purl pkg:composer/cakephp/cakephp@2.7.0-RC
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-84hg-51gr-2qhx
1
vulnerability VCID-cp8q-ar71-mqdf
2
vulnerability VCID-f8wn-raej-7qg4
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/cakephp/cakephp@2.7.0-RC
2
url pkg:composer/cakephp/cakephp@2.7.6
purl pkg:composer/cakephp/cakephp@2.7.6
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-84hg-51gr-2qhx
1
vulnerability VCID-cp8q-ar71-mqdf
2
vulnerability VCID-f8wn-raej-7qg4
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/cakephp/cakephp@2.7.6
3
url pkg:composer/cakephp/cakephp@3.0.0-RC1
purl pkg:composer/cakephp/cakephp@3.0.0-RC1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-84hg-51gr-2qhx
1
vulnerability VCID-cp8q-ar71-mqdf
2
vulnerability VCID-f8wn-raej-7qg4
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/cakephp/cakephp@3.0.0-RC1
4
url pkg:composer/cakephp/cakephp@3.0.15
purl pkg:composer/cakephp/cakephp@3.0.15
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-84hg-51gr-2qhx
1
vulnerability VCID-cp8q-ar71-mqdf
2
vulnerability VCID-dha1-eyc9-7qff
3
vulnerability VCID-f8wn-raej-7qg4
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/cakephp/cakephp@3.0.15
5
url pkg:composer/cakephp/cakephp@3.1.0-RC1
purl pkg:composer/cakephp/cakephp@3.1.0-RC1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-84hg-51gr-2qhx
1
vulnerability VCID-cp8q-ar71-mqdf
2
vulnerability VCID-dha1-eyc9-7qff
3
vulnerability VCID-f8wn-raej-7qg4
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/cakephp/cakephp@3.1.0-RC1
6
url pkg:composer/cakephp/cakephp@3.1.4
purl pkg:composer/cakephp/cakephp@3.1.4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-84hg-51gr-2qhx
1
vulnerability VCID-cp8q-ar71-mqdf
2
vulnerability VCID-dha1-eyc9-7qff
3
vulnerability VCID-f8wn-raej-7qg4
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/cakephp/cakephp@3.1.4
aliases GMS-2015-41
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-zbjb-pafr-uudq
11
url VCID-zfgg-dd4t-zyhq
vulnerability_id VCID-zfgg-dd4t-zyhq
summary 
Direct access of prefixed controller actions
Unconventional URL paths would allow direct access to prefixed actions without setting the correct request parameters. If your authorization depends on the presence of the prefix routing key you should upgrade as soon as possible.
references
0
reference_url https://bakery.cakephp.org/2015/08/06/cakephp_2_5_9_2_6_10_2_7_2_released.html
reference_id
reference_type
scores
url https://bakery.cakephp.org/2015/08/06/cakephp_2_5_9_2_6_10_2_7_2_released.html
fixed_packages
0
url pkg:composer/cakephp/cakephp@2.6.11
purl pkg:composer/cakephp/cakephp@2.6.11
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-84hg-51gr-2qhx
1
vulnerability VCID-cp8q-ar71-mqdf
2
vulnerability VCID-cz9h-hf83-eycy
3
vulnerability VCID-f8wn-raej-7qg4
4
vulnerability VCID-s536-vx42-xbhk
5
vulnerability VCID-zbjb-pafr-uudq
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/cakephp/cakephp@2.6.11
1
url pkg:composer/cakephp/cakephp@2.7.0-RC
purl pkg:composer/cakephp/cakephp@2.7.0-RC
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-84hg-51gr-2qhx
1
vulnerability VCID-cp8q-ar71-mqdf
2
vulnerability VCID-f8wn-raej-7qg4
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/cakephp/cakephp@2.7.0-RC
2
url pkg:composer/cakephp/cakephp@2.7.2
purl pkg:composer/cakephp/cakephp@2.7.2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-84hg-51gr-2qhx
1
vulnerability VCID-cp8q-ar71-mqdf
2
vulnerability VCID-cz9h-hf83-eycy
3
vulnerability VCID-f8wn-raej-7qg4
4
vulnerability VCID-s536-vx42-xbhk
5
vulnerability VCID-zbjb-pafr-uudq
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/cakephp/cakephp@2.7.2
3
url pkg:composer/cakephp/cakephp@3.0.0-RC1
purl pkg:composer/cakephp/cakephp@3.0.0-RC1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-84hg-51gr-2qhx
1
vulnerability VCID-cp8q-ar71-mqdf
2
vulnerability VCID-f8wn-raej-7qg4
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/cakephp/cakephp@3.0.0-RC1
aliases GMS-2015-63
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-zfgg-dd4t-zyhq
Fixing_vulnerabilities
Risk_score10.0
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:composer/cakephp/cakephp@2.6.3