Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:composer/contao/contao@5.3.24
Typecomposer
Namespacecontao
Namecontao
Version5.3.24
Qualifiers
Subpath
Is_vulnerabletrue
Next_non_vulnerable_version5.3.38
Latest_non_vulnerable_version5.6.1
Affected_by_vulnerabilities
0
url VCID-afma-748j-uqae
vulnerability_id VCID-afma-748j-uqae
summary 
Contao can disclose sensitive information in the news module
If a news feed contains protected news archives, their news items are not filtered and become publicly available in the RSS feed.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-57757
reference_id
reference_type
scores
0
value 0.00078
scoring_system epss
scoring_elements 0.23256
published_at 2026-06-06T12:55:00Z
1
value 0.00078
scoring_system epss
scoring_elements 0.23271
published_at 2026-06-05T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-57757
1
reference_url https://contao.org/en/security-advisories/information-disclosure-in-the-news-module
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-08-28T17:45:40Z/
url https://contao.org/en/security-advisories/information-disclosure-in-the-news-module
2
reference_url https://github.com/contao/contao
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/contao/contao
3
reference_url https://github.com/contao/contao/commit/e75f46b11974fbf7a4652e65c19ad6ca84c59271
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-08-28T17:45:40Z/
url https://github.com/contao/contao/commit/e75f46b11974fbf7a4652e65c19ad6ca84c59271
4
reference_url https://nvd.nist.gov/vuln/detail/CVE-2025-57757
reference_id CVE-2025-57757
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2025-57757
5
reference_url https://github.com/advisories/GHSA-w53m-gxvg-vx7p
reference_id GHSA-w53m-gxvg-vx7p
reference_type
scores
url https://github.com/advisories/GHSA-w53m-gxvg-vx7p
6
reference_url https://github.com/contao/contao/security/advisories/GHSA-w53m-gxvg-vx7p
reference_id GHSA-w53m-gxvg-vx7p
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-08-28T17:45:40Z/
url https://github.com/contao/contao/security/advisories/GHSA-w53m-gxvg-vx7p
fixed_packages
0
url pkg:composer/contao/contao@5.3.38
purl pkg:composer/contao/contao@5.3.38
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/contao/contao@5.3.38
1
url pkg:composer/contao/contao@5.6.1
purl pkg:composer/contao/contao@5.6.1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/contao/contao@5.6.1
aliases CVE-2025-57757, GHSA-w53m-gxvg-vx7p
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-afma-748j-uqae
1
url VCID-f1az-1ejn-53f7
vulnerability_id VCID-f1az-1ejn-53f7
summary 
Contao discloses sensitive information in the front end search index
Protected content elements that are rendered as fragments are indexed and become publicly available in the front end search.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-57756
reference_id
reference_type
scores
0
value 0.00066
scoring_system epss
scoring_elements 0.20789
published_at 2026-06-06T12:55:00Z
1
value 0.00066
scoring_system epss
scoring_elements 0.20802
published_at 2026-06-05T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-57756
1
reference_url https://contao.org/en/security-advisories/information-disclosure-in-the-front-end-search-index
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-08-28T17:49:20Z/
url https://contao.org/en/security-advisories/information-disclosure-in-the-front-end-search-index
2
reference_url https://github.com/contao/contao
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/contao/contao
3
reference_url https://github.com/contao/contao/commit/a03976c459b6f3985a28f6488b82a76ffb6c0514
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-08-28T17:49:20Z/
url https://github.com/contao/contao/commit/a03976c459b6f3985a28f6488b82a76ffb6c0514
4
reference_url https://nvd.nist.gov/vuln/detail/CVE-2025-57756
reference_id CVE-2025-57756
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2025-57756
5
reference_url https://github.com/advisories/GHSA-2xmj-8wmq-7475
reference_id GHSA-2xmj-8wmq-7475
reference_type
scores
url https://github.com/advisories/GHSA-2xmj-8wmq-7475
6
reference_url https://github.com/contao/contao/security/advisories/GHSA-2xmj-8wmq-7475
reference_id GHSA-2xmj-8wmq-7475
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-08-28T17:49:20Z/
url https://github.com/contao/contao/security/advisories/GHSA-2xmj-8wmq-7475
fixed_packages
0
url pkg:composer/contao/contao@5.3.38
purl pkg:composer/contao/contao@5.3.38
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/contao/contao@5.3.38
1
url pkg:composer/contao/contao@5.6.1
purl pkg:composer/contao/contao@5.6.1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/contao/contao@5.6.1
aliases CVE-2025-57756, GHSA-2xmj-8wmq-7475
