Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:composer/contao/contao@4.6.12
Typecomposer
Namespacecontao
Namecontao
Version4.6.12
Qualifiers
Subpath
Is_vulnerabletrue
Next_non_vulnerable_version4.13.56
Latest_non_vulnerable_version5.6.1
Affected_by_vulnerabilities
0
url VCID-3ryj-767z-87bq
vulnerability_id VCID-3ryj-767z-87bq
summary
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-37626
reference_id
reference_type
scores
0
value 0.00492
scoring_system epss
scoring_elements 0.66109
published_at 2026-06-11T12:55:00Z
1
value 0.00492
scoring_system epss
scoring_elements 0.66202
published_at 2026-06-12T12:55:00Z
2
value 0.00492
scoring_system epss
scoring_elements 0.66217
published_at 2026-06-13T12:55:00Z
3
value 0.00492
scoring_system epss
scoring_elements 0.66213
published_at 2026-06-14T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-37626
1
reference_url https://contao.org/en/security-advisories/php-file-inclusion-via-insert-tags.html
reference_id
reference_type
scores
0
value 6.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:L
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://contao.org/en/security-advisories/php-file-inclusion-via-insert-tags.html
2
reference_url https://github.com/contao/contao
reference_id
reference_type
scores
0
value 6.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:L
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/contao/contao
3
reference_url https://github.com/contao/contao/security/advisories/GHSA-r6mv-ppjc-4hgr
reference_id
reference_type
scores
0
value 6.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:L
1
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/contao/contao/security/advisories/GHSA-r6mv-ppjc-4hgr
4
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/contao/contao/CVE-2021-37626.yaml
reference_id
reference_type
scores
0
value 6.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:L
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/contao/contao/CVE-2021-37626.yaml
5
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/contao/core-bundle/CVE-2021-37626.yaml
reference_id
reference_type
scores
0
value 6.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:L
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/contao/core-bundle/CVE-2021-37626.yaml
6
reference_url https://nvd.nist.gov/vuln/detail/CVE-2021-37626
reference_id
reference_type
scores
0
value 6.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:L
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2021-37626
7
reference_url https://github.com/advisories/GHSA-r6mv-ppjc-4hgr
reference_id GHSA-r6mv-ppjc-4hgr
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-r6mv-ppjc-4hgr
fixed_packages
0
url pkg:composer/contao/contao@4.9.18
purl pkg:composer/contao/contao@4.9.18
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-9fgc-p6aq-vygh
1
vulnerability VCID-arpe-7th1-kuep
2
vulnerability VCID-bzd7-n1ak-mug7
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/contao/contao@4.9.18
1
url pkg:composer/contao/contao@4.11.7
purl pkg:composer/contao/contao@4.11.7
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-9fgc-p6aq-vygh
1
vulnerability VCID-arpe-7th1-kuep
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/contao/contao@4.11.7
aliases CVE-2021-37626, GHSA-r6mv-ppjc-4hgr
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-3ryj-767z-87bq
1
url VCID-48eq-peme-jyh7
vulnerability_id VCID-48eq-peme-jyh7
summary Contao Insert tag injection in forms
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-25768
reference_id
reference_type
scores
0
value 0.0031
scoring_system epss
scoring_elements 0.54732
published_at 2026-06-13T12:55:00Z
1
value 0.0031
scoring_system epss
scoring_elements 0.54591
published_at 2026-06-11T12:55:00Z
2
value 0.0031
scoring_system epss
scoring_elements 0.54716
published_at 2026-06-14T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-25768
1
reference_url https://community.contao.org/en/forumdisplay.php?4-Announcements
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://community.contao.org/en/forumdisplay.php?4-Announcements
2
reference_url https://contao.org/en/security-advisories/insert-tag-injection-in-forms.html
