Vulnerability Instance
Lookup for vulnerabilities affecting packages.
GET /api/vulnerabilities/13523?format=api
{ "url": "http://public2.vulnerablecode.io/api/vulnerabilities/13523?format=api", "vulnerability_id": "VCID-ks7b-f17t-dfd4", "summary": "Code Injection in PHPUnit\nUtil/PHP/eval-stdin.php in PHPUnit starting with 4.8.19 and before 4.8.28, as well as 5.x before 5.6.3, allows remote attackers to execute arbitrary PHP code via HTTP POST data beginning with a `<?php ` substring, as demonstrated by an attack on a site with an exposed /vendor folder, i.e., external access to the /vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php URI.", "aliases": [ { "alias": "CVE-2017-9841" }, { "alias": "GHSA-r7c9-c69m-rph8" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/371494?format=api", "purl": "pkg:alpm/archlinux/mediawiki@1.28.3-1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/mediawiki@1.28.3-1" }, { "url": "http://public2.vulnerablecode.io/api/packages/48271?format=api", "purl": "pkg:composer/phpunit/phpunit@4.8.28", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-6bt7-kw89-v3dt" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/phpunit/phpunit@4.8.28" }, { "url": "http://public2.vulnerablecode.io/api/packages/48272?format=api", "purl": "pkg:composer/phpunit/phpunit@5.6.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-6bt7-kw89-v3dt" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/phpunit/phpunit@5.6.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/935281?format=api", "purl": "pkg:deb/debian/phpunit@5.4.6-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpunit@5.4.6-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1053124?format=api", "purl": "pkg:deb/debian/phpunit@7.5.6-1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-6bt7-kw89-v3dt" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpunit@7.5.6-1" }, { "url": "http://public2.vulnerablecode.io/api/packages/935282?format=api", "purl": "pkg:deb/debian/phpunit@9.5.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpunit@9.5.2-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/935280?format=api", "purl": "pkg:deb/debian/phpunit@9.6.7-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-6bt7-kw89-v3dt" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpunit@9.6.7-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/935284?format=api", "purl": "pkg:deb/debian/phpunit@11.5.19-1%2Bdeb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpunit@11.5.19-1%252Bdeb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/935283?format=api", "purl": "pkg:deb/debian/phpunit@13.0.0-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpunit@13.0.0-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1000463?format=api", "purl": "pkg:deb/debian/phpunit@13.0.6-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpunit@13.0.6-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1041992?format=api", "purl": "pkg:deb/debian/phpunit@13.0.6-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpunit@13.0.6-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/78065?format=api", "purl": "pkg:ebuild/dev-php/phpunit@5.7.15-r1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-php/phpunit@5.7.15-r1" } ], "affected_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/371493?format=api", "purl": "pkg:alpm/archlinux/mediawiki@1.28.2-1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-ks7b-f17t-dfd4" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/mediawiki@1.28.2-1" }, { "url": "http://public2.vulnerablecode.io/api/packages/48269?format=api", "purl": "pkg:composer/phpunit/phpunit@4.8.19", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-6bt7-kw89-v3dt" }, { "vulnerability": "VCID-ks7b-f17t-dfd4" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/phpunit/phpunit@4.8.19" }, { "url": "http://public2.vulnerablecode.io/api/packages/291167?format=api", "purl": "pkg:composer/phpunit/phpunit@4.8.20", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-6bt7-kw89-v3dt" }, { "vulnerability": "VCID-ks7b-f17t-dfd4" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/phpunit/phpunit@4.8.20" }, { "url": "http://public2.vulnerablecode.io/api/packages/291168?format=api", "purl": "pkg:composer/phpunit/phpunit@4.8.21", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-6bt7-kw89-v