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-f1az-1ejn-53f7
2
url VCID-p4tq-y4en-57ag
vulnerability_id VCID-p4tq-y4en-57ag
summary 
Contao does not properly manage privileges for page and article fields
Under certain conditions, back end users may be able to edit fields of pages and articles without having the necessary permissions.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-57759
reference_id
reference_type
scores
0
value 0.00058
scoring_system epss
scoring_elements 0.18365
published_at 2026-06-06T12:55:00Z
1
value 0.00058
scoring_system epss
scoring_elements 0.18361
published_at 2026-06-05T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-57759
1
reference_url https://contao.org/en/security-advisories/improper-privilege-management-for-page-and-article-fields
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-08-28T17:16:51Z/
url https://contao.org/en/security-advisories/improper-privilege-management-for-page-and-article-fields
2
reference_url https://github.com/contao/contao
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/contao/contao
3
reference_url https://github.com/contao/contao/commit/80ee7db12d55ad979d9b1b180f273d4e2668851f
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-08-28T17:16:51Z/
url https://github.com/contao/contao/commit/80ee7db12d55ad979d9b1b180f273d4e2668851f
4
reference_url https://nvd.nist.gov/vuln/detail/CVE-2025-57759
reference_id CVE-2025-57759
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2025-57759
5
reference_url https://github.com/advisories/GHSA-qqfq-7cpp-hcqj
reference_id GHSA-qqfq-7cpp-hcqj
reference_type
scores
url https://github.com/advisories/GHSA-qqfq-7cpp-hcqj
6
reference_url https://github.com/contao/contao/security/advisories/GHSA-qqfq-7cpp-hcqj
reference_id GHSA-qqfq-7cpp-hcqj
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-08-28T17:16:51Z/
url https://github.com/contao/contao/security/advisories/GHSA-qqfq-7cpp-hcqj
fixed_packages
0
url pkg:composer/contao/contao@5.3.38
purl pkg:composer/contao/contao@5.3.38
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/contao/contao@5.3.38
1
url pkg:composer/contao/contao@5.6.1
purl pkg:composer/contao/contao@5.6.1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/contao/contao@5.6.1
aliases CVE-2025-57759, GHSA-qqfq-7cpp-hcqj
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-p4tq-y4en-57ag
3
url VCID-ycnh-mnst-duap
vulnerability_id VCID-ycnh-mnst-duap
summary 
Contao applies improper access control in the back end voters
The table access voter in the back end doesn't check if a user is allowed to access the corresponding module.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-57758
reference_id
reference_type
scores
0
value 0.00062
scoring_system epss
scoring_elements 0.1964
published_at 2026-06-05T12:55:00Z
1
value 0.00062
scoring_system epss
scoring_elements 0.19635
published_at 2026-06-06T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-57758
1
reference_url https://contao.org/en/security-advisories/improper-access-control-in-the-back-end-voters
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-08-28T17:19:56Z/
url https://contao.org/en/security-advisories/improper-access-control-in-the-back-end-voters
2
reference_url https://github.com/contao/contao
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/contao/contao
3
reference_url https://github.com/contao/contao/commit/3f05c603e1c94d34819f837f060df5d66447d0d7
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-08-28T17:19:56Z/
url https://github.com/contao/contao/commit/3f05c603e1c94d34819f837f060df5d66447d0d7
4
reference_url https://nvd.nist.gov/vuln/detail/CVE-2025-57758
reference_id CVE-2025-57758
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2025-57758
5
reference_url https://github.com/advisories/GHSA-7m47-r75r-cx8v
reference_id GHSA-7m47-r75r-cx8v
reference_type
scores
url https://github.com/advisories/GHSA-7m47-r75r-cx8v
6
reference_url https://github.com/contao/contao/security/advisories/GHSA-7m47-r75r-cx8v
reference_id GHSA-7m47-r75r-cx8v
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-08-28T17:19:56Z/
url https://github.com/contao/contao/security/advisories/GHSA-7m47-r75r-cx8v
fixed_packages
0
url pkg:composer/contao/contao@5.3.38
purl pkg:composer/contao/contao@5.3.38
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/contao/contao@5.3.38
1
url pkg:composer/contao/contao@5.6.1
purl pkg:composer/contao/contao@5.6.1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/contao/contao@5.6.1
aliases CVE-2025-57758, GHSA-7m47-r75r-cx8v
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ycnh-mnst-duap
Fixing_vulnerabilities
Risk_score3.1
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:composer/contao/contao@5.3.24