Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:composer/in2code/femanager@7.2.2
Typecomposer
Namespacein2code
Namefemanager
Version7.2.2
Qualifiers
Subpath
Is_vulnerablefalse
Next_non_vulnerable_version7.2.3
Latest_non_vulnerable_version7.2.3
Affected_by_vulnerabilities
Fixing_vulnerabilities
0
url VCID-mp37-6ntu-zkbt
vulnerability_id VCID-mp37-6ntu-zkbt
summary 
TYPO3 extension femanager Broken Access Control vulnerability
femanager fails to check access permissions for the invitation component. Depending on the configuration of the plugin, a remote user can create frontend user accounts with access to configured frontend groups.
references
0
reference_url https://github.com/in2code-de/femanager/commit/cc5f2893613a6b3fd2677c457574ab587a0862ca
reference_id
reference_type
scores
url https://github.com/in2code-de/femanager/commit/cc5f2893613a6b3fd2677c457574ab587a0862ca
1
reference_url https://github.com/in2code-de/femanager/releases/tag/7.2.2
reference_id
reference_type
scores
url https://github.com/in2code-de/femanager/releases/tag/7.2.2
2
reference_url https://typo3.org/security/advisory/typo3-ext-sa-2023-008
reference_id
reference_type
scores
url https://typo3.org/security/advisory/typo3-ext-sa-2023-008
3
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/in2code/femanager/CVE-2023-45023.yaml
reference_id CVE-2023-45023.YAML
reference_type
scores
url https://github.com/FriendsOfPHP/security-advisories/blob/master/in2code/femanager/CVE-2023-45023.yaml
4
reference_url https://github.com/advisories/GHSA-93j4-v838-8767
reference_id GHSA-93j4-v838-8767
reference_type
scores
url https://github.com/advisories/GHSA-93j4-v838-8767
fixed_packages
0
url pkg:composer/in2code/femanager@7.2.2
purl pkg:composer/in2code/femanager@7.2.2
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/in2code/femanager@7.2.2
aliases CVE-2023-45023, GHSA-93j4-v838-8767
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-mp37-6ntu-zkbt
Risk_scorenull
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:composer/in2code/femanager@7.2.2