3dt" }, { "vulnerability": "VCID-ks7b-f17t-dfd4" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/phpunit/phpunit@4.8.21" }, { "url": "http://public2.vulnerablecode.io/api/packages/291169?format=api", "purl": "pkg:composer/phpunit/phpunit@4.8.22", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-6bt7-kw89-v3dt" }, { "vulnerability": "VCID-ks7b-f17t-dfd4" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/phpunit/phpunit@4.8.22" }, { "url": "http://public2.vulnerablecode.io/api/packages/291170?format=api", "purl": "pkg:composer/phpunit/phpunit@4.8.23", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-6bt7-kw89-v3dt" }, { "vulnerability": "VCID-ks7b-f17t-dfd4" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/phpunit/phpunit@4.8.23" }, { "url": "http://public2.vulnerablecode.io/api/packages/291171?format=api", "purl": "pkg:composer/phpunit/phpunit@4.8.24", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-6bt7-kw89-v3dt" }, { "vulnerability": "VCID-ks7b-f17t-dfd4" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/phpunit/phpunit@4.8.24" }, { "url": "http://public2.vulnerablecode.io/api/packages/291172?format=api", "purl": "pkg:composer/phpunit/phpunit@4.8.25", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-6bt7-kw89-v3dt" }, { "vulnerability": "VCID-ks7b-f17t-dfd4" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/phpunit/phpunit@4.8.25" }, { "url": "http://public2.vulnerablecode.io/api/packages/291173?format=api", "purl": "pkg:composer/phpunit/phpunit@4.8.26", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-6bt7-kw89-v3dt" }, { "vulnerability": "VCID-ks7b-f17t-dfd4" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/phpunit/phpunit@4.8.26" }, { "url": "http://public2.vulnerablecode.io/api/packages/291174?format=api", "purl": "pkg:composer/phpunit/phpunit@4.8.27", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-6bt7-kw89-v3dt" }, { "vulnerability": "VCID-ks7b-f17t-dfd4" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/phpunit/phpunit@4.8.27" }, { "url": "http://public2.vulnerablecode.io/api/packages/48270?format=api", "purl": "pkg:composer/phpunit/phpunit@5.0.10", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-6bt7-kw89-v3dt" }, { "vulnerability": "VCID-ks7b-f17t-dfd4" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/phpunit/phpunit@5.0.10" }, { "url": "http://public2.vulnerablecode.io/api/packages/291175?format=api", "purl": "pkg:composer/phpunit/phpunit@5.1.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-6bt7-kw89-v3dt" }, { "vulnerability": "VCID-ks7b-f17t-dfd4" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/phpunit/phpunit@5.1.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/291176?format=api", "purl": "pkg:composer/phpunit/phpunit@5.1.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-6bt7-kw89-v3dt" }, { "vulnerability": "VCID-ks7b-f17t-dfd4" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/phpunit/phpunit@5.1.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/291177?format=api", "purl": "pkg:composer/phpunit/phpunit@5.1.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-6bt7-kw89-v3dt" }, { "vulnerability": "VCID-ks7b-f17t-dfd4" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/phpunit/phpunit@5.1.2" }, { "url": "http://public2.vulnerablecode.io/api/packages/291178?format=api", "purl": "pkg:composer/phpunit/phpunit@5.1.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-6bt7-kw89-v3dt" }, { "vulnerability": "VCID-ks7b-f17t-dfd4" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/phpunit/phpunit@5.1.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/291179?format=api", "purl": "pkg:composer/phpunit/phpunit@5.1.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-6bt7-kw89-v3dt" }, { "vulnerability": "VCID-ks7b-f17t-dfd4" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/phpunit/phpunit@5.1.4" }, { "url": "http://public2.vulnerablecode.io/api/packages/291180?format=api", "purl": "pkg:composer/phpunit/phpunit@5.1.5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-6bt7-kw89-v3dt" }, { "vulnerability": "VCID-ks7b-f17t-dfd4" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/phpunit/phpunit@5.1.5" }, { "url": "http://public2.vulnerablecode.io/api/packages/291181?format=api", "purl": "pkg:composer/phpunit/phpunit@5.1.6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-6bt7-kw89-v3dt" }, { "vulnerability": "VCID-ks7b-f17t-dfd4" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/phpunit/phpunit@5.1.6" }, { "url": "http://public2.vulnerablecode.io/api/packages/291182?format=api", "purl": "pkg:composer/phpunit/phpunit@5.1.7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-6bt7-kw89-v3dt" }, { "vulnerability": "VCID-ks7b-f17t-dfd4" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/phpunit/phpunit@5.1.7" }, { "url": "http://public2.vulnerablecode.io/api/packages/291183?format=api", "purl": "pkg:composer/phpunit/phpunit@5.2.