Django REST framework

Lookup for vulnerabilities affecting packages.

Vulnerability_id VCID-scrs-h12x-1ugz

Summary

Mockoon provides way to design and run mock APIs. Prior to version 9.2.0, a mock API configuration for static file serving follows the same approach presented in the documentation page, where the server filename is generated via templating features from user input is vulnerable to Path Traversal and LFI, allowing an attacker to get any file in the mock server filesystem.
The issue may be particularly relevant in cloud hosted server instances. Version 9.2.0 fixes the issue.

Aliases

alias	CVE-2025-59049

alias	GHSA-w7f9-wqc4-3wxr

Fixed_packages

url	pkg:npm/%40mockoon/cli@9.2.0
purl	pkg:npm/%40mockoon/cli@9.2.0
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:npm/%2540mockoon/cli@9.2.0

url	pkg:npm/%40mockoon/commons-server@9.2.0
purl	pkg:npm/%40mockoon/commons-server@9.2.0
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:npm/%2540mockoon/commons-server@9.2.0

Affected_packages

url pkg:npm/%40mockoon/cli@0.1.0-beta.0

purl pkg:npm/%40mockoon/cli@0.1.0-beta.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-scrs-h12x-1ugz

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/%2540mockoon/cli@0.1.0-beta.0

url pkg:npm/%40mockoon/cli@0.1.0-beta.1

purl pkg:npm/%40mockoon/cli@0.1.0-beta.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-scrs-h12x-1ugz

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/%2540mockoon/cli@0.1.0-beta.1

url pkg:npm/%40mockoon/cli@0.1.0-beta.2

purl pkg:npm/%40mockoon/cli@0.1.0-beta.2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-scrs-h12x-1ugz

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/%2540mockoon/cli@0.1.0-beta.2

url pkg:npm/%40mockoon/cli@0.1.0-beta.5

purl pkg:npm/%40mockoon/cli@0.1.0-beta.5

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-scrs-h12x-1ugz

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/%2540mockoon/cli@0.1.0-beta.5

url pkg:npm/%40mockoon/cli@0.1.0-beta.6

purl pkg:npm/%40mockoon/cli@0.1.0-beta.6

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-scrs-h12x-1ugz

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/%2540mockoon/cli@0.1.0-beta.6

url pkg:npm/%40mockoon/cli@0.1.0-beta.7

purl pkg:npm/%40mockoon/cli@0.1.0-beta.7

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-scrs-h12x-1ugz

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/%2540mockoon/cli@0.1.0-beta.7

url pkg:npm/%40mockoon/cli@0.1.0-beta.8

purl pkg:npm/%40mockoon/cli@0.1.0-beta.8

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-scrs-h12x-1ugz

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/%2540mockoon/cli@0.1.0-beta.8

url pkg:npm/%40mockoon/cli@0.1.0-beta.9

purl pkg:npm/%40mockoon/cli@0.1.0-beta.9

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-scrs-h12x-1ugz

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/%2540mockoon/cli@0.1.0-beta.9

url pkg:npm/%40mockoon/cli@0.1.0-beta.10

purl pkg:npm/%40mockoon/cli@0.1.0-beta.10

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-scrs-h12x-1ugz

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/%2540mockoon/cli@0.1.0-beta.10

url pkg:npm/%40mockoon/cli@0.1.0-beta.11

purl pkg:npm/%40mockoon/cli@0.1.0-beta.11

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-scrs-h12x-1ugz

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/%2540mockoon/cli@0.1.0-beta.11

url pkg:npm/%40mockoon/cli@0.1.0-beta.12

purl pkg:npm/%40mockoon/cli@0.1.0-beta.12

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-scrs-h12x-1ugz

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/%2540mockoon/cli@0.1.0-beta.12

url pkg:npm/%40mockoon/cli@1.0.0

purl pkg:npm/%40mockoon/cli@1.0.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-scrs-h12x-1ugz

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/%2540mockoon/cli@1.0.0

url pkg:npm/%40mockoon/cli@1.0.1

purl pkg:npm/%40mockoon/cli@1.0.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-scrs-h12x-1ugz

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/%2540mockoon/cli@1.0.1

url pkg:npm/%40mockoon/cli@1.1.0

purl pkg:npm/%40mockoon/cli@1.1.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-scrs-h12x-1ugz

