Django REST framework

Lookup for vulnerable packages by Package URL.

Purl pkg:composer/topthink/think@5.0-rc1

Type composer

Namespace topthink

Name think

Version 5.0-rc1

Qualifiers

Subpath

Is_vulnerable true

Next_non_vulnerable_version null

Latest_non_vulnerable_version null

Affected_by_vulnerabilities

url

VCID-cq1k-e7p8-5qfy

vulnerability_id

VCID-cq1k-e7p8-5qfy

summary

thinkphp 6.0.0~6.0.13 and 6.1.0~6.1.1 contains a deserialization vulnerability. This vulnerability allows attackers to execute arbitrary code via a crafted payload.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2022-45982

reference_id

reference_type

scores

value	0.04755
scoring_system	epss
scoring_elements	0.89675
published_at	2026-06-11T12:55:00Z

value	0.04755
scoring_system	epss
scoring_elements	0.8971
published_at	2026-06-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2022-45982

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2022-45982

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2022-45982

reference_url

https://gist.github.com/Dar1in9s/aa87df679057db3bbdade360d77f8cca

reference_id

aa87df679057db3bbdade360d77f8cca

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

value	Track*
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-03-25T14:06:45Z/

url

https://gist.github.com/Dar1in9s/aa87df679057db3bbdade360d77f8cca

reference_url

https://github.com/advisories/GHSA-j2h2-g882-x9j2

reference_id

GHSA-j2h2-g882-x9j2

reference_type

scores

value	CRITICAL
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-j2h2-g882-x9j2

fixed_packages

aliases

CVE-2022-45982, GHSA-j2h2-g882-x9j2

risk_score

4.5

exploitability

0.5

weighted_severity

9.0

resource_url

http://public2.vulnerablecode.io/vulnerabilities/VCID-cq1k-e7p8-5qfy

url VCID-z6sn-hq5t-h3dz

vulnerability_id VCID-z6sn-hq5t-h3dz

summary

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2020-17952

reference_id

reference_type

scores

value	0.02228
scoring_system	epss
scoring_elements	0.84883
published_at	2026-06-11T12:55:00Z

value	0.02228
scoring_system	epss
scoring_elements	0.84936
published_at	2026-06-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2020-17952

reference_url

https://github.com/twothink/twothink

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://github.com/twothink/twothink

reference_url

https://github.com/twothink/twothink/issues/1

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://github.com/twothink/twothink/issues/1

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2020-17952

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2020-17952

reference_url

https://github.com/advisories/GHSA-ch3r-vp46-8g22

reference_id

GHSA-ch3r-vp46-8g22

reference_type

scores

value	CRITICAL
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-ch3r-vp46-8g22

fixed_packages

url pkg:composer/topthink/think@6.0.10

purl pkg:composer/topthink/think@6.0.10

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-cq1k-e7p8-5qfy

resource_url http://public2.vulnerablecode.io/packages/pkg:composer/topthink/think@6.0.10

aliases CVE-2020-17952, GHSA-ch3r-vp46-8g22

risk_score 4.5

exploitability 0.5

weighted_severity 9.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-z6sn-hq5t-h3dz

Fixing_vulnerabilities

Risk_score 4.5

Resource_url http://public2.vulnerablecode.io/packages/pkg:composer/topthink/think@5.0-rc1

Package Instance