Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:composer/silverstripe/admin@1.6.0
Typecomposer
Namespacesilverstripe
Nameadmin
Version1.6.0
Qualifiers
Subpath
Is_vulnerabletrue
Next_non_vulnerable_version1.13.19
Latest_non_vulnerable_version2.3.0-rc1
Affected_by_vulnerabilities
0
url VCID-2uwy-4sfn-cucf
vulnerability_id VCID-2uwy-4sfn-cucf
summary Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in silverstripe/admin.
references
0
reference_url https://github.com/silverstripe/silverstripe-admin
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/silverstripe/silverstripe-admin
1
reference_url https://github.com/silverstripe/silverstripe-admin/commit/cafc1c4de58f1553b019dc2f8a62f835cabdbeb2
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/silverstripe/silverstripe-admin/commit/cafc1c4de58f1553b019dc2f8a62f835cabdbeb2
2
reference_url https://github.com/advisories/GHSA-4q66-g4mm-8rg5
reference_id GHSA-4q66-g4mm-8rg5
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-4q66-g4mm-8rg5
3
reference_url https://github.com/silverstripe/silverstripe-admin/security/advisories/GHSA-4q66-g4mm-8rg5
reference_id GHSA-4q66-g4mm-8rg5
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N
1
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/silverstripe/silverstripe-admin/security/advisories/GHSA-4q66-g4mm-8rg5
4
reference_url https://github.com/advisories/GHSA-5h9g-x5rv-25wg
reference_id GHSA-5h9g-x5rv-25wg
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/advisories/GHSA-5h9g-x5rv-25wg
5
reference_url https://github.com/advisories/GHSA-w7jx-j77m-wp65
reference_id GHSA-w7jx-j77m-wp65
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/advisories/GHSA-w7jx-j77m-wp65
fixed_packages
0
url pkg:composer/silverstripe/admin@1.13.6
purl pkg:composer/silverstripe/admin@1.13.6
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-fdbu-af5y-abgd
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/silverstripe/admin@1.13.6
aliases GHSA-4q66-g4mm-8rg5, GMS-2023-1800
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-2uwy-4sfn-cucf
1
url VCID-d74p-k543-6yhb
vulnerability_id VCID-d74p-k543-6yhb
summary Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in silverstripe/admin.
references
0
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/silverstripe/admin/SS-2023-001.yaml
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/silverstripe/admin/SS-2023-001.yaml
1
reference_url https://github.com/silverstripe/silverstripe-admin
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/silverstripe/silverstripe-admin
2
reference_url https://www.silverstripe.org/download/security-releases/ss-2023-001
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.silverstripe.org/download/security-releases/ss-2023-001
3
reference_url https://www.tiny.cloud/docs/release-notes/release-notes54/#securityfixes
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.tiny.cloud/docs/release-notes/release-notes54/#securityfixes
4
reference_url https://github.com/advisories/GHSA-vrv8-v4w8-f95h
reference_id GHSA-vrv8-v4w8-f95h
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/advisories/GHSA-vrv8-v4w8-f95h
5
reference_url https://github.com/advisories/GHSA-wqm8-jx8r-8rcq
reference_id GHSA-wqm8-jx8r-8rcq
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-wqm8-jx8r-8rcq
6
reference_url https://github.com/silverstripe/silverstripe-admin/security/advisories/GHSA-wqm8-jx8r-8rcq
reference_id GHSA-wqm8-jx8r-8rcq
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N
1
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/silverstripe/silverstripe-admin/security/advisories/GHSA-wqm8-jx8r-8rcq
fixed_packages
0
url pkg:composer/silverstripe/admin@1.12.7
purl pkg:composer/silverstripe/admin@1.12.7
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2uwy-4sfn-cucf
1
vulnerability VCID-fdbu-af5y-abgd
2
vulnerability VCID-fnnq-393g-cua7
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/silverstripe/admin@1.12.7
aliases GHSA-wqm8-jx8r-8rcq, GMS-2023-1193
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-d74p-k543-6yhb
2
url VCID-fdbu-af5y-abgd
vulnerability_id VCID-fdbu-af5y-abgd
summary 
Incorrect Authorization
Silverstripe Admin provides a basic management interface for the Silverstripe Framework. In versions on the 1.x branch prior to 1.13.19 and on the 2.x branch prior to 2.1.8, users who don't have edit or delete permissions for records exposed in a `ModelAdmin` can still edit or delete records using the CSV import form, provided they have create permissions. The likelihood of a user having create permissions but not having edit or delete permissions is low, but it is possible. Note that this does not affect any `ModelAdmin` which has had the import form disabled via the `showImportForm` public property. Versions 1.13.19 and 2.1.8 contain a patch for the issue. Those who have a custom implementation of `BulkLoader` should update their implementations to respect permissions when the return value of `getCheckPermissions()` is true. Those who use any `BulkLoader` in their own project logic, or maintain a module which uses it, should consider passing `true` to `setCheckPermissions()` if the data is provided by users.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2023-49783
