Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:pypi/products.cmfplone@3.3
Typepypi
Namespace
Nameproducts.cmfplone
Version3.3
Qualifiers
Subpath
Is_vulnerabletrue
Next_non_vulnerable_version4.0.7
Latest_non_vulnerable_version5.1.0
Affected_by_vulnerabilities
0
url VCID-w2mv-zekv-8fcv
vulnerability_id VCID-w2mv-zekv-8fcv
summary Products/CMFPlone/CatalogTool.py in Plone 3.3 through 4.3.2 allows remote administrators to bypass restrictions and obtain sensitive information via an unspecified search API.
references
0
reference_url https://github.com/plone/Products.CMFPlone
reference_id
reference_type
scores
url https://github.com/plone/Products.CMFPlone
1
reference_url https://github.com/plone/Products.CMFPlone/commit/a6a3e50f759da7e7ca46e50777a35e51f4d8ed48
reference_id
reference_type
scores
url https://github.com/plone/Products.CMFPlone/commit/a6a3e50f759da7e7ca46e50777a35e51f4d8ed48
2
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2014-66.yaml
reference_id
reference_type
scores
url https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2014-66.yaml
3
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/products-cmfplone/PYSEC-2014-68.yaml
reference_id
reference_type
scores
url https://github.com/pypa/advisory-database/tree/main/vulns/products-cmfplone/PYSEC-2014-68.yaml
4
reference_url https://plone.org/security/20131210/catalogue-exposure
reference_id
reference_type
scores
url https://plone.org/security/20131210/catalogue-exposure
5
reference_url https://pypi.org/project/Products.PloneHotfix20131210
reference_id
reference_type
scores
url https://pypi.org/project/Products.PloneHotfix20131210
6
reference_url http://www.openwall.com/lists/oss-security/2013/12/10/15
reference_id
reference_type
scores
url http://www.openwall.com/lists/oss-security/2013/12/10/15
7
reference_url http://www.openwall.com/lists/oss-security/2013/12/12/3
reference_id
reference_type
scores
url http://www.openwall.com/lists/oss-security/2013/12/12/3
8
reference_url https://nvd.nist.gov/vuln/detail/CVE-2013-7061
reference_id CVE-2013-7061
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2013-7061
9
reference_url https://github.com/advisories/GHSA-4vr8-r7qr-fpvq
reference_id GHSA-4vr8-r7qr-fpvq
reference_type
scores
url https://github.com/advisories/GHSA-4vr8-r7qr-fpvq
fixed_packages
0
url pkg:pypi/products.cmfplone@4.3.3
purl pkg:pypi/products.cmfplone@4.3.3
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/products.cmfplone@4.3.3
aliases CVE-2013-7061, GHSA-4vr8-r7qr-fpvq, PYSEC-2014-66, PYSEC-2014-68
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-w2mv-zekv-8fcv
Fixing_vulnerabilities
Risk_scorenull
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:pypi/products.cmfplone@3.3