{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/360900?format=json","vulnerability_id":"VCID-4nzp-mvbw-5kax","summary":"CakePHP vulnerable to Denial of Service attack through XML payloads\nRequestHandlerComponent had a vulnerability that would allow well crafted requests to create a denial of service attack. RequestHandlerComponent leverages `Xml::build()` which allows reading local files. We recommend that all applications using RequestHandlerComponent upgrade, or disable parsing XML payloads.","aliases":[{"alias":"GHSA-q79m-c546-2g63"},{"alias":"GMS-2023-71"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/401310?format=json","purl":"pkg:composer/cakephp/cakephp@2.5.0-RC1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-251n-1k53-57dd"},{"vulnerability":"VCID-3cx6-dpsf-xkhw"},{"vulnerability":"VCID-74cw-ufme-5yfh"},{"vulnerability":"VCID-pndg-eaey-2ydk"},{"vulnerability":"VCID-ufhs-run3-kqag"},{"vulnerability":"VCID-yrzx-r3q3-43ej"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/cakephp/cakephp@2.5.0-RC1"},{"url":"http://public2.vulnerablecode.io/api/packages/404347?format=json","purl":"pkg:composer/cakephp/cakephp@2.6.0-RC1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-251n-1k53-57dd"},{"vulnerability":"VCID-3cx6-dpsf-xkhw"},{"vulnerability":"VCID-74cw-ufme-5yfh"},{"vulnerability":"VCID-yrzx-r3q3-43ej"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/cakephp/cakephp@2.6.0-RC1"},{"url":"http://public2.vulnerablecode.io/api/packages/379969?format=json","purl":"pkg:composer/cakephp/cakephp@2.6.6","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-251n-1k53-57dd"},{"vulnerability":"VCID-3cx6-dpsf-xkhw"},{"vulnerability":"VCID-74cw-ufme-5yfh"},{"vulnerability":"VCID-nsq5-7j7c-hbak"},{"vulnerability":"VCID-pjc3-66nj-mqe6"},{"vulnerability":"VCID-pndg-eaey-2ydk"},{"vulnerability":"VCID-tuaz-rx17-huc6"},{"vulnerability":"VCID-ufhs-run3-kqag"},{"vulnerability":"VCID-v1q2-grgw-2fg2"},{"vulnerability":"VCID-yrzx-r3q3-43ej"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/cakephp/cakephp@2.6.6"},{"url":"http://public2.vulnerablecode.io/api/packages/379967?format=json","purl":"pkg:composer/cakephp/cakephp@3.0.6","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-251n-1k53-57dd"},{"vulnerability":"VCID-3cx6-dpsf-xkhw"},{"vulnerability":"VCID-74cw-ufme-5yfh"},{"vulnerability":"VCID-9fz7-k62h-eydd"},{"vulnerability":"VCID-nsq5-7j7c-hbak"},{"vulnerability":"VCID-pjc3-66nj-mqe6"},{"vulnerability":"VCID-yrzx-r3q3-43ej"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/cakephp/cakephp@3.0.6"}],"affected_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/388149?format=json","purl":"pkg:composer/cakephp/cakephp@2.0.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4nzp-mvbw-5kax"},{"vulnerability":"VCID-8uvs-ff4c-gbf4"},{"vulnerability":"VCID-d5gm-79q5-hyg6"},{"vulnerability":"VCID-nsq5-7j7c-hbak"},{"vulnerability":"VCID-pjc3-66nj-mqe6"},{"vulnerability":"VCID-tuaz-rx17-huc6"},{"vulnerability":"VCID-v1q2-grgw-2fg2"},{"vulnerability":"VCID-yzq8-e9u1-3bbe"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/cakephp/cakephp@2.0.0"},{"url":"http://public2.vulnerablecode.io/api/packages/388411?format=json","purl":"pkg:composer/cakephp/cakephp@2.1.