Django REST framework

Vulnerability Instance

Lookup for vulnerabilities affecting packages.

Vulnerability_idVCID-v6ps-emz1-dyf7
Summary
Aliases
0
alias CVE-2026-45063
1
alias GHSA-ph86-p8f6-f9r2
Fixed_packages
0
url pkg:composer/symfony/security-http@5.4.52
purl pkg:composer/symfony/security-http@5.4.52
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/symfony/security-http@5.4.52
1
url pkg:composer/symfony/security-http@6.4.40
purl pkg:composer/symfony/security-http@6.4.40
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/symfony/security-http@6.4.40
2
url pkg:composer/symfony/security-http@7.4.12
purl pkg:composer/symfony/security-http@7.4.12
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/symfony/security-http@7.4.12
3
url pkg:composer/symfony/security-http@8.0.12
purl pkg:composer/symfony/security-http@8.0.12
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/symfony/security-http@8.0.12
4
url pkg:composer/symfony/symfony@5.4.52
purl pkg:composer/symfony/symfony@5.4.52
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/symfony/symfony@5.4.52
5
url pkg:composer/symfony/symfony@6.4.40
purl pkg:composer/symfony/symfony@6.4.40
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/symfony/symfony@6.4.40
6
url pkg:composer/symfony/symfony@7.4.12
purl pkg:composer/symfony/symfony@7.4.12
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/symfony/symfony@7.4.12
7
url pkg:composer/symfony/symfony@8.0.12
purl pkg:composer/symfony/symfony@8.0.12
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/symfony/symfony@8.0.12
8
url pkg:deb/debian/symfony@5.4.23%2Bdfsg-1%2Bdeb12u5?distro=trixie
purl pkg:deb/debian/symfony@5.4.23%2Bdfsg-1%2Bdeb12u5?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-erkb-sxtf-nkg2
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/symfony@5.4.23%252Bdfsg-1%252Bdeb12u5%3Fdistro=trixie
9
url pkg:deb/debian/symfony@5.4.23%2Bdfsg-1%2Bdeb12u5
purl pkg:deb/debian/symfony@5.4.23%2Bdfsg-1%2Bdeb12u5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-erkb-sxtf-nkg2
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/symfony@5.4.23%252Bdfsg-1%252Bdeb12u5
10
url pkg:deb/debian/symfony@5.4.53%2Bdfsg-0%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/symfony@5.4.53%2Bdfsg-0%2Bdeb12u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/symfony@5.4.53%252Bdfsg-0%252Bdeb12u1%3Fdistro=trixie
11
url pkg:deb/debian/symfony@6.4.21%2Bdfsg-2%2Bdeb13u1?distro=trixie
purl pkg:deb/debian/symfony@6.4.21%2Bdfsg-2%2Bdeb13u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-erkb-sxtf-nkg2
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/symfony@6.4.21%252Bdfsg-2%252Bdeb13u1%3Fdistro=trixie
12
url pkg:deb/debian/symfony@6.4.41%2Bdfsg-0%2Bdeb13u1?distro=trixie
purl pkg:deb/debian/symfony@6.4.41%2Bdfsg-0%2Bdeb13u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/symfony@6.4.41%252Bdfsg-0%252Bdeb13u1%3Fdistro=trixie
13
url pkg:deb/debian/symfony@7.4.12%2Bdfsg-1?distro=trixie
purl pkg:deb/debian/symfony@7.4.12%2Bdfsg-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/symfony@7.4.12%252Bdfsg-1%3Fdistro=trixie
14
url pkg:deb/debian/symfony@7.4.13%2Bdfsg-1?distro=trixie
purl pkg:deb/debian/symfony@7.4.13%2Bdfsg-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/symfony@7.4.13%252Bdfsg-1%3Fdistro=trixie
15
url pkg:deb/debian/symfony@7.4.13%2Bdfsg-2?distro=trixie
purl pkg:deb/debian/symfony@7.4.13%2Bdfsg-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/symfony@7.4.13%252Bdfsg-2%3Fdistro=trixie
Affected_packages
0
url pkg:composer/symfony/security-http@6.0.0-BETA1
purl pkg:composer/symfony/security-http@6.0.0-BETA1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-erkb-sxtf-nkg2
1
vulnerability VCID-ugbv-tv7h-vqhx
2
vulnerability VCID-v6ps-emz1-dyf7
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/symfony/security-http@6.0.0-BETA1
1
url pkg:composer/symfony/security-http@7.0.0-BETA1
purl pkg:composer/symfony/security-http@7.0.0-BETA1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-erkb-sxtf-nkg2
1
vulnerability VCID-ugbv-tv7h-vqhx
2
vulnerability VCID-v6ps-emz1-dyf7
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/symfony/security-http@7.0.0-BETA1
2
url pkg:composer/symfony/security-http@8.0.0-BETA1
purl pkg:composer/symfony/security-http@8.0.0-BETA1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-v6ps-emz1-dyf7
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/symfony/security-http@8.0.0-BETA1
3
url pkg:composer/symfony/symfony@6.0.0-BETA1
purl pkg:composer/symfony/symfony@6.0.0-BETA1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-v6ps-emz1-dyf7
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/symfony/symfony@6.0.0-BETA1
4
url pkg:composer/symfony/symfony@7.0.0-BETA1
