Django REST framework

Lookup for vulnerable packages by Package URL.

Purl pkg:composer/contao/core@3.3.7

Type composer

Namespace contao

Name core

Version 3.3.7

Qualifiers

Subpath

Is_vulnerable true

Next_non_vulnerable_version null

Latest_non_vulnerable_version null

Affected_by_vulnerabilities

url

VCID-n85r-h4ck-8yb4

vulnerability_id

VCID-n85r-h4ck-8yb4

summary

references

reference_url	http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-16558
reference_id
reference_type
scores
url	http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-16558

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2017-16558

reference_id

reference_type

scores

value	0.00288
scoring_system	epss
scoring_elements	0.52587
published_at	2026-06-11T12:55:00Z

value	0.00288
scoring_system	epss
scoring_elements	0.52715
published_at	2026-06-12T12:55:00Z

value	0.00288
scoring_system	epss
scoring_elements	0.5273
published_at	2026-06-13T12:55:00Z

value	0.00288
scoring_system	epss
scoring_elements	0.52712
published_at	2026-06-14T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2017-16558

reference_url

https://contao.org/de/changelog/versions/4.4.html

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://contao.org/de/changelog/versions/4.4.html

reference_url

https://contao.org/en/news/contao-4_4_8.html

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://contao.org/en/news/contao-4_4_8.html

reference_url

https://github.com/contao/contao/blob/4.4.57/CHANGELOG.md#448-2017-11-15

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://github.com/contao/contao/blob/4.4.57/CHANGELOG.md#448-2017-11-15

reference_url

https://github.com/contao/contao/commit/501cb3cd34d61089b94e7ed78da53977bc71fc3e

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://github.com/contao/contao/commit/501cb3cd34d61089b94e7ed78da53977bc71fc3e

reference_url

https://github.com/contao/contao/commit/6b4a2711edf166c85cfd7a53fed6aea56d4f0544

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://github.com/contao/contao/commit/6b4a2711edf166c85cfd7a53fed6aea56d4f0544

reference_url	https://github.com/contao/core-bundle/commit/92598f97b513e0b831dbfd68d471c44c79c425a4
reference_id
reference_type
scores
url	https://github.com/contao/core-bundle/commit/92598f97b513e0b831dbfd68d471c44c79c425a4

reference_url

https://github.com/FriendsOfPHP/security-advisories/blob/master/contao/contao/CVE-2017-16558.yaml

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://github.com/FriendsOfPHP/security-advisories/blob/master/contao/contao/CVE-2017-16558.yaml

reference_url

https://github.com/FriendsOfPHP/security-advisories/blob/master/contao/core-bundle/CVE-2017-16558.yaml

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://github.com/FriendsOfPHP/security-advisories/blob/master/contao/core-bundle/CVE-2017-16558.yaml

reference_url

https://github.com/FriendsOfPHP/security-advisories/blob/master/contao/listing-bundle/CVE-2017-16558.yaml

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://github.com/FriendsOfPHP/security-advisories/blob/master/contao/listing-bundle/CVE-2017-16558.yaml

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2017-16558

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2017-16558

reference_url

https://github.com/advisories/GHSA-w38g-hj45-mjjp

reference_id

GHSA-w38g-hj45-mjjp

reference_type

scores

value	CRITICAL
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-w38g-hj45-mjjp

fixed_packages

aliases

CVE-2017-16558, GHSA-w38g-hj45-mjjp

risk_score

4.5

exploitability

0.5

weighted_severity

9.0

resource_url

http://public2.vulnerablecode.io/vulnerabilities/VCID-n85r-h4ck-8yb4

url VCID-y4v8-uegv-t3fm

vulnerability_id VCID-y4v8-uegv-t3fm

summary

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2019-10641

reference_id

reference_type

scores

value	0.00266
scoring_system	epss
scoring_elements	0.50397
published_at	2026-06-11T12:55:00Z

value	0.00266
scoring_system	epss
scoring_elements	0.50529
published_at	2026-06-12T12:55:00Z

value	0.00266
scoring_system	epss
scoring_elements	0.50547
published_at	2026-06-13T12:55:00Z

value	0.00266
scoring_system	epss
scoring_elements	0.50535
published_at	2026-06-14T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2019-10641

reference_url

https://contao.org/en/news/security-vulnerability-cve-2019-10641.html

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://contao.org/en/news/security-vulnerability-cve-2019-10641.html

reference_url

https://github.com/contao/contao/commit/74c7dfafa0dfa5363a9463b486522d5d526e28fe

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://github.com/contao/contao/commit/74c7dfafa0dfa5363a9463b486522d5d526e28fe

reference_url

https://github.com/contao/contao/commit/b92e27bc7c9e59226077937f840c74ffd0f672e8

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://github.com/contao/contao/commit/b92e27bc7c9e59226077937f840c74ffd0f672e8

reference_url

https://github.com/contao/core/commit/119a1b5bd9e62d27ca2838727084d04f3b7fcd32

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://github.com/contao/core/commit/119a1b5bd9e62d27ca2838727084d04f3b7fcd32

reference_url

https://github.com/FriendsOfPHP/security-advisories/blob/master/contao/contao/CVE-2019-10641.yaml

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://github.com/FriendsOfPHP/security-advisories/blob/master/contao/contao/CVE-2019-10641.yaml

reference_url

https://github.com/FriendsOfPHP/security-advisories/blob/master/contao/core-bundle/CVE-2019-10641.yaml

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://github.com/FriendsOfPHP/security-advisories/blob/master/contao/core-bundle/CVE-2019-10641.yaml

reference_url

https://github.com/FriendsOfPHP/security-advisories/blob/master/contao/core/CVE-2019-10641.yaml

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://github.com/FriendsOfPHP/security-advisories/blob/master/contao/core/CVE-2019-10641.yaml

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2019-10641

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2019-10641

reference_url

https://github.com/advisories/GHSA-vcgg-hp4r-87gx

reference_id

GHSA-vcgg-hp4r-87gx

reference_type

scores

value	CRITICAL
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-vcgg-hp4r-87gx

fixed_packages

url pkg:composer/contao/core@3.5.39

purl pkg:composer/contao/core@3.5.39

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-n85r-h4ck-8yb4

resource_url http://public2.vulnerablecode.io/packages/pkg:composer/contao/core@3.5.39

aliases CVE-2019-10641, GHSA-vcgg-hp4r-87gx

risk_score 4.5

exploitability 0.5

weighted_severity 9.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-y4v8-uegv-t3fm

Fixing_vulnerabilities

Risk_score 4.5

Resource_url http://public2.vulnerablecode.io/packages/pkg:composer/contao/core@3.3.7

Package Instance