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://contao.org/en/security-advisories/insert-tag-injection-in-forms.html
3
reference_url https://github.com/contao/contao
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/contao/contao
4
reference_url https://nvd.nist.gov/vuln/detail/CVE-2020-25768
reference_id CVE-2020-25768
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2020-25768
5
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/contao/contao/CVE-2020-25768.yaml
reference_id CVE-2020-25768.YAML
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/contao/contao/CVE-2020-25768.yaml
6
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/contao/core-bundle/CVE-2020-25768.yaml
reference_id CVE-2020-25768.YAML
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/contao/core-bundle/CVE-2020-25768.yaml
7
reference_url https://github.com/advisories/GHSA-f7wm-x4gw-6m23
reference_id GHSA-f7wm-x4gw-6m23
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-f7wm-x4gw-6m23
8
reference_url https://github.com/contao/contao/security/advisories/GHSA-f7wm-x4gw-6m23
reference_id GHSA-f7wm-x4gw-6m23
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
1
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/contao/contao/security/advisories/GHSA-f7wm-x4gw-6m23
fixed_packages
0
url pkg:composer/contao/contao@4.9.6
purl pkg:composer/contao/contao@4.9.6
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3ryj-767z-87bq
1
vulnerability VCID-apv4-1x4w-kkcg
2
vulnerability VCID-arpe-7th1-kuep
3
vulnerability VCID-baa6-3fxe-4udp
4
vulnerability VCID-bzd7-n1ak-mug7
5
vulnerability VCID-tsys-ek4k-z7aw
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/contao/contao@4.9.6
1
url pkg:composer/contao/contao@4.10.0-RC1
purl pkg:composer/contao/contao@4.10.0-RC1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-9fgc-p6aq-vygh
1
vulnerability VCID-arpe-7th1-kuep
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/contao/contao@4.10.0-RC1
2
url pkg:composer/contao/contao@4.10.1
purl pkg:composer/contao/contao@4.10.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3ryj-767z-87bq
1
vulnerability VCID-9fgc-p6aq-vygh
2
vulnerability VCID-apv4-1x4w-kkcg
3
vulnerability VCID-arpe-7th1-kuep
4
vulnerability VCID-baa6-3fxe-4udp
5
vulnerability VCID-tsys-ek4k-z7aw
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/contao/contao@4.10.1
aliases CVE-2020-25768, GHSA-f7wm-x4gw-6m23
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-48eq-peme-jyh7
2
url VCID-apv4-1x4w-kkcg
vulnerability_id VCID-apv4-1x4w-kkcg
summary
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-35955
reference_id
reference_type
scores
0
value 0.00364
scoring_system epss
scoring_elements 0.58836
published_at 2026-06-11T12:55:00Z
1
value 0.00364
scoring_system epss
scoring_elements 0.58948
published_at 2026-06-12T12:55:00Z
2
value 0.00364
scoring_system epss
scoring_elements 0.58959
published_at 2026-06-13T12:55:00Z
3
value 0.00364
scoring_system epss
scoring_elements 0.58949
published_at 2026-06-14T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-35955
1
reference_url https://contao.org/en/news/contao-4-9-16-and-4-11-5-are-available.html
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:L
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://contao.org/en/news/contao-4-9-16-and-4-11-5-are-available.html
2
reference_url https://contao.org/en/security-advisories/cross-site-scripting-via-html-attributes-in-the-back-end.html
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:L
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://contao.org/en/security-advisories/cross-site-scripting-via-html-attributes-in-the-back-end.html
3
reference_url https://github.com/contao/contao
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:L
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/contao/contao
4
reference_url https://github.com/contao/contao/security/advisories/GHSA-hr3h-x6gq-rqcp
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:L
1
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/contao/contao/security/advisories/GHSA-hr3h-x6gq-rqcp
5
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/contao/contao/CVE-2021-35955.yaml
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:L