reference_id
reference_type
scores
0
value 0.00146
scoring_system epss
scoring_elements 0.34704
published_at 2026-06-07T12:55:00Z
1
value 0.00146
scoring_system epss
scoring_elements 0.34692
published_at 2026-06-09T12:55:00Z
2
value 0.00146
scoring_system epss
scoring_elements 0.3467
published_at 2026-06-08T12:55:00Z
3
value 0.00146
scoring_system epss
scoring_elements 0.3474
published_at 2026-06-06T12:55:00Z
4
value 0.00146
scoring_system epss
scoring_elements 0.34724
published_at 2026-06-05T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2023-49783
1
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/silverstripe/admin/CVE-2023-49783.yaml
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/silverstripe/admin/CVE-2023-49783.yaml
2
reference_url https://github.com/silverstripeltd/product-issues/issues/832
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/silverstripeltd/product-issues/issues/832
3
reference_url https://github.com/silverstripe-security/security-issues/issues/177
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/silverstripe-security/security-issues/issues/177
4
reference_url https://github.com/silverstripe/silverstripe-admin
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/silverstripe/silverstripe-admin
5
reference_url https://github.com/silverstripe/silverstripe-admin/commit/9693130a0a637cdf512277cf5f07e83250b191db
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/silverstripe/silverstripe-admin/commit/9693130a0a637cdf512277cf5f07e83250b191db
6
reference_url https://nvd.nist.gov/vuln/detail/CVE-2023-49783
reference_id CVE-2023-49783
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2023-49783
7
reference_url https://www.silverstripe.org/download/security-releases/CVE-2023-49783
reference_id CVE-2023-49783
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-01-23T21:29:24Z/
url https://www.silverstripe.org/download/security-releases/CVE-2023-49783
8
reference_url https://github.com/advisories/GHSA-j3m6-gvm8-mhvw
reference_id GHSA-j3m6-gvm8-mhvw
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-j3m6-gvm8-mhvw
9
reference_url https://github.com/silverstripe/silverstripe-admin/security/advisories/GHSA-j3m6-gvm8-mhvw
reference_id GHSA-j3m6-gvm8-mhvw
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
1
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-01-23T21:29:24Z/
url https://github.com/silverstripe/silverstripe-admin/security/advisories/GHSA-j3m6-gvm8-mhvw
fixed_packages
0
url pkg:composer/silverstripe/admin@1.13.19
purl pkg:composer/silverstripe/admin@1.13.19
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/silverstripe/admin@1.13.19
1
url pkg:composer/silverstripe/admin@2.0.0-alpha1
purl pkg:composer/silverstripe/admin@2.0.0-alpha1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/silverstripe/admin@2.0.0-alpha1
2
url pkg:composer/silverstripe/admin@2.1.8
purl pkg:composer/silverstripe/admin@2.1.8
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/silverstripe/admin@2.1.8
3
url pkg:composer/silverstripe/admin@2.3.0-rc1
purl pkg:composer/silverstripe/admin@2.3.0-rc1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/silverstripe/admin@2.3.0-rc1
aliases CVE-2023-49783, GHSA-j3m6-gvm8-mhvw
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-fdbu-af5y-abgd
3
url VCID-fnnq-393g-cua7
vulnerability_id VCID-fnnq-393g-cua7
summary Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in silverstripe/admin.
references
0
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/silverstripe/admin/SS-2023-002.yaml
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/silverstripe/admin/SS-2023-002.yaml
1
reference_url https://github.com/silverstripe/silverstripe-admin
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/silverstripe/silverstripe-admin
2
reference_url https://www.silverstripe.org/download/security-releases/SS-2023-002
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.silverstripe.org/download/security-releases/SS-2023-002
3
reference_url https://github.com/advisories/GHSA-jxcx-3h54-qqxx
reference_id GHSA-jxcx-3h54-qqxx
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-jxcx-3h54-qqxx
fixed_packages
0
url pkg:composer/silverstripe/admin@1.13.6
purl pkg:composer/silverstripe/admin@1.13.6
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-fdbu-af5y-abgd
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/silverstripe/admin@1.13.6
aliases GHSA-jxcx-3h54-qqxx, GMS-2023-1964
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-fnnq-393g-cua7
4
url VCID-mf2a-dems-hkhu
vulnerability_id VCID-mf2a-dems-hkhu
summary 
URL XSS vulnerability due to outdated jquery in CMS
Silverstripe silverstripe/framework through 4.11 allows XSS (issue 2 of 3).