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/%2540mockoon/cli@1.1.0

url pkg:npm/%40mockoon/cli@1.2.0

purl pkg:npm/%40mockoon/cli@1.2.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-scrs-h12x-1ugz

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/%2540mockoon/cli@1.2.0

url pkg:npm/%40mockoon/cli@1.2.1

purl pkg:npm/%40mockoon/cli@1.2.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-scrs-h12x-1ugz

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/%2540mockoon/cli@1.2.1

url pkg:npm/%40mockoon/cli@1.3.0

purl pkg:npm/%40mockoon/cli@1.3.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-scrs-h12x-1ugz

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/%2540mockoon/cli@1.3.0

url pkg:npm/%40mockoon/cli@1.4.0

purl pkg:npm/%40mockoon/cli@1.4.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-scrs-h12x-1ugz

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/%2540mockoon/cli@1.4.0

url pkg:npm/%40mockoon/cli@1.5.0

purl pkg:npm/%40mockoon/cli@1.5.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-scrs-h12x-1ugz

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/%2540mockoon/cli@1.5.0

url pkg:npm/%40mockoon/cli@1.5.1

purl pkg:npm/%40mockoon/cli@1.5.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-scrs-h12x-1ugz

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/%2540mockoon/cli@1.5.1

url pkg:npm/%40mockoon/cli@1.6.0

purl pkg:npm/%40mockoon/cli@1.6.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-scrs-h12x-1ugz

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/%2540mockoon/cli@1.6.0

url pkg:npm/%40mockoon/cli@1.6.1

purl pkg:npm/%40mockoon/cli@1.6.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-scrs-h12x-1ugz

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/%2540mockoon/cli@1.6.1

url pkg:npm/%40mockoon/cli@1.6.2

purl pkg:npm/%40mockoon/cli@1.6.2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-scrs-h12x-1ugz

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/%2540mockoon/cli@1.6.2

url pkg:npm/%40mockoon/cli@2.0.0

purl pkg:npm/%40mockoon/cli@2.0.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-scrs-h12x-1ugz

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/%2540mockoon/cli@2.0.0

url pkg:npm/%40mockoon/cli@2.1.0

purl pkg:npm/%40mockoon/cli@2.1.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-scrs-h12x-1ugz

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/%2540mockoon/cli@2.1.0

url pkg:npm/%40mockoon/cli@2.2.0

purl pkg:npm/%40mockoon/cli@2.2.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-scrs-h12x-1ugz

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/%2540mockoon/cli@2.2.0

url pkg:npm/%40mockoon/cli@2.2.1

purl pkg:npm/%40mockoon/cli@2.2.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-scrs-h12x-1ugz

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/%2540mockoon/cli@2.2.1

url pkg:npm/%40mockoon/cli@2.3.0

purl pkg:npm/%40mockoon/cli@2.3.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-scrs-h12x-1ugz

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/%2540mockoon/cli@2.3.0

url pkg:npm/%40mockoon/cli@2.4.0

purl pkg:npm/%40mockoon/cli@2.4.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-scrs-h12x-1ugz

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/%2540mockoon/cli@2.4.0

url pkg:npm/%40mockoon/cli@3.0.0

purl pkg:npm/%40mockoon/cli@3.0.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-scrs-h12x-1ugz

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/%2540mockoon/cli@3.0.0

url pkg:npm/%40mockoon/cli@3.1.0

purl pkg:npm/%40mockoon/cli@3.1.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-scrs-h12x-1ugz

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/%2540mockoon/cli@3.1.0

url pkg:npm/%40mockoon/cli@4.0.0

purl pkg:npm/%40mockoon/cli@4.0.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-scrs-h12x-1ugz

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/%2540mockoon/cli@4.0.0

url pkg:npm/%40mockoon/cli@4.1.0

purl pkg:npm/%40mockoon/cli@4.1.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-scrs-h12x-1ugz

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/%2540mockoon/cli@4.1.0

url pkg:npm/%40mockoon/cli@5.0.0

purl pkg:npm/%40mockoon/cli@5.0.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-scrs-h12x-1ugz

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/%2540mockoon/cli@5.0.0

url pkg:npm/%40mockoon/cli@5.1.0

purl pkg:npm/%40mockoon/cli@5.1.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-scrs-h12x-1ugz

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/%2540mockoon/cli@5.1.0

url pkg:npm/%40mockoon/cli@6.0.0

purl pkg:npm/%40mockoon/cli@6.0.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-scrs-h12x-1ugz