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/contao/contao/CVE-2021-35955.yaml
6
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/contao/core-bundle/CVE-2021-35955.yaml
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:L
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/contao/core-bundle/CVE-2021-35955.yaml
7
reference_url https://nvd.nist.gov/vuln/detail/CVE-2021-35955
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:L
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2021-35955
8
reference_url https://github.com/advisories/GHSA-hr3h-x6gq-rqcp
reference_id GHSA-hr3h-x6gq-rqcp
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-hr3h-x6gq-rqcp
fixed_packages
0
url pkg:composer/contao/contao@4.9.18
purl pkg:composer/contao/contao@4.9.18
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-9fgc-p6aq-vygh
1
vulnerability VCID-arpe-7th1-kuep
2
vulnerability VCID-bzd7-n1ak-mug7
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/contao/contao@4.9.18
1
url pkg:composer/contao/contao@4.11.7
purl pkg:composer/contao/contao@4.11.7
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-9fgc-p6aq-vygh
1
vulnerability VCID-arpe-7th1-kuep
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/contao/contao@4.11.7
aliases CVE-2021-35955, GHSA-hr3h-x6gq-rqcp
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-apv4-1x4w-kkcg
3
url VCID-arpe-7th1-kuep
vulnerability_id VCID-arpe-7th1-kuep
summary Contao before 5.5.6 allows XSS via an SVG document. This affects (in contao/core-bundle in Composer) 4.x before 4.13.54, 5.0.x through 5.3.x before 5.3.30, and 5.4.x and 5.5..x before 5.5.6.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2024-45965
reference_id
reference_type
scores
0
value 0.00343
scoring_system epss
scoring_elements 0.57432
published_at 2026-06-14T12:55:00Z
1
value 0.00343
scoring_system epss
scoring_elements 0.5744
published_at 2026-06-13T12:55:00Z
2
value 0.00343
scoring_system epss
scoring_elements 0.57425
published_at 2026-06-12T12:55:00Z
3
value 0.00343
scoring_system epss
scoring_elements 0.57307
published_at 2026-06-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2024-45965
1
reference_url https://github.com/contao/contao
reference_id
reference_type
scores
0
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N
1
value 1.8
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:A/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N/E:P
2
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/contao/contao
2
reference_url https://grimthereaperteam.medium.com/contao-5-4-1-malicious-file-upload-xss-in-svg-30edb8820ecb
reference_id contao-5-4-1-malicious-file-upload-xss-in-svg-30edb8820ecb
reference_type
scores
0
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N
1
value 6.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N
2
value 1.8
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:A/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N/E:P
3
value LOW
scoring_system generic_textual
scoring_elements
4
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-02T20:29:10Z/
url https://grimthereaperteam.medium.com/contao-5-4-1-malicious-file-upload-xss-in-svg-30edb8820ecb
3
reference_url https://contao.org/en/security-advisories/cross-site-scripting-through-svg-uploads
reference_id cross-site-scripting-through-svg-uploads
reference_type
scores
0
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N
1
value 6.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N
2
value 1.8
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:A/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N/E:P
3
value LOW
scoring_system generic_textual
scoring_elements
4
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-02T20:29:10Z/
url https://contao.org/en/security-advisories/cross-site-scripting-through-svg-uploads
4
reference_url https://nvd.nist.gov/vuln/detail/CVE-2024-45965
reference_id CVE-2024-45965
reference_type
scores
0
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N
1
value 1.8
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:A/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N/E:P
2
value LOW
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2024-45965
5
reference_url https://github.com/advisories/GHSA-mrw8-5368-phm3