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-6bt7-kw89-v3dt" }, { "vulnerability": "VCID-ks7b-f17t-dfd4" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/phpunit/phpunit@5.2.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/291184?format=api", "purl": "pkg:composer/phpunit/phpunit@5.2.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-6bt7-kw89-v3dt" }, { "vulnerability": "VCID-ks7b-f17t-dfd4" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/phpunit/phpunit@5.2.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/291185?format=api", "purl": "pkg:composer/phpunit/phpunit@5.2.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-6bt7-kw89-v3dt" }, { "vulnerability": "VCID-ks7b-f17t-dfd4" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/phpunit/phpunit@5.2.2" }, { "url": "http://public2.vulnerablecode.io/api/packages/291186?format=api", "purl": "pkg:composer/phpunit/phpunit@5.2.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-6bt7-kw89-v3dt" }, { "vulnerability": "VCID-ks7b-f17t-dfd4" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/phpunit/phpunit@5.2.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/291187?format=api", "purl": "pkg:composer/phpunit/phpunit@5.2.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-6bt7-kw89-v3dt" }, { "vulnerability": "VCID-ks7b-f17t-dfd4" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/phpunit/phpunit@5.2.4" }, { "url": "http://public2.vulnerablecode.io/api/packages/291188?format=api", "purl": "pkg:composer/phpunit/phpunit@5.2.5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-6bt7-kw89-v3dt" }, { "vulnerability": "VCID-ks7b-f17t-dfd4" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/phpunit/phpunit@5.2.5" }, { "url": "http://public2.vulnerablecode.io/api/packages/291189?format=api", "purl": "pkg:composer/phpunit/phpunit@5.2.6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-6bt7-kw89-v3dt" }, { "vulnerability": "VCID-ks7b-f17t-dfd4" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/phpunit/phpunit@5.2.6" }, { "url": "http://public2.vulnerablecode.io/api/packages/291190?format=api", "purl": "pkg:composer/phpunit/phpunit@5.2.7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-6bt7-kw89-v3dt" }, { "vulnerability": "VCID-ks7b-f17t-dfd4" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/phpunit/phpunit@5.2.7" }, { "url": "http://public2.vulnerablecode.io/api/packages/291191?format=api", "purl": "pkg:composer/phpunit/phpunit@5.2.8", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-6bt7-kw89-v3dt" }, { "vulnerability": "VCID-ks7b-f17t-dfd4" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/phpunit/phpunit@5.2.8" }, { "url": "http://public2.vulnerablecode.io/api/packages/291192?format=api", "purl": "pkg:composer/phpunit/phpunit@5.2.9", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-6bt7-kw89-v3dt" }, { "vulnerability": "VCID-ks7b-f17t-dfd4" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/phpunit/phpunit@5.2.9" }, { "url": "http://public2.vulnerablecode.io/api/packages/291193?format=api", "purl": "pkg:composer/phpunit/phpunit@5.2.10", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-6bt7-kw89-v3dt" }, { "vulnerability": "VCID-ks7b-f17t-dfd4" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/phpunit/phpunit@5.2.10" }, { "url": "http://public2.vulnerablecode.io/api/packages/291194?format=api", "purl": "pkg:composer/phpunit/phpunit@5.2.11", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-6bt7-kw89-v3dt" }, { "vulnerability": "VCID-ks7b-f17t-dfd4" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/phpunit/phpunit@5.2.11" }, { "url": "http://public2.vulnerablecode.io/api/packages/291195?format=api", "purl": "pkg:composer/phpunit/phpunit@5.2.12", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-6bt7-kw89-v3dt" }, { "vulnerability": "VCID-ks7b-f17t-dfd4" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/phpunit/phpunit@5.2.12" }, { "url": "http://public2.vulnerablecode.io/api/packages/291196?format=api", "purl": "pkg:composer/phpunit/phpunit@5.3.