Django REST framework

Vulnerability Instance

Lookup for vulnerabilities affecting packages.

Vulnerability_idVCID-qscu-huud-4fbz
SummarySymfony Vulnerable to SQL Injection in PdoAdapter::doClear() via Unsanitized $prefix
Aliases
0
alias CVE-2026-45073
1
alias GHSA-6qh9-h6wf-jgqc
Fixed_packages
0
url pkg:composer/symfony/cache@5.4.52
purl pkg:composer/symfony/cache@5.4.52
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/symfony/cache@5.4.52
1
url pkg:composer/symfony/cache@6.4.40
purl pkg:composer/symfony/cache@6.4.40
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/symfony/cache@6.4.40
2
url pkg:composer/symfony/cache@7.4.12
purl pkg:composer/symfony/cache@7.4.12
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/symfony/cache@7.4.12
3
url pkg:composer/symfony/cache@8.0.12
purl pkg:composer/symfony/cache@8.0.12
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/symfony/cache@8.0.12
4
url pkg:composer/symfony/symfony@5.4.52
purl pkg:composer/symfony/symfony@5.4.52
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/symfony/symfony@5.4.52
5
url pkg:composer/symfony/symfony@6.4.40
purl pkg:composer/symfony/symfony@6.4.40
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/symfony/symfony@6.4.40
6
url pkg:composer/symfony/symfony@7.4.12
purl pkg:composer/symfony/symfony@7.4.12
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/symfony/symfony@7.4.12
7
url pkg:composer/symfony/symfony@8.0.12
purl pkg:composer/symfony/symfony@8.0.12
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/symfony/symfony@8.0.12
8
url pkg:deb/debian/symfony@7.4.12%2Bdfsg-1?distro=trixie
purl pkg:deb/debian/symfony@7.4.12%2Bdfsg-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/symfony@7.4.12%252Bdfsg-1%3Fdistro=trixie
9
url pkg:deb/debian/symfony@7.4.13%2Bdfsg-1
purl pkg:deb/debian/symfony@7.4.13%2Bdfsg-1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/symfony@7.4.13%252Bdfsg-1
10
url pkg:deb/debian/symfony@7.4.13%2Bdfsg-1?distro=trixie
purl pkg:deb/debian/symfony@7.4.13%2Bdfsg-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/symfony@7.4.13%252Bdfsg-1%3Fdistro=trixie
Affected_packages
0
url pkg:composer/symfony/cache@6.0.0
purl pkg:composer/symfony/cache@6.0.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-qscu-huud-4fbz
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/symfony/cache@6.0.0
1
url pkg:composer/symfony/cache@7.0.0
purl pkg:composer/symfony/cache@7.0.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-qscu-huud-4fbz
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/symfony/cache@7.0.0
2
url pkg:composer/symfony/cache@8.0.0
purl pkg:composer/symfony/cache@8.0.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-qscu-huud-4fbz
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/symfony/cache@8.0.0
3
url pkg:composer/symfony/symfony@6.0.0
purl pkg:composer/symfony/symfony@6.0.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2fjn-22pk-p7fx
1
vulnerability VCID-6kq8-5k4z-27f2
2
vulnerability VCID-7pwc-t6vf-eyax
3
vulnerability VCID-9mbr-qumx-8yhz
4
vulnerability VCID-brbn-9szp-2ubx
5
vulnerability VCID-d7r9-9h57-5yen
6
vulnerability VCID-dmsr-jrsf-tqdu
7
vulnerability VCID-gd71-zeaf-zqbr
8
vulnerability VCID-kxff-fp12-qfcu
9
vulnerability VCID-mqjv-9ptq-q3g9
10
vulnerability VCID-mxta-zqzb-nfbv
11
vulnerability VCID-mzxb-ryz7-xbev
12
vulnerability VCID-nsrm-u4km-qqa1
13
vulnerability VCID-qscu-huud-4fbz
14
vulnerability VCID-usft-rqta-eyhg