reference_id GHSA-mrw8-5368-phm3
reference_type
scores
0
value LOW
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-mrw8-5368-phm3
fixed_packages
0
url pkg:composer/contao/contao@5.4.2
purl pkg:composer/contao/contao@5.4.2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-4s26-ndpg-jkcy
1
vulnerability VCID-9fgc-p6aq-vygh
2
vulnerability VCID-bmg9-saw6-efhd
3
vulnerability VCID-w65y-66s4-qbgy
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/contao/contao@5.4.2
aliases CVE-2024-45965, GHSA-mrw8-5368-phm3
risk_score 2.1
exploitability 0.5
weighted_severity 4.3
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-arpe-7th1-kuep
4
url VCID-baa6-3fxe-4udp
vulnerability_id VCID-baa6-3fxe-4udp
summary
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-37627
reference_id
reference_type
scores
0
value 0.00485
scoring_system epss
scoring_elements 0.65807
published_at 2026-06-11T12:55:00Z
1
value 0.00485
scoring_system epss
scoring_elements 0.65903
published_at 2026-06-12T12:55:00Z
2
value 0.00485
scoring_system epss
scoring_elements 0.65916
published_at 2026-06-13T12:55:00Z
3
value 0.00485
scoring_system epss
scoring_elements 0.65912
published_at 2026-06-14T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-37627
1
reference_url https://contao.org/en/security-advisories/privilege-escalation-with-the-form-generator.html
reference_id
reference_type
scores
0
value 8.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://contao.org/en/security-advisories/privilege-escalation-with-the-form-generator.html
2
reference_url https://github.com/contao/contao
reference_id
reference_type
scores
0
value 8.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/contao/contao
3
reference_url https://github.com/contao/contao/security/advisories/GHSA-hq5m-mqmx-fw6m
reference_id
reference_type
scores
0
value 8.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H
1
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/contao/contao/security/advisories/GHSA-hq5m-mqmx-fw6m
4
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/contao/contao/CVE-2021-37627.yaml
reference_id
reference_type
scores
0
value 8.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/contao/contao/CVE-2021-37627.yaml
5
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/contao/core-bundle/CVE-2021-37627.yaml
reference_id
reference_type
scores
0
value 8.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/contao/core-bundle/CVE-2021-37627.yaml
6
reference_url https://nvd.nist.gov/vuln/detail/CVE-2021-37627
reference_id
reference_type
scores
0
value 8.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2021-37627
7
reference_url https://github.com/advisories/GHSA-hq5m-mqmx-fw6m
reference_id GHSA-hq5m-mqmx-fw6m
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-hq5m-mqmx-fw6m
fixed_packages
0
url pkg:composer/contao/contao@4.9.18
purl pkg:composer/contao/contao@4.9.18
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-9fgc-p6aq-vygh
1
vulnerability VCID-arpe-7th1-kuep
2
vulnerability VCID-bzd7-n1ak-mug7
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/contao/contao@4.9.18
1
url pkg:composer/contao/contao@4.11.7
purl pkg:composer/contao/contao@4.11.7
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-9fgc-p6aq-vygh
1
vulnerability VCID-arpe-7th1-kuep
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/contao/contao@4.11.7
aliases CVE-2021-37627, GHSA-hq5m-mqmx-fw6m
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-baa6-3fxe-4udp
5
url VCID-cyty-bpmd-xyc3
vulnerability_id VCID-cyty-bpmd-xyc3
summary Unrestricted file uploads in Contao
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2019-19745
reference_id
reference_type
scores
0
value 0.00452
scoring_system epss
scoring_elements 0.64287
published_at 2026-06-14T12:55:00Z
1
value 0.00452
scoring_system epss
scoring_elements 0.64174
published_at 2026-06-11T12:55:00Z
2
value 0.00452
scoring_system epss
scoring_elements 0.6429
published_at 2026-06-13T12:55:00Z
3
value 0.00452
scoring_system epss
scoring_elements 0.64277
published_at 2026-06-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2019-19745
1
reference_url https://contao.org/en/news.html
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://contao.org/en/news.html