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-38146
reference_id
reference_type
scores
0
value 0.00322
scoring_system epss
scoring_elements 0.55495
published_at 2026-06-04T12:55:00Z
1
value 0.00322
scoring_system epss
scoring_elements 0.55544
published_at 2026-06-07T12:55:00Z
2
value 0.00322
scoring_system epss
scoring_elements 0.55557
published_at 2026-06-06T12:55:00Z
3
value 0.00322
scoring_system epss
scoring_elements 0.55551
published_at 2026-06-05T12:55:00Z
4
value 0.00461
scoring_system epss
scoring_elements 0.64532
published_at 2026-06-09T12:55:00Z
5
value 0.00461
scoring_system epss
scoring_elements 0.64513
published_at 2026-06-08T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-38146
1
reference_url https://forum.silverstripe.org/c/releases
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-30T15:22:17Z/
url https://forum.silverstripe.org/c/releases
2
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/silverstripe/admin/CVE-2022-38146.yaml
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/silverstripe/admin/CVE-2022-38146.yaml
3
reference_url https://nvd.nist.gov/vuln/detail/CVE-2022-38146
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2022-38146
4
reference_url https://www.silverstripe.org/blog/tag/release
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-30T15:22:17Z/
url https://www.silverstripe.org/blog/tag/release
5
reference_url https://www.silverstripe.org/download/security-releases
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.silverstripe.org/download/security-releases
6
reference_url https://www.silverstripe.org/download/security-releases/CVE-2022-38146
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-30T15:22:17Z/
url https://www.silverstripe.org/download/security-releases/CVE-2022-38146
7
reference_url https://github.com/advisories/GHSA-44xv-v98g-v79f
reference_id GHSA-44xv-v98g-v79f
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-44xv-v98g-v79f
fixed_packages
0
url pkg:composer/silverstripe/admin@1.11.3
purl pkg:composer/silverstripe/admin@1.11.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2uwy-4sfn-cucf
1
vulnerability VCID-d74p-k543-6yhb
2
vulnerability VCID-fdbu-af5y-abgd
3
vulnerability VCID-fnnq-393g-cua7
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/silverstripe/admin@1.11.3
aliases CVE-2022-38146, GHSA-44xv-v98g-v79f
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-mf2a-dems-hkhu
5
url VCID-n4fk-735u-2baw
vulnerability_id VCID-n4fk-735u-2baw
summary 
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
SilverStripe Framework suffers from a XSS vulnerablity.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-36150
reference_id
reference_type
scores
0
value 0.00372
scoring_system epss
scoring_elements 0.5926
published_at 2026-06-04T12:55:00Z
1
value 0.00372
scoring_system epss
scoring_elements 0.59287
published_at 2026-06-08T12:55:00Z
2
value 0.00372
scoring_system epss
scoring_elements 0.59305
published_at 2026-06-07T12:55:00Z
3
value 0.00372
scoring_system epss
scoring_elements 0.59314
published_at 2026-06-06T12:55:00Z
4
value 0.00372
scoring_system epss
scoring_elements 0.5931
published_at 2026-06-05T12:55:00Z
5
value 0.00372
scoring_system epss
scoring_elements 0.59304
published_at 2026-06-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-36150
1
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/silverstripe/admin/CVE-2021-36150.yaml
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/silverstripe/admin/CVE-2021-36150.yaml
2
reference_url https://github.com/silverstripe/silverstripe-framework
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/silverstripe/silverstripe-framework
3
reference_url https://github.com/silverstripe/silverstripe-framework/releases
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/silverstripe/silverstripe-framework/releases
4
reference_url https://nvd.nist.gov/vuln/detail/CVE-2021-36150
reference_id CVE-2021-36150
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2021-36150
5
reference_url https://www.silverstripe.org/download/security-releases/CVE-2021-36150
reference_id CVE-2021-36150
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.silverstripe.org/download/security-releases/CVE-2021-36150
6
reference_url https://github.com/advisories/GHSA-j66h-cc96-c32q
reference_id GHSA-j66h-cc96-c32q
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-j66h-cc96-c32q
fixed_packages
0
url pkg:composer/silverstripe/admin@1.8.1
purl pkg:composer/silverstripe/admin@1.8.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2uwy-4sfn-cucf
1
vulnerability VCID-d74p-k543-6yhb
2
vulnerability VCID-fdbu-af5y-abgd
3
vulnerability VCID-fnnq-393g-cua7
4
vulnerability VCID-mf2a-dems-hkhu
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/silverstripe/admin@1.8.1
aliases CVE-2021-36150, GHSA-j66h-cc96-c32q
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-n4fk-735u-2baw
Fixing_vulnerabilities
Risk_score3.1
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:composer/silverstripe/admin@1.6.0