Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:composer/symfony/security@2.3.35
Typecomposer
Namespacesymfony
Namesecurity
Version2.3.35
Qualifiers
Subpath
Is_vulnerablefalse
Next_non_vulnerable_version2.3.37
Latest_non_vulnerable_version5.3.12
Affected_by_vulnerabilities
Fixing_vulnerabilities
0
url VCID-gjuz-mjah-e3bj
vulnerability_id VCID-gjuz-mjah-e3bj
summary 
Information Exposure Through Timing Discrepancy
Symfony allows remote attackers to have unspecified impact via a timing attack.
references
0
reference_url https://symfony.com/cve-2015-8125
reference_id CVE-2015-8125
reference_type
scores
url https://symfony.com/cve-2015-8125
fixed_packages
0
url pkg:composer/symfony/security@2.3.35
purl pkg:composer/symfony/security@2.3.35
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/symfony/security@2.3.35
1
url pkg:composer/symfony/security@2.6.12
purl pkg:composer/symfony/security@2.6.12
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/symfony/security@2.6.12
2
url pkg:composer/symfony/security@2.7.7
purl pkg:composer/symfony/security@2.7.7
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/symfony/security@2.7.7
aliases CVE-2015-8125
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-gjuz-mjah-e3bj
1
url VCID-ty9b-xe8v-r7ag
vulnerability_id VCID-ty9b-xe8v-r7ag
summary 
Session Fixation
Session fixation vulnerability in the `Remember Me` login feature in Symfony allows remote attackers to hijack web sessions via a session id.
references
0
reference_url https://symfony.com/cve-2015-8124
reference_id CVE-2015-8124
reference_type
scores
url https://symfony.com/cve-2015-8124
fixed_packages
0
url pkg:composer/symfony/security@2.3.35
purl pkg:composer/symfony/security@2.3.35
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/symfony/security@2.3.35
1
url pkg:composer/symfony/security@2.6.12
purl pkg:composer/symfony/security@2.6.12
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/symfony/security@2.6.12
2
url pkg:composer/symfony/security@2.7.7
purl pkg:composer/symfony/security@2.7.7
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/symfony/security@2.7.7
aliases CVE-2015-8124
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ty9b-xe8v-r7ag
Risk_scorenull
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:composer/symfony/security@2.3.35