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-6bt7-kw89-v3dt" }, { "vulnerability": "VCID-ks7b-f17t-dfd4" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/phpunit/phpunit@5.3.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/291197?format=api", "purl": "pkg:composer/phpunit/phpunit@5.3.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-6bt7-kw89-v3dt" }, { "vulnerability": "VCID-ks7b-f17t-dfd4" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/phpunit/phpunit@5.3.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/291198?format=api", "purl": "pkg:composer/phpunit/phpunit@5.3.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-6bt7-kw89-v3dt" }, { "vulnerability": "VCID-ks7b-f17t-dfd4" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/phpunit/phpunit@5.3.2" }, { "url": "http://public2.vulnerablecode.io/api/packages/291199?format=api", "purl": "pkg:composer/phpunit/phpunit@5.3.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-6bt7-kw89-v3dt" }, { "vulnerability": "VCID-ks7b-f17t-dfd4" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/phpunit/phpunit@5.3.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/291200?format=api", "purl": "pkg:composer/phpunit/phpunit@5.3.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-6bt7-kw89-v3dt" }, { "vulnerability": "VCID-ks7b-f17t-dfd4" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/phpunit/phpunit@5.3.4" }, { "url": "http://public2.vulnerablecode.io/api/packages/291201?format=api", "purl": "pkg:composer/phpunit/phpunit@5.3.5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-6bt7-kw89-v3dt" }, { "vulnerability": "VCID-ks7b-f17t-dfd4" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/phpunit/phpunit@5.3.5" }, { "url": "http://public2.vulnerablecode.io/api/packages/291202?format=api", "purl": "pkg:composer/phpunit/phpunit@5.4.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-6bt7-kw89-v3dt" }, { "vulnerability": "VCID-ks7b-f17t-dfd4" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/phpunit/phpunit@5.4.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/291203?format=api", "purl": "pkg:composer/phpunit/phpunit@5.4.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-6bt7-kw89-v3dt" }, { "vulnerability": "VCID-ks7b-f17t-dfd4" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/phpunit/phpunit@5.4.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/291204?format=api", "purl": "pkg:composer/phpunit/phpunit@5.4.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-6bt7-kw89-v3dt" }, { "vulnerability": "VCID-ks7b-f17t-dfd4" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/phpunit/phpunit@5.4.2" }, { "url": "http://public2.vulnerablecode.io/api/packages/291205?format=api", "purl": "pkg:composer/phpunit/phpunit@5.4.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-6bt7-kw89-v3dt" }, { "vulnerability": "VCID-ks7b-f17t-dfd4" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/phpunit/phpunit@5.4.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/291206?format=api", "purl": "pkg:composer/phpunit/phpunit@5.4.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-6bt7-kw89-v3dt" }, { "vulnerability": "VCID-ks7b-f17t-dfd4" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/phpunit/phpunit@5.4.4" }, { "url": "http://public2.vulnerablecode.io/api/packages/291207?format=api", "purl": "pkg:composer/phpunit/phpunit@5.4.5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-6bt7-kw89-v3dt" }, { "vulnerability": "VCID-ks7b-f17t-dfd4" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/phpunit/phpunit@5.4.5" }, { "url": "http://public2.vulnerablecode.io/api/packages/291208?format=api", "purl": "pkg:composer/phpunit/phpunit@5.4.6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-6bt7-kw89-v3dt" }, { "vulnerability": "VCID-ks7b-f17t-dfd4" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/phpunit/phpunit@5.4.6" }, { "url": "http://public2.vulnerablecode.io/api/packages/291209?format=api", "purl": "pkg:composer/phpunit/phpunit@5.4.7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-6bt7-kw89-v3dt" }, { "vulnerability": "VCID-ks7b-f17t-dfd4" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/phpunit/phpunit@5.4.7" }, { "url": "http://public2.vulnerablecode.io/api/packages/291210?format=api", "purl": "pkg:composer/phpunit/phpunit@5.4.8", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-6bt7-kw89-v3dt" }, { "vulnerability": "VCID-ks7b-f17t-dfd4" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/phpunit/phpunit@5.4.8" }, { "url": "http://public2.vulnerablecode.io/api/packages/291211?format=api", "purl": "pkg:composer/phpunit/phpunit@5.5.