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4nzp-mvbw-5kax"},{"vulnerability":"VCID-nsq5-7j7c-hbak"},{"vulnerability":"VCID-pjc3-66nj-mqe6"},{"vulnerability":"VCID-tuaz-rx17-huc6"},{"vulnerability":"VCID-v1q2-grgw-2fg2"},{"vulnerability":"VCID-yzq8-e9u1-3bbe"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/cakephp/cakephp@2.1.0"},{"url":"http://public2.vulnerablecode.io/api/packages/388412?format=json","purl":"pkg:composer/cakephp/cakephp@2.2.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4nzp-mvbw-5kax"},{"vulnerability":"VCID-nsq5-7j7c-hbak"},{"vulnerability":"VCID-pjc3-66nj-mqe6"},{"vulnerability":"VCID-tuaz-rx17-huc6"},{"vulnerability":"VCID-v1q2-grgw-2fg2"},{"vulnerability":"VCID-yzq8-e9u1-3bbe"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/cakephp/cakephp@2.2.0"},{"url":"http://public2.vulnerablecode.io/api/packages/388413?format=json","purl":"pkg:composer/cakephp/cakephp@2.3.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4nzp-mvbw-5kax"},{"vulnerability":"VCID-nsq5-7j7c-hbak"},{"vulnerability":"VCID-pjc3-66nj-mqe6"},{"vulnerability":"VCID-tuaz-rx17-huc6"},{"vulnerability":"VCID-v1q2-grgw-2fg2"},{"vulnerability":"VCID-yzq8-e9u1-3bbe"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/cakephp/cakephp@2.3.0"},{"url":"http://public2.vulnerablecode.io/api/packages/388414?format=json","purl":"pkg:composer/cakephp/cakephp@2.4.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4nzp-mvbw-5kax"},{"vulnerability":"VCID-nsq5-7j7c-hbak"},{"vulnerability":"VCID-pjc3-66nj-mqe6"},{"vulnerability":"VCID-tuaz-rx17-huc6"},{"vulnerability":"VCID-v1q2-grgw-2fg2"},{"vulnerability":"VCID-yzq8-e9u1-3bbe"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/cakephp/cakephp@2.4.0"},{"url":"http://public2.vulnerablecode.io/api/packages/401307?format=json","purl":"pkg:composer/cakephp/cakephp@2.4.5","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-251n-1k53-57dd"},{"vulnerability":"VCID-3cx6-dpsf-xkhw"},{"vulnerability":"VCID-4nzp-mvbw-5kax"},{"vulnerability":"VCID-74cw-ufme-5yfh"},{"vulnerability":"VCID-8uvs-ff4c-gbf4"},{"vulnerability":"VCID-d5gm-79q5-hyg6"},{"vulnerability":"VCID-nsq5-7j7c-hbak"},{"vulnerability":"VCID-pjc3-66nj-mqe6"},{"vulnerability":"VCID-pndg-eaey-2ydk"},{"vulnerability":"VCID-tuaz-rx17-huc6"},{"vulnerability":"VCID-ufhs-run3-kqag"},{"vulnerability":"VCID-v1q2-grgw-2fg2"},{"vulnerability":"VCID-yrzx-r3q3-43ej"},{"vulnerability":"VCID-yzq8-e9u1-3bbe"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/cakephp/cakephp@2.4.5"},{"url":"http://public2.vulnerablecode.io/api/packages/401308?format=json","purl":"pkg:composer/cakephp/cakephp@2.4.6","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-251n-1k53-57dd"},{"vulnerability":"VCID-3cx6-dpsf-xkhw"},{"vulnerability":"VCID-4nzp-mvbw-5kax"},{"vulnerability":"VCID-74cw-ufme-5yfh"},{"vulnerability":"VCID-8uvs-ff4c-gbf4"},{"vulnerability":"VCID-d5gm-79q5-hyg6"},{"vulnerability":"VCID-nsq5-7j7c-hbak"},{"vulnerability":"VCID-pjc3-66nj-mqe6"},{"vulnerability":"VCID-pndg-eaey-2ydk"},{"vulnerability":"VCID-tuaz-rx17-huc6"},{"vulnerability":"VCID-ufhs-run3-kqag"},{"vulnerability":"VCID-v1q2-grgw-2fg2"},{"vulnerability":"VCID-yrzx-r3q3-43ej"},{"vulnerability":"VCID-yzq8-e9u1-3bbe"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/cakephp/cakephp@2.4.6"},{"url":"http://public2.vulnerablecode.io/api/packages/401309?format=json","purl":"pkg:composer/cakephp/cakephp@2.4.7","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-251n-1k53-57dd"},{"vulnerability":"VCID-3cx6-dpsf-xkhw"},{"vulnerability":"VCID-4nzp-mvbw-5kax"},{"vulnerability":"VCID-74cw-ufme-5yfh"},{"vulnerability":"VCID-8uvs-ff4c-gbf4"},{"vulnerability":"VCID-d5gm-79q5-hyg6"},{"vulnerability":"VCID-nsq5-7j7c-hbak"},{"vulnerability":"VCID-pjc3-66nj-mqe6"},{"vulnerability":"VCID-pndg-eaey-2ydk"},{"vulnerability":"VCID-tuaz-rx17-huc6"},{"vulnerability":"VCID-ufhs-run3-kqag"},{"vulnerability":"VCID-v1q2-grgw-2fg2"},{"vulnerability":"VCID-yrzx-r3q3-43ej"},{"vulnerability":"VCID-yzq8-e9u1-3bbe"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/cakephp/cakephp@2.4.7"},{"url":"http://public2.vulnerablecode.io/api/packages/379959?format=json","purl":"pkg:composer/cakephp/cakephp@2.4.8","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-251n-1k53-57dd"},{"vulnerability":"VCID-3cx6-dpsf-xkhw"},{"vulnerability":"VCID-4nzp-mvbw-5kax"},{"vulnerability":"VCID-74cw-ufme-5yfh"},{"vulnerability":"VCID-nsq5-7j7c-hbak"},{"vulnerability":"VCID-pjc3-66nj-mqe6"},{"vulnerability":"VCID-pndg-eaey-2ydk"},{"vulnerability":"VCID-tuaz-rx17-huc6"},{"vulnerability":"VCID-ufhs-run3-kqag"},{"vulnerability":"VCID-v1q2-grgw-2fg2"},{"vulnerability":"VCID-yrzx-r3q3-43ej"},{"vulnerability":"VCID-yzq8-e9u1-3bbe"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/cakephp/cakephp@2.4.8"},{"url":"http://public2.vulnerablecode.io/api/packages/404337?format=json","purl":"pkg:composer/cakephp/cakephp@2.4.9","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-251n-1k53-57dd"},{"vulnerability":"VCID-3cx6-dpsf-xkhw"},{"vulnerability":"VCID-4nzp-mvbw-5kax"},{"vulnerability":"VCID-74cw-ufme-5yfh"},{"vulnerability":"VCID-nsq5-7j7c-hbak"},{"vulnerability":"VCID-pjc3-66nj-mqe6"},{"vulnerability":"VCID-pndg-eaey-2ydk"},{"vulnerability":"VCID-tuaz-rx17-huc6"},{"vulnerability":"VCID-ufhs-run3-kqag"},{"vulnerability":"VCID-v1q2-grgw-2fg2"},{"vulnerability":"VCID-yrzx-r3q3-43ej"},{"vulnerability":"VCID-yzq8-e9u1-3bbe"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/cakephp/cakephp@2.4.9"},{"url":"http://public2.vulnerablecode.io/api/packages/404338?format=json","purl":"pkg:composer/cakephp/cakephp@2.4.10","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-251n-1k53-57dd"},{"vulnerability":"VCID-3cx6-dpsf-xkhw"},{"vulnerability":"VCID-4nzp-mvbw-5kax"},{"vulnerability":"VCID-74cw-ufme-5yfh"},{"vulnerability":"VCID-nsq5-7j7c-hbak"},{"vulnerability":"VCID-pjc3-66nj-mqe6"},{"vulnerability":"VCID-pndg-eaey-2ydk"},{"vulnerability":"VCID-tuaz-rx17-huc6"},{"vulnerability":"VCID-ufhs-run3-kqag"},{"vulnerability":"VCID-v1q2-grgw-2fg2"},{"vulnerability":"VCID-yrzx-r3q3-43ej"},{"vulnerability":"VCID-yzq8-e9u1-3bbe"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/cakephp/cakephp@2.4.10"},{"url":"http://public2.vulnerablecode.io/api/packages/388415?format=json","purl":"pkg:composer/cakephp/cakephp@2.5.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-251n-1k53-57dd"},{"vulnerability":"VCID-3cx6-dpsf-xkhw"},{"vulnerability":"VCID-4nzp-mvbw-5kax"},{"vulnerability":"VCID-74cw-ufme-5yfh"},{"vulnerability":"VCID-nsq5-7j7c-hbak"},{"vulnerability":"VCID-pjc3-66nj-mqe6"},{"vulnerability":"VCID-pndg-eaey-2ydk"},{"vulnerability":"VCID-tuaz-rx17-huc6"},{"vulnerability":"VCID-ufhs-run3-kqag"},{"vulnerability":"VCID-v1q2-grgw-2fg2"},{"vulnerability":"VCID-yrzx-r3q3-43ej"},{"vulnerability":"VCID-yzq8-e9u1-3bbe"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/cakephp/cakephp@2.5.0"},{"url":"http://public2.vulnerablecode.io/api/packages/404339?format=json","purl":"pkg:composer/cakephp/cakephp@2.5.