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/%2540mockoon/cli@6.0.0

url pkg:npm/%40mockoon/cli@6.0.1

purl pkg:npm/%40mockoon/cli@6.0.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-scrs-h12x-1ugz

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/%2540mockoon/cli@6.0.1

url pkg:npm/%40mockoon/cli@6.1.0

purl pkg:npm/%40mockoon/cli@6.1.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-scrs-h12x-1ugz

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/%2540mockoon/cli@6.1.0

url pkg:npm/%40mockoon/cli@6.2.0

purl pkg:npm/%40mockoon/cli@6.2.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-scrs-h12x-1ugz

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/%2540mockoon/cli@6.2.0

url pkg:npm/%40mockoon/cli@7.0.0

purl pkg:npm/%40mockoon/cli@7.0.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-scrs-h12x-1ugz

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/%2540mockoon/cli@7.0.0

url pkg:npm/%40mockoon/cli@8.0.0

purl pkg:npm/%40mockoon/cli@8.0.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-scrs-h12x-1ugz

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/%2540mockoon/cli@8.0.0

url pkg:npm/%40mockoon/cli@8.1.0

purl pkg:npm/%40mockoon/cli@8.1.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-scrs-h12x-1ugz

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/%2540mockoon/cli@8.1.0

url pkg:npm/%40mockoon/cli@8.1.1

purl pkg:npm/%40mockoon/cli@8.1.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-scrs-h12x-1ugz

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/%2540mockoon/cli@8.1.1

url pkg:npm/%40mockoon/cli@8.2.0

purl pkg:npm/%40mockoon/cli@8.2.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-scrs-h12x-1ugz

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/%2540mockoon/cli@8.2.0

url pkg:npm/%40mockoon/cli@8.3.0

purl pkg:npm/%40mockoon/cli@8.3.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-scrs-h12x-1ugz

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/%2540mockoon/cli@8.3.0

url pkg:npm/%40mockoon/cli@8.4.0

purl pkg:npm/%40mockoon/cli@8.4.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-scrs-h12x-1ugz

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/%2540mockoon/cli@8.4.0

url pkg:npm/%40mockoon/cli@9.0.0

purl pkg:npm/%40mockoon/cli@9.0.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-scrs-h12x-1ugz

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/%2540mockoon/cli@9.0.0

url pkg:npm/%40mockoon/cli@9.1.0

purl pkg:npm/%40mockoon/cli@9.1.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-scrs-h12x-1ugz

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/%2540mockoon/cli@9.1.0

url pkg:npm/%40mockoon/commons-server@1.0.0

purl pkg:npm/%40mockoon/commons-server@1.0.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-scrs-h12x-1ugz

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/%2540mockoon/commons-server@1.0.0

url pkg:npm/%40mockoon/commons-server@1.0.1

purl pkg:npm/%40mockoon/commons-server@1.0.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-scrs-h12x-1ugz

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/%2540mockoon/commons-server@1.0.1

url pkg:npm/%40mockoon/commons-server@1.0.2

purl pkg:npm/%40mockoon/commons-server@1.0.2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-scrs-h12x-1ugz

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/%2540mockoon/commons-server@1.0.2

url pkg:npm/%40mockoon/commons-server@1.0.3

purl pkg:npm/%40mockoon/commons-server@1.0.3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-scrs-h12x-1ugz

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/%2540mockoon/commons-server@1.0.3

url pkg:npm/%40mockoon/commons-server@1.0.4

purl pkg:npm/%40mockoon/commons-server@1.0.4

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-scrs-h12x-1ugz

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/%2540mockoon/commons-server@1.0.4

url pkg:npm/%40mockoon/commons-server@1.0.5

purl pkg:npm/%40mockoon/commons-server@1.0.5

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-scrs-h12x-1ugz

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/%2540mockoon/commons-server@1.0.5

url pkg:npm/%40mockoon/commons-server@1.1.0

purl pkg:npm/%40mockoon/commons-server@1.1.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-scrs-h12x-1ugz

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/%2540mockoon/commons-server@1.1.0

url pkg:npm/%40mockoon/commons-server@1.1.1

purl pkg:npm/%40mockoon/commons-server@1.1.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-scrs-h12x-1ugz