15
vulnerability VCID-uvpz-6mss-9bgn
16
vulnerability VCID-wtr6-xz9n-uqg3
17
vulnerability VCID-wv5b-2644-w3gf
18
vulnerability VCID-ya1e-7bph-pqgp
19
vulnerability VCID-yzth-mby6-fua5
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/symfony/symfony@6.0.0
4
url pkg:composer/symfony/symfony@7.0.0
purl pkg:composer/symfony/symfony@7.0.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-4e6m-3qj2-67ag
1
vulnerability VCID-4ufx-41vp-ducg
2
vulnerability VCID-5113-3b42-j3eh
3
vulnerability VCID-6kq8-5k4z-27f2
4
vulnerability VCID-8akz-87u4-7uh9
5
vulnerability VCID-8vur-b48u-pqeu
6
vulnerability VCID-9mbr-qumx-8yhz
7
vulnerability VCID-brbn-9szp-2ubx
8
vulnerability VCID-d7r9-9h57-5yen
9
vulnerability VCID-dmsr-jrsf-tqdu
10
vulnerability VCID-dw66-36y1-g7hz
11
vulnerability VCID-gd71-zeaf-zqbr
12
vulnerability VCID-kxff-fp12-qfcu
13
vulnerability VCID-mqjv-9ptq-q3g9
14
vulnerability VCID-mzxb-ryz7-xbev
15
vulnerability VCID-nsrm-u4km-qqa1
16
vulnerability VCID-qscu-huud-4fbz
17
vulnerability VCID-usft-rqta-eyhg
18
vulnerability VCID-wtr6-xz9n-uqg3
19
vulnerability VCID-wv5b-2644-w3gf
20
vulnerability VCID-ya1e-7bph-pqgp
21
vulnerability VCID-yzth-mby6-fua5
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/symfony/symfony@7.0.0
5
url pkg:composer/symfony/symfony@8.0.0
purl pkg:composer/symfony/symfony@8.0.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3rs1-f6qt-vqbn
1
vulnerability VCID-4e6m-3qj2-67ag
2
vulnerability VCID-4ufx-41vp-ducg
3
vulnerability VCID-5113-3b42-j3eh
4
vulnerability VCID-5qmw-a84t-dfge
5
vulnerability VCID-5uge-2gtu-tkdw
6
vulnerability VCID-8akz-87u4-7uh9
7
vulnerability VCID-8vur-b48u-pqeu
8
vulnerability VCID-brbn-9szp-2ubx
9
vulnerability VCID-d7r9-9h57-5yen
10
vulnerability VCID-gd71-zeaf-zqbr
11
vulnerability VCID-hkcs-2mjk-ubhw
12
vulnerability VCID-hvyj-6dw1-v3dm
13
vulnerability VCID-kxff-fp12-qfcu
14
vulnerability VCID-mzxb-ryz7-xbev
15
vulnerability VCID-nsrm-u4km-qqa1
16
vulnerability VCID-qscu-huud-4fbz
17
vulnerability VCID-usft-rqta-eyhg
18
vulnerability VCID-wv5b-2644-w3gf
19
vulnerability VCID-x5hp-7y5c-4qep
20
vulnerability VCID-x92g-y871-7bdk
21
vulnerability VCID-ya1e-7bph-pqgp
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/symfony/symfony@8.0.0
6
url pkg:deb/debian/symfony@4.4.19%2Bdfsg-2%2Bdeb11u6
purl pkg:deb/debian/symfony@4.4.19%2Bdfsg-2%2Bdeb11u6
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-31pu-2pt7-2fh2
1
vulnerability VCID-3rs1-f6qt-vqbn
2
vulnerability VCID-9cfq-wdcw-13f8
3
vulnerability VCID-brbn-9szp-2ubx
4
vulnerability VCID-buyw-5tjv-myem
5
vulnerability VCID-cfca-cgne-4fev
6
vulnerability VCID-d7r9-9h57-5yen
7
vulnerability VCID-gd71-zeaf-zqbr
8
vulnerability VCID-kxff-fp12-qfcu
9
vulnerability VCID-mqjv-9ptq-q3g9
10
vulnerability VCID-mzxb-ryz7-xbev
11
vulnerability VCID-nsrm-u4km-qqa1
12
vulnerability VCID-qscu-huud-4fbz
13
vulnerability VCID-styq-7bbp-pbf6
14
vulnerability VCID-usft-rqta-eyhg
15
vulnerability VCID-wv5b-2644-w3gf
16
vulnerability VCID-ya1e-7bph-pqgp
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/symfony@4.4.19%252Bdfsg-2%252Bdeb11u6
7
url pkg:deb/debian/symfony@4.4.19%2Bdfsg-2%2Bdeb11u6?distro=trixie
purl pkg:deb/debian/symfony@4.4.19%2Bdfsg-2%2Bdeb11u6?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-31pu-2pt7-2fh2
1
vulnerability VCID-3rs1-f6qt-vqbn
2
vulnerability VCID-9cfq-wdcw-13f8
3
vulnerability VCID-brbn-9szp-2ubx
4
vulnerability VCID-buyw-5tjv-myem
