Lookup for vulnerable packages by Package URL.
| Purl | pkg:composer/neos/swiftmailer@5.4.1 |
|---|
| Type | composer |
|---|
| Namespace | neos |
|---|
| Name | swiftmailer |
|---|
| Version | 5.4.1 |
|---|
| Qualifiers |
|
|---|
| Subpath | |
|---|
| Is_vulnerable | true |
|---|
| Next_non_vulnerable_version | 5.4.5 |
|---|
| Latest_non_vulnerable_version | 5.4.5 |
|---|
| Affected_by_vulnerabilities |
| 0 |
| url |
VCID-w2z4-snqu-nkh7 |
| vulnerability_id |
VCID-w2z4-snqu-nkh7 |
| summary |
Flow Swift Mailer package Remote code execution
A remote code execution vulnerability has been found in the Swift Mailer library (swiftmailer/swiftmailer) recently. [See this advisory for details](http://legalhackers.com/advisories/SwiftMailer-Exploit-Remote-Code-Exec-CVE-2016-10074-Vuln.html). If you are not using the default mail() transport, this particular problem does not affect you. Upgrading is of course still recommended! |
| references |
|
| fixed_packages |
|
| aliases |
GHSA-rq6q-hjvh-5mwh
|
| risk_score |
4.5 |
| exploitability |
0.5 |
| weighted_severity |
9.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-w2z4-snqu-nkh7 |
|
|
|---|
| Fixing_vulnerabilities |
|
|---|
| Risk_score | 4.5 |
|---|
| Resource_url | http://public2.vulnerablecode.io/packages/pkg:composer/neos/swiftmailer@5.4.1 |
|---|