purl pkg:composer/symfony/symfony@7.0.0-BETA1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-v6ps-emz1-dyf7
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/symfony/symfony@7.0.0-BETA1
5
url pkg:composer/symfony/symfony@8.0.0-BETA1
purl pkg:composer/symfony/symfony@8.0.0-BETA1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-v6ps-emz1-dyf7
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/symfony/symfony@8.0.0-BETA1
6
url pkg:deb/debian/symfony@4.4.19%2Bdfsg-2%2Bdeb11u6?distro=trixie
purl pkg:deb/debian/symfony@4.4.19%2Bdfsg-2%2Bdeb11u6?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1pc9-4jbr-3fhc
1
vulnerability VCID-35re-tren-cugq
2
vulnerability VCID-3vye-18hy-g3fe
3
vulnerability VCID-478d-h11p-3ug2
4
vulnerability VCID-6juv-bmep-e7ap
5
vulnerability VCID-8knv-mxc6-fqgd
6
vulnerability VCID-9cy2-jqaz-fyh3
7
vulnerability VCID-bufg-g7uk-73fg
8
vulnerability VCID-cgmu-1un1-mbb5
9
vulnerability VCID-erkb-sxtf-nkg2
10
vulnerability VCID-hssw-scdz-ryd6
11
vulnerability VCID-hv18-15ee-2yf1
12
vulnerability VCID-k1ya-kxak-9qf8
13
vulnerability VCID-nn8d-7fuj-hbdc
14
vulnerability VCID-v6ps-emz1-dyf7
15
vulnerability VCID-vvhq-xt12-nbez
16
vulnerability VCID-xu6g-xjg8-67ew
17
vulnerability VCID-zws9-ffpd-5ffw
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/symfony@4.4.19%252Bdfsg-2%252Bdeb11u6%3Fdistro=trixie
7
url pkg:deb/debian/symfony@4.4.19%2Bdfsg-2%2Bdeb11u6
purl pkg:deb/debian/symfony@4.4.19%2Bdfsg-2%2Bdeb11u6
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1pc9-4jbr-3fhc
1
vulnerability VCID-35re-tren-cugq
2
vulnerability VCID-3vye-18hy-g3fe
3
vulnerability VCID-478d-h11p-3ug2
4
vulnerability VCID-6aj5-vhfg-qkgk
5
vulnerability VCID-6juv-bmep-e7ap
6
vulnerability VCID-8knv-mxc6-fqgd
7
vulnerability VCID-8trz-ymga-uqdb
8
vulnerability VCID-9cy2-jqaz-fyh3
9
vulnerability VCID-bufg-g7uk-73fg
10
vulnerability VCID-cgmu-1un1-mbb5
11
vulnerability VCID-erkb-sxtf-nkg2
12
vulnerability VCID-hssw-scdz-ryd6
13
vulnerability VCID-hv18-15ee-2yf1
14
vulnerability VCID-k1ya-kxak-9qf8
15
vulnerability VCID-nn8d-7fuj-hbdc
16
vulnerability VCID-v6ps-emz1-dyf7
17
vulnerability VCID-vvhq-xt12-nbez
18
vulnerability VCID-xu6g-xjg8-67ew
19
vulnerability VCID-zws9-ffpd-5ffw
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/symfony@4.4.19%252Bdfsg-2%252Bdeb11u6
References
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-45063
reference_id
reference_type
scores
0
value 0.00054
scoring_system epss
scoring_elements 0.17344
published_at 2026-06-13T12:55:00Z
1
value 0.00054
scoring_system epss
scoring_elements 0.17329
published_at 2026-06-12T12:55:00Z
2
value 0.00069
scoring_system epss
scoring_elements 0.21493
published_at 2026-06-14T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-45063
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-45063
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-45063
2
reference_url https://github.com/symfony/symfony
reference_id
reference_type
scores
0
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/symfony/symfony
3
reference_url https://github.com/symfony/symfony/commit/ccb3f724c7ff55670a6fe3521c7bf1514cceb478
reference_id
reference_type
scores
0
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/symfony/symfony/commit/ccb3f724c7ff55670a6fe3521c7bf1514cceb478
4
reference_url https://symfony.com/cve-2026-45063
reference_id CVE-2026-45063
reference_type
scores
0
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://symfony.com/cve-2026-45063
5
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/symfony/security-http/CVE-2026-45063.yaml
reference_id CVE-2026-45063.YAML
reference_type
scores
0
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/symfony/security-http/CVE-2026-45063.yaml
6
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/symfony/symfony/CVE-2026-45063.yaml
reference_id CVE-2026-45063.YAML
reference_type
scores
0
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/symfony/symfony/CVE-2026-45063.yaml
7
reference_url https://github.com/advisories/GHSA-ph86-p8f6-f9r2
reference_id GHSA-ph86-p8f6-f9r2
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-ph86-p8f6-f9r2
8
reference_url https://github.com/symfony/symfony/security/advisories/GHSA-ph86-p8f6-f9r2
reference_id GHSA-ph86-p8f6-f9r2
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/symfony/symfony/security/advisories/GHSA-ph86-p8f6-f9r2
Weaknesses
0
cwe_id 290
name Authentication Bypass by Spoofing
description This attack-focused weakness is caused by incorrectly implemented authentication schemes that are subject to spoofing attacks.
Exploits
Severity_range_score7.0 - 8.9
Exploitability0.5
Weighted_severity8.0
Risk_score4.0
Resource_urlhttp://public2.vulnerablecode.io/vulnerabilities/VCID-v6ps-emz1-dyf7