5
vulnerability VCID-cfca-cgne-4fev
6
vulnerability VCID-d7r9-9h57-5yen
7
vulnerability VCID-gd71-zeaf-zqbr
8
vulnerability VCID-kxff-fp12-qfcu
9
vulnerability VCID-mqjv-9ptq-q3g9
10
vulnerability VCID-mzxb-ryz7-xbev
11
vulnerability VCID-nsrm-u4km-qqa1
12
vulnerability VCID-qscu-huud-4fbz
13
vulnerability VCID-styq-7bbp-pbf6
14
vulnerability VCID-usft-rqta-eyhg
15
vulnerability VCID-wv5b-2644-w3gf
16
vulnerability VCID-ya1e-7bph-pqgp
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/symfony@4.4.19%252Bdfsg-2%252Bdeb11u6%3Fdistro=trixie
8
url pkg:deb/debian/symfony@5.4.23%2Bdfsg-1%2Bdeb12u5
purl pkg:deb/debian/symfony@5.4.23%2Bdfsg-1%2Bdeb12u5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-31pu-2pt7-2fh2
1
vulnerability VCID-9cfq-wdcw-13f8
2
vulnerability VCID-brbn-9szp-2ubx
3
vulnerability VCID-buyw-5tjv-myem
4
vulnerability VCID-cfca-cgne-4fev
5
vulnerability VCID-d7r9-9h57-5yen
6
vulnerability VCID-gd71-zeaf-zqbr
7
vulnerability VCID-kxff-fp12-qfcu
8
vulnerability VCID-mzxb-ryz7-xbev
9
vulnerability VCID-nsrm-u4km-qqa1
10
vulnerability VCID-qscu-huud-4fbz
11
vulnerability VCID-styq-7bbp-pbf6
12
vulnerability VCID-usft-rqta-eyhg
13
vulnerability VCID-wv5b-2644-w3gf
14
vulnerability VCID-ya1e-7bph-pqgp
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/symfony@5.4.23%252Bdfsg-1%252Bdeb12u5
9
url pkg:deb/debian/symfony@5.4.23%2Bdfsg-1%2Bdeb12u5?distro=trixie
purl pkg:deb/debian/symfony@5.4.23%2Bdfsg-1%2Bdeb12u5?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-31pu-2pt7-2fh2
1
vulnerability VCID-9cfq-wdcw-13f8
2
vulnerability VCID-brbn-9szp-2ubx
3
vulnerability VCID-buyw-5tjv-myem
4
vulnerability VCID-cfca-cgne-4fev
5
vulnerability VCID-d7r9-9h57-5yen
6
vulnerability VCID-gd71-zeaf-zqbr
7
vulnerability VCID-kxff-fp12-qfcu
8
vulnerability VCID-mzxb-ryz7-xbev
9
vulnerability VCID-nsrm-u4km-qqa1
10
vulnerability VCID-qscu-huud-4fbz
11
vulnerability VCID-styq-7bbp-pbf6
12
vulnerability VCID-usft-rqta-eyhg
13
vulnerability VCID-wv5b-2644-w3gf
14
vulnerability VCID-ya1e-7bph-pqgp
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/symfony@5.4.23%252Bdfsg-1%252Bdeb12u5%3Fdistro=trixie
10
url pkg:deb/debian/symfony@6.4.21%2Bdfsg-2%2Bdeb13u1
purl pkg:deb/debian/symfony@6.4.21%2Bdfsg-2%2Bdeb13u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-31pu-2pt7-2fh2
1
vulnerability VCID-3rs1-f6qt-vqbn
2
vulnerability VCID-4e6m-3qj2-67ag
3
vulnerability VCID-4ufx-41vp-ducg
4
vulnerability VCID-5113-3b42-j3eh
5
vulnerability VCID-5qmw-a84t-dfge
6
vulnerability VCID-8akz-87u4-7uh9
7
vulnerability VCID-8vur-b48u-pqeu
8
vulnerability VCID-9cfq-wdcw-13f8
9
vulnerability VCID-brbn-9szp-2ubx
10
vulnerability VCID-btxp-ywr3-ukgj
11
vulnerability VCID-buyw-5tjv-myem
12
vulnerability VCID-cfca-cgne-4fev
13
vulnerability VCID-d7r9-9h57-5yen
14
vulnerability VCID-fh6h-dyx9-83h1
15
vulnerability VCID-gd71-zeaf-zqbr
16
vulnerability VCID-kxff-fp12-qfcu
17
vulnerability VCID-mzxb-ryz7-xbev
18
vulnerability VCID-nsrm-u4km-qqa1
19
vulnerability VCID-qscu-huud-4fbz
20
vulnerability VCID-styq-7bbp-pbf6
21
vulnerability VCID-usft-rqta-eyhg
22
vulnerability VCID-wv5b-2644-w3gf
23
vulnerability VCID-ya1e-7bph-pqgp
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/symfony@6.4.21%252Bdfsg-2%252Bdeb13u1
11
url pkg:deb/debian/symfony@6.4.21%2Bdfsg-2%2Bdeb13u1?distro=trixie
purl pkg:deb/debian/symfony@6.4.21%2Bdfsg-2%2Bdeb13u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-31pu-2pt7-2fh2