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/%2540mockoon/commons-server@1.1.1

url pkg:npm/%40mockoon/commons-server@1.2.0

purl pkg:npm/%40mockoon/commons-server@1.2.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-scrs-h12x-1ugz

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/%2540mockoon/commons-server@1.2.0

url pkg:npm/%40mockoon/commons-server@1.2.1

purl pkg:npm/%40mockoon/commons-server@1.2.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-scrs-h12x-1ugz

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/%2540mockoon/commons-server@1.2.1

url pkg:npm/%40mockoon/commons-server@2.0.0

purl pkg:npm/%40mockoon/commons-server@2.0.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-scrs-h12x-1ugz

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/%2540mockoon/commons-server@2.0.0

url pkg:npm/%40mockoon/commons-server@2.1.0

purl pkg:npm/%40mockoon/commons-server@2.1.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-scrs-h12x-1ugz

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/%2540mockoon/commons-server@2.1.0

url pkg:npm/%40mockoon/commons-server@2.1.1

purl pkg:npm/%40mockoon/commons-server@2.1.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-scrs-h12x-1ugz

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/%2540mockoon/commons-server@2.1.1

url pkg:npm/%40mockoon/commons-server@2.2.0

purl pkg:npm/%40mockoon/commons-server@2.2.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-scrs-h12x-1ugz

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/%2540mockoon/commons-server@2.2.0

url pkg:npm/%40mockoon/commons-server@2.2.1

purl pkg:npm/%40mockoon/commons-server@2.2.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-scrs-h12x-1ugz

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/%2540mockoon/commons-server@2.2.1

url pkg:npm/%40mockoon/commons-server@2.3.0

purl pkg:npm/%40mockoon/commons-server@2.3.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-scrs-h12x-1ugz

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/%2540mockoon/commons-server@2.3.0

url pkg:npm/%40mockoon/commons-server@2.3.1

purl pkg:npm/%40mockoon/commons-server@2.3.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-scrs-h12x-1ugz

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/%2540mockoon/commons-server@2.3.1

url pkg:npm/%40mockoon/commons-server@2.4.0

purl pkg:npm/%40mockoon/commons-server@2.4.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-scrs-h12x-1ugz

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/%2540mockoon/commons-server@2.4.0

url pkg:npm/%40mockoon/commons-server@2.5.0

purl pkg:npm/%40mockoon/commons-server@2.5.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-scrs-h12x-1ugz

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/%2540mockoon/commons-server@2.5.0

url pkg:npm/%40mockoon/commons-server@2.6.0

purl pkg:npm/%40mockoon/commons-server@2.6.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-scrs-h12x-1ugz

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/%2540mockoon/commons-server@2.6.0

url pkg:npm/%40mockoon/commons-server@2.7.0

purl pkg:npm/%40mockoon/commons-server@2.7.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-scrs-h12x-1ugz

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/%2540mockoon/commons-server@2.7.0

url pkg:npm/%40mockoon/commons-server@2.8.0

purl pkg:npm/%40mockoon/commons-server@2.8.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-scrs-h12x-1ugz

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/%2540mockoon/commons-server@2.8.0

url pkg:npm/%40mockoon/commons-server@2.9.0

purl pkg:npm/%40mockoon/commons-server@2.9.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-scrs-h12x-1ugz

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/%2540mockoon/commons-server@2.9.0

url pkg:npm/%40mockoon/commons-server@2.10.0

purl pkg:npm/%40mockoon/commons-server@2.10.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-scrs-h12x-1ugz

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/%2540mockoon/commons-server@2.10.0

url pkg:npm/%40mockoon/commons-server@2.11.0

purl pkg:npm/%40mockoon/commons-server@2.11.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-scrs-h12x-1ugz

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/%2540mockoon/commons-server@2.11.0

url pkg:npm/%40mockoon/commons-server@2.11.1

purl pkg:npm/%40mockoon/commons-server@2.11.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-scrs-h12x-1ugz

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/%2540mockoon/commons-server@2.11.1

url pkg:npm/%40mockoon/commons-server@2.11.2

purl pkg:npm/%40mockoon/commons-server@2.11.2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-scrs-h12x-1ugz

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/%2540mockoon/commons-server@2.11.2

url pkg:npm/%40mockoon/commons-server@2.12.0

purl pkg:npm/%40mockoon/commons-server@2.12.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-scrs-h12x-1ugz

