Django REST framework

Vulnerability Instance

Lookup for vulnerabilities affecting packages.

Vulnerability_idVCID-xjye-c992-3ydq
SummaryTYPO3 Unrestricted File Upload vulnerability
Aliases
0
alias CVE-2008-2717
1
alias GHSA-f35p-hcwf-9f9f
Fixed_packages
Affected_packages
0
url pkg:composer/typo3/cms-core@4.0.0
purl pkg:composer/typo3/cms-core@4.0.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-xjye-c992-3ydq
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@4.0.0
1
url pkg:composer/typo3/cms-core@4.1.0
purl pkg:composer/typo3/cms-core@4.1.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-n2w3-4hcd-kqgc
1
vulnerability VCID-xjye-c992-3ydq
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@4.1.0
2
url pkg:composer/typo3/cms-core@4.2.0
purl pkg:composer/typo3/cms-core@4.2.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-ccxq-cgyp-vydn
1
vulnerability VCID-n2w3-4hcd-kqgc
2
vulnerability VCID-xjye-c992-3ydq
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@4.2.0
References
0
reference_url http://buzz.typo3.org/teams/security/article/advice-on-core-security-issue-regarding-filedenypattern
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://buzz.typo3.org/teams/security/article/advice-on-core-security-issue-regarding-filedenypattern
1
reference_url http://buzz.typo3.org/teams/security/article/advice-on-core-security-issue-regarding-filedenypattern/
reference_id
reference_type
scores
url http://buzz.typo3.org/teams/security/article/advice-on-core-security-issue-regarding-filedenypattern/
2
reference_url https://api.first.org/data/v1/epss?cve=CVE-2008-2717
reference_id
reference_type
scores
0
value 0.00214
scoring_system epss
scoring_elements 0.44035
published_at 2026-06-11T12:55:00Z
1
value 0.00214
scoring_system epss
scoring_elements 0.44196
published_at 2026-06-14T12:55:00Z
2
value 0.00214
scoring_system epss
scoring_elements 0.44207
published_at 2026-06-13T12:55:00Z
3
value 0.00214
scoring_system epss
scoring_elements 0.44188
published_at 2026-06-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2008-2717
3
reference_url https://exchange.xforce.ibmcloud.com/vulnerabilities/42988
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://exchange.xforce.ibmcloud.com/vulnerabilities/42988
4
reference_url https://github.com/TYPO3-CMS/core
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/TYPO3-CMS/core
5
reference_url https://web.archive.org/web/20080815050856/http://securityreason.com/securityalert/3945
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20080815050856/http://securityreason.com/securityalert/3945
6
reference_url https://web.archive.org/web/20081201212626/http://secunia.com/advisories/30619
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20081201212626/http://secunia.com/advisories/30619
7
reference_url https://web.archive.org/web/20081206030529/http://secunia.com/advisories/30660
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20081206030529/http://secunia.com/advisories/30660
8
reference_url https://web.archive.org/web/20200228131005/http://www.securityfocus.com/bid/29657
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20200228131005/http://www.securityfocus.com/bid/29657
9
reference_url https://web.archive.org/web/20201208012148/http://www.securityfocus.com/archive/1/493270/100/0/threaded
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20201208012148/http://www.securityfocus.com/archive/1/493270/100/0/threaded
10
reference_url http://typo3.org/teams/security/security-bulletins/typo3-20080611-1
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://typo3.org/teams/security/security-bulletins/typo3-20080611-1
11
reference_url http://typo3.org/teams/security/security-bulletins/typo3-20080611-1/
reference_id
reference_type
scores
url http://typo3.org/teams/security/security-bulletins/typo3-20080611-1/
12
reference_url http://www.debian.org/security/2008/dsa-1596
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.debian.org/security/2008/dsa-1596
13
reference_url https://nvd.nist.gov/vuln/detail/CVE-2008-2717
reference_id CVE-2008-2717
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2008-2717
14
reference_url https://github.com/advisories/GHSA-f35p-hcwf-9f9f
reference_id GHSA-f35p-hcwf-9f9f
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-f35p-hcwf-9f9f
Weaknesses
0
cwe_id 434
name Unrestricted Upload of File with Dangerous Type
description The product allows the attacker to upload or transfer files of dangerous types that can be automatically processed within the product's environment.
1
cwe_id 1035
name OWASP Top Ten 2017 Category A9 - Using Components with Known Vulnerabilities
description Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2017.
2
cwe_id 264
name Permissions, Privileges, and Access Controls
description Weaknesses in this category are related to the management of permissions, privileges, and other security features that are used to perform access control.
3
cwe_id 937
name OWASP Top Ten 2013 Category A9 - Using Components with Known Vulnerabilities
description Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2013.
Exploits
Severity_range_score4.0 - 6.9
Exploitability0.5
Weighted_severity6.2
Risk_score3.1
Resource_urlhttp://public2.vulnerablecode.io/vulnerabilities/VCID-xjye-c992-3ydq