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-6bt7-kw89-v3dt" }, { "vulnerability": "VCID-ks7b-f17t-dfd4" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/phpunit/phpunit@5.5.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/291212?format=api", "purl": "pkg:composer/phpunit/phpunit@5.5.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-6bt7-kw89-v3dt" }, { "vulnerability": "VCID-ks7b-f17t-dfd4" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/phpunit/phpunit@5.5.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/291213?format=api", "purl": "pkg:composer/phpunit/phpunit@5.5.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-6bt7-kw89-v3dt" }, { "vulnerability": "VCID-ks7b-f17t-dfd4" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/phpunit/phpunit@5.5.2" }, { "url": "http://public2.vulnerablecode.io/api/packages/291214?format=api", "purl": "pkg:composer/phpunit/phpunit@5.5.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-6bt7-kw89-v3dt" }, { "vulnerability": "VCID-ks7b-f17t-dfd4" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/phpunit/phpunit@5.5.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/291215?format=api", "purl": "pkg:composer/phpunit/phpunit@5.5.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-6bt7-kw89-v3dt" }, { "vulnerability": "VCID-ks7b-f17t-dfd4" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/phpunit/phpunit@5.5.4" }, { "url": "http://public2.vulnerablecode.io/api/packages/291216?format=api", "purl": "pkg:composer/phpunit/phpunit@5.5.5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-6bt7-kw89-v3dt" }, { "vulnerability": "VCID-ks7b-f17t-dfd4" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/phpunit/phpunit@5.5.5" }, { "url": "http://public2.vulnerablecode.io/api/packages/291217?format=api", "purl": "pkg:composer/phpunit/phpunit@5.5.6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-6bt7-kw89-v3dt" }, { "vulnerability": "VCID-ks7b-f17t-dfd4" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/phpunit/phpunit@5.5.6" }, { "url": "http://public2.vulnerablecode.io/api/packages/291218?format=api", "purl": "pkg:composer/phpunit/phpunit@5.5.7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-6bt7-kw89-v3dt" }, { "vulnerability": "VCID-ks7b-f17t-dfd4" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/phpunit/phpunit@5.5.7" }, { "url": "http://public2.vulnerablecode.io/api/packages/291219?format=api", "purl": "pkg:composer/phpunit/phpunit@5.6.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-6bt7-kw89-v3dt" }, { "vulnerability": "VCID-ks7b-f17t-dfd4" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/phpunit/phpunit@5.6.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/291220?format=api", "purl": "pkg:composer/phpunit/phpunit@5.6.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-6bt7-kw89-v3dt" }, { "vulnerability": "VCID-ks7b-f17t-dfd4" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/phpunit/phpunit@5.6.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/291221?format=api", "purl": "pkg:composer/phpunit/phpunit@5.6.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-6bt7-kw89-v3dt" }, { "vulnerability": "VCID-ks7b-f17t-dfd4" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/phpunit/phpunit@5.6.2" }, { "url": "http://public2.vulnerablecode.io/api/packages/1053116?format=api", "purl": "pkg:deb/debian/phpunit@1.1.1-2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-6bt7-kw89-v3dt" }, { "vulnerability": "VCID-ks7b-f17t-dfd4" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpunit@1.1.1-2" }, { "url": "http://public2.vulnerablecode.io/api/packages/1053117?format=api", "purl": "pkg:deb/debian/phpunit@1.3.2-2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-6bt7-kw89-v3dt" }, { "vulnerability