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/%2540mockoon/commons-server@2.12.0

url pkg:npm/%40mockoon/commons-server@2.13.0

purl pkg:npm/%40mockoon/commons-server@2.13.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-scrs-h12x-1ugz

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/%2540mockoon/commons-server@2.13.0

url pkg:npm/%40mockoon/commons-server@2.14.0

purl pkg:npm/%40mockoon/commons-server@2.14.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-scrs-h12x-1ugz

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/%2540mockoon/commons-server@2.14.0

url pkg:npm/%40mockoon/commons-server@2.14.1

purl pkg:npm/%40mockoon/commons-server@2.14.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-scrs-h12x-1ugz

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/%2540mockoon/commons-server@2.14.1

url pkg:npm/%40mockoon/commons-server@2.15.0

purl pkg:npm/%40mockoon/commons-server@2.15.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-scrs-h12x-1ugz

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/%2540mockoon/commons-server@2.15.0

url pkg:npm/%40mockoon/commons-server@2.15.1

purl pkg:npm/%40mockoon/commons-server@2.15.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-scrs-h12x-1ugz

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/%2540mockoon/commons-server@2.15.1

url pkg:npm/%40mockoon/commons-server@2.15.2

purl pkg:npm/%40mockoon/commons-server@2.15.2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-scrs-h12x-1ugz

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/%2540mockoon/commons-server@2.15.2

url pkg:npm/%40mockoon/commons-server@2.15.3

purl pkg:npm/%40mockoon/commons-server@2.15.3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-scrs-h12x-1ugz

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/%2540mockoon/commons-server@2.15.3

url pkg:npm/%40mockoon/commons-server@2.15.4

purl pkg:npm/%40mockoon/commons-server@2.15.4

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-scrs-h12x-1ugz

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/%2540mockoon/commons-server@2.15.4

url pkg:npm/%40mockoon/commons-server@2.15.5

purl pkg:npm/%40mockoon/commons-server@2.15.5

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-scrs-h12x-1ugz

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/%2540mockoon/commons-server@2.15.5

url pkg:npm/%40mockoon/commons-server@2.16.0

purl pkg:npm/%40mockoon/commons-server@2.16.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-scrs-h12x-1ugz

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/%2540mockoon/commons-server@2.16.0

url pkg:npm/%40mockoon/commons-server@2.16.1

purl pkg:npm/%40mockoon/commons-server@2.16.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-scrs-h12x-1ugz

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/%2540mockoon/commons-server@2.16.1

url pkg:npm/%40mockoon/commons-server@2.16.2

purl pkg:npm/%40mockoon/commons-server@2.16.2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-scrs-h12x-1ugz

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/%2540mockoon/commons-server@2.16.2

url pkg:npm/%40mockoon/commons-server@2.16.3

purl pkg:npm/%40mockoon/commons-server@2.16.3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-scrs-h12x-1ugz

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/%2540mockoon/commons-server@2.16.3

url pkg:npm/%40mockoon/commons-server@2.16.4

purl pkg:npm/%40mockoon/commons-server@2.16.4

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-scrs-h12x-1ugz

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/%2540mockoon/commons-server@2.16.4

url pkg:npm/%40mockoon/commons-server@3.0.0

purl pkg:npm/%40mockoon/commons-server@3.0.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-scrs-h12x-1ugz

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/%2540mockoon/commons-server@3.0.0

url pkg:npm/%40mockoon/commons-server@3.1.0

purl pkg:npm/%40mockoon/commons-server@3.1.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-scrs-h12x-1ugz

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/%2540mockoon/commons-server@3.1.0

url pkg:npm/%40mockoon/commons-server@3.2.0

purl pkg:npm/%40mockoon/commons-server@3.2.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-scrs-h12x-1ugz

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/%2540mockoon/commons-server@3.2.0

url pkg:npm/%40mockoon/commons-server@3.2.1

purl pkg:npm/%40mockoon/commons-server@3.2.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-scrs-h12x-1ugz

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/%2540mockoon/commons-server@3.2.1

url pkg:npm/%40mockoon/commons-server@3.3.0

purl pkg:npm/%40mockoon/commons-server@3.3.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-scrs-h12x-1ugz

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/%2540mockoon/commons-server@3.3.0

url pkg:npm/%40mockoon/commons-server@3.4.0

purl pkg:npm/%40mockoon/commons-server@3.4.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-scrs-h12x-1ugz