2
reference_url https://contao.org/en/security-advisories/unrestricted-file-uploads.html
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://contao.org/en/security-advisories/unrestricted-file-uploads.html
3
reference_url https://github.com/contao/contao
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/contao/contao
4
reference_url https://nvd.nist.gov/vuln/detail/CVE-2019-19745
reference_id CVE-2019-19745
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2019-19745
5
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/contao/contao/CVE-2019-19745.yaml
reference_id CVE-2019-19745.YAML
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/contao/contao/CVE-2019-19745.yaml
6
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/contao/core-bundle/CVE-2019-19745.yaml
reference_id CVE-2019-19745.YAML
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/contao/core-bundle/CVE-2019-19745.yaml
7
reference_url https://github.com/advisories/GHSA-wjx8-cgrm-hh8p
reference_id GHSA-wjx8-cgrm-hh8p
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-wjx8-cgrm-hh8p
8
reference_url https://github.com/contao/contao/security/advisories/GHSA-wjx8-cgrm-hh8p
reference_id GHSA-wjx8-cgrm-hh8p
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/contao/contao/security/advisories/GHSA-wjx8-cgrm-hh8p
fixed_packages
0
url pkg:composer/contao/contao@4.8.6
purl pkg:composer/contao/contao@4.8.6
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3ryj-767z-87bq
1
vulnerability VCID-48eq-peme-jyh7
2
vulnerability VCID-apv4-1x4w-kkcg
3
vulnerability VCID-arpe-7th1-kuep
4
vulnerability VCID-baa6-3fxe-4udp
5
vulnerability VCID-tsys-ek4k-z7aw
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/contao/contao@4.8.6
aliases CVE-2019-19745, GHSA-wjx8-cgrm-hh8p
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-cyty-bpmd-xyc3
6
url VCID-dgnu-4z5a-1bf7
vulnerability_id VCID-dgnu-4z5a-1bf7
summary
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2019-11512
reference_id
reference_type
scores
0
value 0.00307
scoring_system epss
scoring_elements 0.54322
published_at 2026-06-11T12:55:00Z
1
value 0.00307
scoring_system epss
scoring_elements 0.54449
published_at 2026-06-12T12:55:00Z
2
value 0.00307
scoring_system epss
scoring_elements 0.54464
published_at 2026-06-13T12:55:00Z
3
value 0.00307
scoring_system epss
scoring_elements 0.5445
published_at 2026-06-14T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2019-11512
1
reference_url https://contao.org/en/news/security-vulnerability-cve-2019-11512.html
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://contao.org/en/news/security-vulnerability-cve-2019-11512.html
2
reference_url https://github.com/contao/contao/commit/87d92f823b08b91a0aeb522284537c8afcdb8aba
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/contao/contao/commit/87d92f823b08b91a0aeb522284537c8afcdb8aba
3
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/contao/contao/CVE-2019-11512.yaml
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/contao/contao/CVE-2019-11512.yaml
4
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/contao/core-bundle/CVE-2019-11512.yaml
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/contao/core-bundle/CVE-2019-11512.yaml
5
reference_url https://nvd.nist.gov/vuln/detail/CVE-2019-11512
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2019-11512
6
reference_url https://github.com/advisories/GHSA-vq59-x6mq-4wgw
reference_id GHSA-vq59-x6mq-4wgw
reference_type
scores
0
value CRITICAL
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-vq59-x6mq-4wgw
fixed_packages
0
url pkg:composer/contao/contao@4.7.5
purl pkg:composer/contao/contao@4.7.5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3ryj-767z-87bq
1
vulnerability VCID-48eq-peme-jyh7
2
vulnerability VCID-apv4-1x4w-kkcg
3
vulnerability VCID-arpe-7th1-kuep
4
vulnerability VCID-baa6-3fxe-4udp
5
vulnerability VCID-cyty-bpmd-xyc3
6
vulnerability VCID-p4zh-cenk-rkff
7
vulnerability VCID-tsys-ek4k-z7aw
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/contao/contao@4.7.5
aliases CVE-2019-11512, GHSA-vq59-x6mq-4wgw
risk_score 4.5
exploitability 0.5
weighted_severity 9.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-dgnu-4z5a-1bf7
7