1
vulnerability VCID-3rs1-f6qt-vqbn
2
vulnerability VCID-4e6m-3qj2-67ag
3
vulnerability VCID-4ufx-41vp-ducg
4
vulnerability VCID-5113-3b42-j3eh
5
vulnerability VCID-5qmw-a84t-dfge
6
vulnerability VCID-8akz-87u4-7uh9
7
vulnerability VCID-8vur-b48u-pqeu
8
vulnerability VCID-9cfq-wdcw-13f8
9
vulnerability VCID-brbn-9szp-2ubx
10
vulnerability VCID-btxp-ywr3-ukgj
11
vulnerability VCID-buyw-5tjv-myem
12
vulnerability VCID-cfca-cgne-4fev
13
vulnerability VCID-d7r9-9h57-5yen
14
vulnerability VCID-fh6h-dyx9-83h1
15
vulnerability VCID-gd71-zeaf-zqbr
16
vulnerability VCID-kxff-fp12-qfcu
17
vulnerability VCID-mzxb-ryz7-xbev
18
vulnerability VCID-nsrm-u4km-qqa1
19
vulnerability VCID-qscu-huud-4fbz
20
vulnerability VCID-styq-7bbp-pbf6
21
vulnerability VCID-usft-rqta-eyhg
22
vulnerability VCID-wv5b-2644-w3gf
23
vulnerability VCID-ya1e-7bph-pqgp
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/symfony@6.4.21%252Bdfsg-2%252Bdeb13u1%3Fdistro=trixie
References
0
reference_url https://github.com/symfony/symfony
reference_id
reference_type
scores
0
value 5.0
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:L/SC:N/SI:N/SA:N/E:U
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/symfony/symfony
1
reference_url https://github.com/symfony/symfony/commit/ec50b799d79ebe24561f29351c1efcb6da95c9b
reference_id
reference_type
scores
0
value 5.0
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:L/SC:N/SI:N/SA:N/E:U
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/symfony/symfony/commit/ec50b799d79ebe24561f29351c1efcb6da95c9b
2
reference_url https://symfony.com/cve-2026-45073
reference_id CVE-2026-45073
reference_type
scores
0
value 5.0
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:L/SC:N/SI:N/SA:N/E:U
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://symfony.com/cve-2026-45073
3
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/symfony/cache/CVE-2026-45073.yaml
reference_id CVE-2026-45073.YAML
reference_type
scores
0
value 5.0
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:L/SC:N/SI:N/SA:N/E:U
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/symfony/cache/CVE-2026-45073.yaml
4
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/symfony/symfony/CVE-2026-45073.yaml
reference_id CVE-2026-45073.YAML
reference_type
scores
0
value 5.0
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:L/SC:N/SI:N/SA:N/E:U
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/symfony/symfony/CVE-2026-45073.yaml
5
reference_url https://github.com/advisories/GHSA-6qh9-h6wf-jgqc
reference_id GHSA-6qh9-h6wf-jgqc
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-6qh9-h6wf-jgqc
6
reference_url https://github.com/symfony/symfony/security/advisories/GHSA-6qh9-h6wf-jgqc
reference_id GHSA-6qh9-h6wf-jgqc
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
1
value 5.0
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:L/SC:N/SI:N/SA:N/E:U
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/symfony/symfony/security/advisories/GHSA-6qh9-h6wf-jgqc
Weaknesses
0
cwe_id 89
name Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
description The product constructs all or part of an SQL command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended SQL command when it is sent to a downstream component.
Exploits
Severity_range_score4.0 - 6.9
Exploitability0.5
Weighted_severity6.2
Risk_score3.1
Resource_urlhttp://public2.vulnerablecode.io/vulnerabilities/VCID-qscu-huud-4fbz