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/%2540mockoon/commons-server@3.4.0

url pkg:npm/%40mockoon/commons-server@3.5.0

purl pkg:npm/%40mockoon/commons-server@3.5.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-scrs-h12x-1ugz

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/%2540mockoon/commons-server@3.5.0

url pkg:npm/%40mockoon/commons-server@3.6.0

purl pkg:npm/%40mockoon/commons-server@3.6.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-scrs-h12x-1ugz

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/%2540mockoon/commons-server@3.6.0

url pkg:npm/%40mockoon/commons-server@4.0.0

purl pkg:npm/%40mockoon/commons-server@4.0.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-scrs-h12x-1ugz

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/%2540mockoon/commons-server@4.0.0

url pkg:npm/%40mockoon/commons-server@4.1.0

purl pkg:npm/%40mockoon/commons-server@4.1.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-scrs-h12x-1ugz

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/%2540mockoon/commons-server@4.1.0

100

url pkg:npm/%40mockoon/commons-server@5.0.0

purl pkg:npm/%40mockoon/commons-server@5.0.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-scrs-h12x-1ugz

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/%2540mockoon/commons-server@5.0.0

101

url pkg:npm/%40mockoon/commons-server@5.1.0

purl pkg:npm/%40mockoon/commons-server@5.1.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-scrs-h12x-1ugz

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/%2540mockoon/commons-server@5.1.0

102

url pkg:npm/%40mockoon/commons-server@6.0.0

purl pkg:npm/%40mockoon/commons-server@6.0.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-scrs-h12x-1ugz

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/%2540mockoon/commons-server@6.0.0

103

url pkg:npm/%40mockoon/commons-server@6.0.1

purl pkg:npm/%40mockoon/commons-server@6.0.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-scrs-h12x-1ugz

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/%2540mockoon/commons-server@6.0.1

104

url pkg:npm/%40mockoon/commons-server@6.1.0

purl pkg:npm/%40mockoon/commons-server@6.1.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-scrs-h12x-1ugz

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/%2540mockoon/commons-server@6.1.0

105

url pkg:npm/%40mockoon/commons-server@6.2.0

purl pkg:npm/%40mockoon/commons-server@6.2.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-scrs-h12x-1ugz

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/%2540mockoon/commons-server@6.2.0

106

url pkg:npm/%40mockoon/commons-server@7.0.0

purl pkg:npm/%40mockoon/commons-server@7.0.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-scrs-h12x-1ugz

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/%2540mockoon/commons-server@7.0.0

107

url pkg:npm/%40mockoon/commons-server@8.0.0

purl pkg:npm/%40mockoon/commons-server@8.0.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-scrs-h12x-1ugz

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/%2540mockoon/commons-server@8.0.0

108

url pkg:npm/%40mockoon/commons-server@8.1.0

purl pkg:npm/%40mockoon/commons-server@8.1.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-scrs-h12x-1ugz

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/%2540mockoon/commons-server@8.1.0

109

url pkg:npm/%40mockoon/commons-server@8.1.1

purl pkg:npm/%40mockoon/commons-server@8.1.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-scrs-h12x-1ugz

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/%2540mockoon/commons-server@8.1.1

110

url pkg:npm/%40mockoon/commons-server@8.2.0

purl pkg:npm/%40mockoon/commons-server@8.2.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-scrs-h12x-1ugz

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/%2540mockoon/commons-server@8.2.0

111

url pkg:npm/%40mockoon/commons-server@8.2.1

purl pkg:npm/%40mockoon/commons-server@8.2.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-scrs-h12x-1ugz

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/%2540mockoon/commons-server@8.2.1

112

url pkg:npm/%40mockoon/commons-server@8.2.2

purl pkg:npm/%40mockoon/commons-server@8.2.2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-scrs-h12x-1ugz

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/%2540mockoon/commons-server@8.2.2

113

url pkg:npm/%40mockoon/commons-server@8.3.0

purl pkg:npm/%40mockoon/commons-server@8.3.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-scrs-h12x-1ugz

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/%2540mockoon/commons-server@8.3.0

114

url pkg:npm/%40mockoon/commons-server@8.4.0

purl pkg:npm/%40mockoon/commons-server@8.4.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-scrs-h12x-1ugz

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/%2540mockoon/commons-server@8.4.0