": "VCID-ks7b-f17t-dfd4" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpunit@1.3.2-2" }, { "url": "http://public2.vulnerablecode.io/api/packages/1053118?format=api", "purl": "pkg:deb/debian/phpunit@3.2.16-1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-6bt7-kw89-v3dt" }, { "vulnerability": "VCID-ks7b-f17t-dfd4" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpunit@3.2.16-1" }, { "url": "http://public2.vulnerablecode.io/api/packages/1053119?format=api", "purl": "pkg:deb/debian/phpunit@3.4.14-1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-6bt7-kw89-v3dt" }, { "vulnerability": "VCID-ks7b-f17t-dfd4" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpunit@3.4.14-1" }, { "url": "http://public2.vulnerablecode.io/api/packages/1053120?format=api", "purl": "pkg:deb/debian/phpunit@3.6.10-1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-6bt7-kw89-v3dt" }, { "vulnerability": "VCID-ks7b-f17t-dfd4" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpunit@3.6.10-1" }, { "url": "http://public2.vulnerablecode.io/api/packages/1053121?format=api", "purl": "pkg:deb/debian/phpunit@3.7.28-1~bpo70%2B1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-6bt7-kw89-v3dt" }, { "vulnerability": "VCID-ks7b-f17t-dfd4" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpunit@3.7.28-1~bpo70%252B1" }, { "url": "http://public2.vulnerablecode.io/api/packages/1053122?format=api", "purl": "pkg:deb/debian/phpunit@4.2.6-2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-6bt7-kw89-v3dt" }, { "vulnerability": "VCID-ks7b-f17t-dfd4" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpunit@4.2.6-2" }, { "url": "http://public2.vulnerablecode.io/api/packages/1053123?format=api", "purl": "pkg:deb/debian/phpunit@5.4.6-2~deb9u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-6bt7-kw89-v3dt" }, { "vulnerability": "VCID-ks7b-f17t-dfd4" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpunit@5.4.6-2~deb9u1" } ], "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-9841", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.9421", "scoring_system": "epss", "scoring_elements": "0.99924", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.9421", "scoring_system": "epss", "scoring_elements": "0.99923", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.9421", "scoring_system": "epss", "scoring_elements": "0.99922", "published_at": "2026-04-21T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-9841" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9841", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9841" }, { "reference_url": "https://github.com/sebastianbergmann/phpunit", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/sebastianbergmann/phpunit" }, { "reference_url": "https://github.com/sebastianbergmann/phpunit/commit/284a69fb88a2d0845d23f42974a583d8f59bf5a5", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Act", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-07T14:09:44Z/" } ], "url": "https://github.com/sebastianbergmann/phpunit/commit/284a69fb88a2d0845d23f42974a583d8f59bf5a5" }, { "reference_url": "https://github.com/sebastianbergmann/phpunit/commit/3aaddb1c5bd9b9b8d070b4cf120e71c36fd08412", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/sebastianbergmann/phpunit/commit/3aaddb1c5bd9b9b8d070b4cf120e71c36fd08412" }, { "reference_url": "https://github.com/sebastianbergmann/phpunit/pull/1955", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/sebastianbergmann/phpunit/pull/1955" }, { "reference_url": "https://github.com/sebastianbergmann/phpunit/pull/1956", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Act", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-07T14:09:44Z/" } ], "url": "https://github.com/sebastianbergmann/phpunit/pull/1956" }, { "reference_url": "https://security.gentoo.org/glsa/201711-15", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Act", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-07T14:09:44Z/" } ], "url": "https://security.gentoo.org/glsa/201711-15" }, { "reference_url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2017-9841", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2017-9841" }, { "reference_url": "https://www.oracle.com/security-alerts/cpuoct2021.