Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:composer/symfony/web-profiler-bundle@2.3.19
Typecomposer
Namespacesymfony
Nameweb-profiler-bundle
Version2.3.19
Qualifiers
Subpath
Is_vulnerabletrue
Next_non_vulnerable_version2.4.9
Latest_non_vulnerable_version2.5.5
Affected_by_vulnerabilities
0
url VCID-6z5x-uwjt-uueq
vulnerability_id VCID-6z5x-uwjt-uueq
summary 
Cross-Site Request Forgery (CSRF)Cross-Site Request Forgery (CSRF)
CSRF vulnerability in the Web Profiler.
references
0
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/symfony/symfony/CVE-2014-6072.yaml
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/symfony/symfony/CVE-2014-6072.yaml
1
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/symfony/web-profiler-bundle/CVE-2014-6072.yaml
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/symfony/web-profiler-bundle/CVE-2014-6072.yaml
2
reference_url https://github.com/symfony/symfony/commit/f38536ab79058f6a934426c41170256ba9623a02
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/symfony/symfony/commit/f38536ab79058f6a934426c41170256ba9623a02
3
reference_url https://github.com/symfony/symfony/pull/11832
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/symfony/symfony/pull/11832
4
reference_url https://github.com/symfony/web-profiler-bundle/commit/5b589ba83faf7eb20cec50725cd657075aebdd36
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/symfony/web-profiler-bundle/commit/5b589ba83faf7eb20cec50725cd657075aebdd36
5
reference_url https://symfony.com/cve-2014-6072
reference_id CVE-2014-6072
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://symfony.com/cve-2014-6072
6
reference_url https://github.com/advisories/GHSA-v35g-4rrw-h4fw
reference_id GHSA-v35g-4rrw-h4fw
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-v35g-4rrw-h4fw
fixed_packages
0
url pkg:composer/symfony/web-profiler-bundle@2.4.9
purl pkg:composer/symfony/web-profiler-bundle@2.4.9
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/symfony/web-profiler-bundle@2.4.9
1
url pkg:composer/symfony/web-profiler-bundle@2.5.0-BETA1
purl pkg:composer/symfony/web-profiler-bundle@2.5.0-BETA1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/symfony/web-profiler-bundle@2.5.0-BETA1
2
url pkg:composer/symfony/web-profiler-bundle@2.5.4
purl pkg:composer/symfony/web-profiler-bundle@2.5.4
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/symfony/web-profiler-bundle@2.5.4
3
url pkg:composer/symfony/web-profiler-bundle@2.5.5
purl pkg:composer/symfony/web-profiler-bundle@2.5.5
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/symfony/web-profiler-bundle@2.5.5
aliases CVE-2014-6072, GHSA-v35g-4rrw-h4fw
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-6z5x-uwjt-uueq
Fixing_vulnerabilities
0
url VCID-6z5x-uwjt-uueq
vulnerability_id VCID-6z5x-uwjt-uueq
summary 
Cross-Site Request Forgery (CSRF)Cross-Site Request Forgery (CSRF)
CSRF vulnerability in the Web Profiler.
references
0
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/symfony/symfony/CVE-2014-6072.yaml
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/symfony/symfony/CVE-2014-6072.yaml
1
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/symfony/web-profiler-bundle/CVE-2014-6072.yaml
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/symfony/web-profiler-bundle/CVE-2014-6072.yaml
2
reference_url https://github.com/symfony/symfony/commit/f38536ab79058f6a934426c41170256ba9623a02
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/symfony/symfony/commit/f38536ab79058f6a934426c41170256ba9623a02
3
reference_url https://github.com/symfony/symfony/pull/11832
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/symfony/symfony/pull/11832
4
reference_url https://github.com/symfony/web-profiler-bundle/commit/5b589ba83faf7eb20cec50725cd657075aebdd36
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/symfony/web-profiler-bundle/commit/5b589ba83faf7eb20cec50725cd657075aebdd36
5
reference_url https://symfony.com/cve-2014-6072
reference_id CVE-2014-6072
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://symfony.com/cve-2014-6072
6
reference_url https://github.com/advisories/GHSA-v35g-4rrw-h4fw
reference_id GHSA-v35g-4rrw-h4fw
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-v35g-4rrw-h4fw
fixed_packages
0
url pkg:composer/symfony/web-profiler-bundle@2.3.19
purl pkg:composer/symfony/web-profiler-bundle@2.3.19
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-6z5x-uwjt-uueq
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/symfony/web-profiler-bundle@2.3.19
1
url pkg:composer/symfony/web-profiler-bundle@2.4.9
purl pkg:composer/symfony/web-profiler-bundle@2.4.9
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/symfony/web-profiler-bundle@2.4.9
2
url pkg:composer/symfony/web-profiler-bundle@2.5.0-BETA1
purl pkg:composer/symfony/web-profiler-bundle@2.5.0-BETA1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/symfony/web-profiler-bundle@2.5.0-BETA1
3
url pkg:composer/symfony/web-profiler-bundle@2.5.4
purl pkg:composer/symfony/web-profiler-bundle@2.5.4
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/symfony/web-profiler-bundle@2.5.4
4
url pkg:composer/symfony/web-profiler-bundle@2.5.5
purl pkg:composer/symfony/web-profiler-bundle@2.5.5
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/symfony/web-profiler-bundle@2.5.5
aliases CVE-2014-6072, GHSA-v35g-4rrw-h4fw
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-6z5x-uwjt-uueq
Risk_score4.0
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:composer/symfony/web-profiler-bundle@2.3.19