url VCID-p4zh-cenk-rkff
vulnerability_id VCID-p4zh-cenk-rkff
summary Information disclosure in the Contao backend
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2019-19712
reference_id
reference_type
scores
0
value 0.00133
scoring_system epss
scoring_elements 0.3266
published_at 2026-06-14T12:55:00Z
1
value 0.00133
scoring_system epss
scoring_elements 0.32481
published_at 2026-06-11T12:55:00Z
2
value 0.00133
scoring_system epss
scoring_elements 0.32683
published_at 2026-06-13T12:55:00Z
3
value 0.00133
scoring_system epss
scoring_elements 0.32662
published_at 2026-06-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2019-19712
1
reference_url https://contao.org/en/news.html
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://contao.org/en/news.html
2
reference_url https://contao.org/en/security-advisories/information-disclosure-in-the-back-end.html
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://contao.org/en/security-advisories/information-disclosure-in-the-back-end.html
3
reference_url https://github.com/contao/contao
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/contao/contao
4
reference_url https://nvd.nist.gov/vuln/detail/CVE-2019-19712
reference_id CVE-2019-19712
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2019-19712
5
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/contao/contao/CVE-2019-19712.yaml
reference_id CVE-2019-19712.YAML
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/contao/contao/CVE-2019-19712.yaml
6
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/contao/core-bundle/CVE-2019-19712.yaml
reference_id CVE-2019-19712.YAML
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/contao/core-bundle/CVE-2019-19712.yaml
7
reference_url https://github.com/advisories/GHSA-4mvc-qc5w-v5qr
reference_id GHSA-4mvc-qc5w-v5qr
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-4mvc-qc5w-v5qr
8
reference_url https://github.com/contao/contao/security/advisories/GHSA-4mvc-qc5w-v5qr
reference_id GHSA-4mvc-qc5w-v5qr
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/contao/contao/security/advisories/GHSA-4mvc-qc5w-v5qr
fixed_packages
0
url pkg:composer/contao/contao@4.8.6
purl pkg:composer/contao/contao@4.8.6
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3ryj-767z-87bq
1
vulnerability VCID-48eq-peme-jyh7
2
vulnerability VCID-apv4-1x4w-kkcg
3
vulnerability VCID-arpe-7th1-kuep
4
vulnerability VCID-baa6-3fxe-4udp
5
vulnerability VCID-tsys-ek4k-z7aw
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/contao/contao@4.8.6
aliases CVE-2019-19712, GHSA-4mvc-qc5w-v5qr
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-p4zh-cenk-rkff
8
url VCID-tsys-ek4k-z7aw
vulnerability_id VCID-tsys-ek4k-z7aw
summary
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-35210
reference_id
reference_type
scores
0
value 0.00371
scoring_system epss
scoring_elements 0.5933
published_at 2026-06-11T12:55:00Z
1
value 0.00371
scoring_system epss
scoring_elements 0.5944
published_at 2026-06-12T12:55:00Z
2
value 0.00371
scoring_system epss
scoring_elements 0.59452
published_at 2026-06-13T12:55:00Z
3
value 0.00371
scoring_system epss
scoring_elements 0.59443
published_at 2026-06-14T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-35210
1
reference_url https://contao.org/en/security-advisories/cross-site-scripting-in-the-system-log-2021.html
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://contao.org/en/security-advisories/cross-site-scripting-in-the-system-log-2021.html
2
reference_url https://github.com/contao/contao
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/contao/contao
3
reference_url https://github.com/contao/contao/security/advisories/GHSA-h58v-c6rf-g9f7
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/contao/contao/security/advisories/GHSA-h58v-c6rf-g9f7
4
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/contao/contao/CVE-2021-35210.yaml
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/contao/contao/CVE-2021-35210.yaml
5
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/contao/core-bundle/CVE-2021-35210.yaml
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/contao/core-bundle/CVE-2021-35210.yaml
6
reference_url https://nvd.nist.gov/vuln/detail/CVE-2021-35210
