{"url":"http://public2.vulnerablecode.io/api/packages/65149?format=json","purl":"pkg:composer/pimcore/customer-management-framework-bundle@3.3.10","type":"composer","namespace":"pimcore","name":"customer-management-framework-bundle","version":"3.3.10","qualifiers":{},"subpath":"","is_vulnerable":false,"next_non_vulnerable_version":"3.4.1","latest_non_vulnerable_version":"4.0.6","affected_by_vulnerabilities":[],"fixing_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/45233?format=json","vulnerability_id":"VCID-1326-rudz-6fhr","summary":"Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')\nSQL Injection in GitHub repository pimcore/customer-data-framework prior to 3.3.10.","references":[{"reference_url":"https://github.com/pimcore/customer-data-framework/commit/76df151737b7964ce5169fdf9e27a0ad801757fe","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/pimcore/customer-data-framework/commit/76df151737b7964ce5169fdf9e27a0ad801757fe"},{"reference_url":"https://huntr.dev/bounties/cf398528-819f-456e-88e7-c06d268d3f44","reference_id":"","reference_type":"","scores":[],"url":"https://huntr.dev/bounties/cf398528-819f-456e-88e7-c06d268d3f44"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2023-2756","reference_id":"CVE-2023-2756","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2023-2756"},{"reference_url":"https://github.com/advisories/GHSA-25fx-3c2q-cq46","reference_id":"GHSA-25fx-3c2q-cq46","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-25fx-3c2q-cq46"},{"reference_url":"https://github.com/pimcore/customer-data-framework/security/advisories/GHSA-25fx-3c2q-cq46","reference_id":"GHSA-25fx-3c2q-cq46","reference_type":"","scores":[],"url":"https://github.com/pimcore/customer-data-framework/security/advisories/GHSA-25fx-3c2q-cq46"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/65149?format=json","purl":"pkg:composer/pimcore/customer-management-framework-bundle@3.3.10","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/pimcore/customer-management-framework-bundle@3.3.10"}],"aliases":["CVE-2023-2756","GHSA-25fx-3c2q-cq46"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-1326-rudz-6fhr"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/45273?format=json","vulnerability_id":"VCID-dasy-56qa-auaq","summary":"Storing Passwords in a Recoverable Format in GitHub repository pimcore/customer-data-framework prior to 3.3.10.","references":[{"reference_url":"https://github.com/pimcore/customer-data-framework/commit/d1d58c10313f080737dc1e71fab3beb12488a1e6","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/pimcore/customer-data-framework/commit/d1d58c10313f080737dc1e71fab3beb12488a1e6"},{"reference_url":"https://huntr.dev/bounties/db6c32f4-742e-4262-8fd5-cefd0f133416","reference_id":"","reference_type":"","scores":[],"url":"https://huntr.dev/bounties/db6c32f4-742e-4262-8fd5-cefd0f133416"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2023-2881","reference_id":"CVE-2023-2881","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2023-2881"},{"reference_url":"https://github.com/advisories/GHSA-j65r-g7q2-f8v3","reference_id":"GHSA-j65r-g7q2-f8v3","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-j65r-g7q2-f8v3"},{"reference_url":"https://github.com/pimcore/customer-data-framework/security/advisories/GHSA-j65r-g7q2-f8v3","reference_id":"GHSA-j65r-g7q2-f8v3","reference_type":"","scores":[],"url":"https://github.com/pimcore/customer-data-framework/security/advisories/GHSA-j65r-g7q2-f8v3"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/65149?format=json","purl":"pkg:composer/pimcore/customer-management-framework-bundle@3.3.10","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/pimcore/customer-management-framework-bundle@3.3.10"}],"aliases":["CVE-2023-2881","GHSA-j65r-g7q2-f8v3"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-dasy-56qa-auaq"}],"risk_score":null,"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/pimcore/customer-management-framework-bundle@3.3.10"}