115

url pkg:npm/%40mockoon/commons-server@8.4.1-alpha.1

purl pkg:npm/%40mockoon/commons-server@8.4.1-alpha.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-scrs-h12x-1ugz

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/%2540mockoon/commons-server@8.4.1-alpha.1

116

url pkg:npm/%40mockoon/commons-server@9.0.0

purl pkg:npm/%40mockoon/commons-server@9.0.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-scrs-h12x-1ugz

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/%2540mockoon/commons-server@9.0.0

117

url pkg:npm/%40mockoon/commons-server@9.1.0

purl pkg:npm/%40mockoon/commons-server@9.1.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-scrs-h12x-1ugz

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/%2540mockoon/commons-server@9.1.0

References

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2025-59049

reference_id

reference_type

scores

value	0.01907
scoring_system	epss
scoring_elements	0.83734
published_at	2026-06-12T12:55:00Z

value	0.01907
scoring_system	epss
scoring_elements	0.8374
published_at	2026-06-14T12:55:00Z

value	0.01907
scoring_system	epss
scoring_elements	0.83675
published_at	2026-06-11T12:55:00Z

value	0.01907
scoring_system	epss
scoring_elements	0.83743
published_at	2026-06-13T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2025-59049

reference_url

https://github.com/mockoon/mockoon

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/mockoon/mockoon

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2025-59049

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2025-59049

reference_url

https://github.com/mockoon/mockoon/commit/c7f6e23e87dc3b8cc44e5802af046200a797bd2e

reference_id

c7f6e23e87dc3b8cc44e5802af046200a797bd2e

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-09-10T19:18:51Z/

url

https://github.com/mockoon/mockoon/commit/c7f6e23e87dc3b8cc44e5802af046200a797bd2e

reference_url

https://github.com/advisories/GHSA-w7f9-wqc4-3wxr

reference_id

GHSA-w7f9-wqc4-3wxr

reference_type

scores

value	HIGH
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-w7f9-wqc4-3wxr

reference_url

https://github.com/mockoon/mockoon/security/advisories/GHSA-w7f9-wqc4-3wxr

reference_id

GHSA-w7f9-wqc4-3wxr

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	HIGH
scoring_system	cvssv3.1_qr
scoring_elements

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-09-10T19:18:51Z/

url

https://github.com/mockoon/mockoon/security/advisories/GHSA-w7f9-wqc4-3wxr

reference_url

https://github.com/mockoon/mockoon/blob/1ed31c4059d7f757f6cb2a43e10dc81b0d9c55a9/packages/commons-server/src/libs/server/server.ts#L1400

reference_id

server.ts#L1400

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-09-10T19:18:51Z/

url

https://github.com/mockoon/mockoon/blob/1ed31c4059d7f757f6cb2a43e10dc81b0d9c55a9/packages/commons-server/src/libs/server/server.ts#L1400

reference_url

https://github.com/mockoon/mockoon/blob/1ed31c4059d7f757f6cb2a43e10dc81b0d9c55a9/packages/commons-server/src/libs/server/server.ts#L1551

reference_id

server.ts#L1551

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-09-10T19:18:51Z/

url

https://github.com/mockoon/mockoon/blob/1ed31c4059d7f757f6cb2a43e10dc81b0d9c55a9/packages/commons-server/src/libs/server/server.ts#L1551

Weaknesses

cwe_id	22
name	Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
description	The product uses external input to construct a pathname that is intended to identify a file or directory that is located underneath a restricted parent directory, but the product does not properly neutralize special elements within the pathname that can cause the pathname to resolve to a location that is outside of the restricted directory.

cwe_id	24
name	Path Traversal: '../filedir'
description	The product uses external input to construct a pathname that should be within a restricted directory, but it does not properly neutralize ../ sequences that can resolve to a location that is outside of that directory.

cwe_id	73
name	External Control of File Name or Path
description	The product allows user input to control or influence paths or file names that are used in filesystem operations.

cwe_id	937
name	OWASP Top Ten 2013 Category A9 - Using Components with Known Vulnerabilities
description	Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2013.

cwe_id	1035
name	OWASP Top Ten 2017 Category A9 - Using Components with Known Vulnerabilities
description	Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2017.

Exploits

Severity_range_score 7.0 - 8.9

Exploitability 0.5

Weighted_severity 8.0

Risk_score 4.0

Resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-scrs-h12x-1ugz

Vulnerability Instance