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2021-35210
7
reference_url https://github.com/advisories/GHSA-h58v-c6rf-g9f7
reference_id GHSA-h58v-c6rf-g9f7
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-h58v-c6rf-g9f7
fixed_packages
0
url pkg:composer/contao/contao@4.9.16
purl pkg:composer/contao/contao@4.9.16
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3ryj-767z-87bq
1
vulnerability VCID-9fgc-p6aq-vygh
2
vulnerability VCID-apv4-1x4w-kkcg
3
vulnerability VCID-arpe-7th1-kuep
4
vulnerability VCID-baa6-3fxe-4udp
5
vulnerability VCID-bzd7-n1ak-mug7
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/contao/contao@4.9.16
1
url pkg:composer/contao/contao@4.11.5
purl pkg:composer/contao/contao@4.11.5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3ryj-767z-87bq
1
vulnerability VCID-9fgc-p6aq-vygh
2
vulnerability VCID-apv4-1x4w-kkcg
3
vulnerability VCID-arpe-7th1-kuep
4
vulnerability VCID-baa6-3fxe-4udp
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/contao/contao@4.11.5
aliases CVE-2021-35210, GHSA-h58v-c6rf-g9f7
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-tsys-ek4k-z7aw
9
url VCID-y4v8-uegv-t3fm
vulnerability_id VCID-y4v8-uegv-t3fm
summary
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2019-10641
reference_id
reference_type
scores
0
value 0.00266
scoring_system epss
scoring_elements 0.50397
published_at 2026-06-11T12:55:00Z
1
value 0.00266
scoring_system epss
scoring_elements 0.50529
published_at 2026-06-12T12:55:00Z
2
value 0.00266
scoring_system epss
scoring_elements 0.50547
published_at 2026-06-13T12:55:00Z
3
value 0.00266
scoring_system epss
scoring_elements 0.50535
published_at 2026-06-14T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2019-10641
1
reference_url https://contao.org/en/news/security-vulnerability-cve-2019-10641.html
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://contao.org/en/news/security-vulnerability-cve-2019-10641.html
2
reference_url https://github.com/contao/contao/commit/74c7dfafa0dfa5363a9463b486522d5d526e28fe
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/contao/contao/commit/74c7dfafa0dfa5363a9463b486522d5d526e28fe
3
reference_url https://github.com/contao/contao/commit/b92e27bc7c9e59226077937f840c74ffd0f672e8
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/contao/contao/commit/b92e27bc7c9e59226077937f840c74ffd0f672e8
4
reference_url https://github.com/contao/core/commit/119a1b5bd9e62d27ca2838727084d04f3b7fcd32
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/contao/core/commit/119a1b5bd9e62d27ca2838727084d04f3b7fcd32
5
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/contao/contao/CVE-2019-10641.yaml
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/contao/contao/CVE-2019-10641.yaml
6
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/contao/core-bundle/CVE-2019-10641.yaml
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/contao/core-bundle/CVE-2019-10641.yaml
7
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/contao/core/CVE-2019-10641.yaml
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/contao/core/CVE-2019-10641.yaml
8
reference_url https://nvd.nist.gov/vuln/detail/CVE-2019-10641
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2019-10641
9
reference_url https://github.com/advisories/GHSA-vcgg-hp4r-87gx
reference_id GHSA-vcgg-hp4r-87gx
reference_type
scores
0
value CRITICAL
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-vcgg-hp4r-87gx
fixed_packages
0
url pkg:composer/contao/contao@4.7.3
purl pkg:composer/contao/contao@4.7.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3ryj-767z-87bq
1
vulnerability VCID-48eq-peme-jyh7
2
vulnerability VCID-apv4-1x4w-kkcg
3
vulnerability VCID-arpe-7th1-kuep
4
vulnerability VCID-baa6-3fxe-4udp
5
vulnerability VCID-cyty-bpmd-xyc3
6
vulnerability VCID-dgnu-4z5a-1bf7
7
vulnerability VCID-p4zh-cenk-rkff
8
vulnerability VCID-tsys-ek4k-z7aw
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/contao/contao@4.7.3
aliases CVE-2019-10641, GHSA-vcgg-hp4r-87gx
risk_score 4.5
exploitability 0.5
weighted_severity 9.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-y4v8-uegv-t3fm
Fixing_vulnerabilities
Risk_score4.5
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:composer/contao/contao@4.6.12