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Act", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-07T14:09:44Z/" } ], "url": "https://www.oracle.com/security-alerts/cpuoct2021.html" }, { "reference_url": "http://web.archive.org/web/20170701212357/http://phpunit.vulnbusters.com", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://web.archive.org/web/20170701212357/http://phpunit.vulnbusters.com" }, { "reference_url": "http://www.securityfocus.com/bid/101798", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Act", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-07T14:09:44Z/" } ], "url": "http://www.securityfocus.com/bid/101798" }, { "reference_url": "http://www.securitytracker.com/id/1039812", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H" }, { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Act", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-07T14:09:44Z/" } ], "url": "http://www.securitytracker.com/id/1039812" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=866200", "reference_id": "866200", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=866200" }, { "reference_url": "https://security.archlinux.org/AVG-491", "reference_id": "AVG-491", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-491" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/webapps/50702.py", "reference_id": "CVE-2017-9841", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/webapps/50702.py" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2017-9841", "reference_id": "CVE-2017-9841", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-9841" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/phpunit/phpunit/CVE-2017-9841.yaml", "reference_id": "CVE-2017-9841.YAML", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/phpunit/phpunit/CVE-2017-9841.yaml" }, { "reference_url": "https://github.com/advisories/GHSA-r7c9-c69m-rph8", "reference_id": "GHSA-r7c9-c69m-rph8", "reference_type": "", "scores": [ { "value": "CRITICAL", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-r7c9-c69m-rph8" }, { "reference_url": "http://web.archive.org/web/20170701212357/http://phpunit.vulnbusters.com/", "reference_id": "phpunit.vulnbusters.com", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Act", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-07T14:09:44Z/" } ], "url": "http://web.archive.org/web/20170701212357/http://phpunit.vulnbusters.com/" }, { "reference_url": "https://usn.ubuntu.com/7171-1/", "reference_id": "USN-7171-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7171-1/" } ], "weaknesses": [ { "cwe_id": 94, "name": "Improper Control of Generation of Code ('Code Injection')", "description": "The product constructs all or part of a code segment using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the syntax or behavior of the intended code segment." }, { "cwe_id": 937, "name": "OWASP Top Ten 2013 Category A9 - Using Components with Known Vulnerabilities", "description": "Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2013." }, { "cwe_id": 1035, "name": "OWASP Top Ten 2017 Category A9 - Using Components with Known Vulnerabilities", "description": "Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2017." } ], "exploits": [ { "date_added": "2022-02-02", "description": "PHP Unit 4.8.28 - Remote Code Execution (RCE) (Unauthenticated)", "required_action": null, "due_date": null, "notes": null, "known_ransomware_campaign_use": false, "source_date_published": "2022-02-02", "exploit_type": "webapps", "platform": "php", "source_date_updated": "2022-02-02", "data_source": "Exploit-DB", "source_url": "" }, { "date_added": "2022-02-15", "description": "PHPUnit allows remote attackers to execute arbitrary PHP code via HTTP POST data beginning with a \"<?php \" substring, as demonstrated by an attack on a site with an exposed /vendor folder, i.e., external access to the /vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php URI.", "required_action": "Apply updates per vendor instructions.", "due_date": "2022-08-15", "notes": "https://nvd.nist.gov/vuln/detail/CVE-2017-9841", "known_ransomware_campaign_use": false, "source_date_published": null, "exploit_type": null, "platform": null, "source_date_updated": null, "data_source": "KEV", "source_url": null } ], "severity_range_score": "9.0 - 10.0", "exploitability": "2.0", "weighted_severity": "9.0", "risk_score": 10.0, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ks7b-f17t-dfd4" }