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-251n-1k53-57dd"},{"vulnerability":"VCID-3cx6-dpsf-xkhw"},{"vulnerability":"VCID-4nzp-mvbw-5kax"},{"vulnerability":"VCID-74cw-ufme-5yfh"},{"vulnerability":"VCID-nsq5-7j7c-hbak"},{"vulnerability":"VCID-pjc3-66nj-mqe6"},{"vulnerability":"VCID-pndg-eaey-2ydk"},{"vulnerability":"VCID-tuaz-rx17-huc6"},{"vulnerability":"VCID-ufhs-run3-kqag"},{"vulnerability":"VCID-v1q2-grgw-2fg2"},{"vulnerability":"VCID-yrzx-r3q3-43ej"},{"vulnerability":"VCID-yzq8-e9u1-3bbe"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/cakephp/cakephp@2.5.1"},{"url":"http://public2.vulnerablecode.io/api/packages/404340?format=json","purl":"pkg:composer/cakephp/cakephp@2.5.2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-251n-1k53-57dd"},{"vulnerability":"VCID-3cx6-dpsf-xkhw"},{"vulnerability":"VCID-4nzp-mvbw-5kax"},{"vulnerability":"VCID-74cw-ufme-5yfh"},{"vulnerability":"VCID-nsq5-7j7c-hbak"},{"vulnerability":"VCID-pjc3-66nj-mqe6"},{"vulnerability":"VCID-pndg-eaey-2ydk"},{"vulnerability":"VCID-tuaz-rx17-huc6"},{"vulnerability":"VCID-ufhs-run3-kqag"},{"vulnerability":"VCID-v1q2-grgw-2fg2"},{"vulnerability":"VCID-yrzx-r3q3-43ej"},{"vulnerability":"VCID-yzq8-e9u1-3bbe"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/cakephp/cakephp@2.5.2"},{"url":"http://public2.vulnerablecode.io/api/packages/404341?format=json","purl":"pkg:composer/cakephp/cakephp@2.5.3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-251n-1k53-57dd"},{"vulnerability":"VCID-3cx6-dpsf-xkhw"},{"vulnerability":"VCID-4nzp-mvbw-5kax"},{"vulnerability":"VCID-74cw-ufme-5yfh"},{"vulnerability":"VCID-nsq5-7j7c-hbak"},{"vulnerability":"VCID-pjc3-66nj-mqe6"},{"vulnerability":"VCID-pndg-eaey-2ydk"},{"vulnerability":"VCID-tuaz-rx17-huc6"},{"vulnerability":"VCID-ufhs-run3-kqag"},{"vulnerability":"VCID-v1q2-grgw-2fg2"},{"vulnerability":"VCID-yrzx-r3q3-43ej"},{"vulnerability":"VCID-yzq8-e9u1-3bbe"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/cakephp/cakephp@2.5.3"},{"url":"http://public2.vulnerablecode.io/api/packages/404342?format=json","purl":"pkg:composer/cakephp/cakephp@2.5.4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-251n-1k53-57dd"},{"vulnerability":"VCID-3cx6-dpsf-xkhw"},{"vulnerability":"VCID-4nzp-mvbw-5kax"},{"vulnerability":"VCID-74cw-ufme-5yfh"},{"vulnerability":"VCID-nsq5-7j7c-hbak"},{"vulnerability":"VCID-pjc3-66nj-mqe6"},{"vulnerability":"VCID-pndg-eaey-2ydk"},{"vulnerability":"VCID-tuaz-rx17-huc6"},{"vulnerability":"VCID-ufhs-run3-kqag"},{"vulnerability":"VCID-v1q2-grgw-2fg2"},{"vulnerability":"VCID-yrzx-r3q3-43ej"},{"vulnerability":"VCID-yzq8-e9u1-3bbe"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/cakephp/cakephp@2.5.4"},{"url":"http://public2.vulnerablecode.io/api/packages/404343?format=json","purl":"pkg:composer/cakephp/cakephp@2.5.5","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-251n-1k53-57dd"},{"vulnerability":"VCID-3cx6-dpsf-xkhw"},{"vulnerability":"VCID-4nzp-mvbw-5kax"},{"vulnerability":"VCID-74cw-ufme-5yfh"},{"vulnerability":"VCID-nsq5-7j7c-hbak"},{"vulnerability":"VCID-pjc3-66nj-mqe6"},{"vulnerability":"VCID-pndg-eaey-2ydk"},{"vulnerability":"VCID-tuaz-rx17-huc6"},{"vulnerability":"VCID-ufhs-run3-kqag"},{"vulnerability":"VCID-v1q2-grgw-2fg2"},{"vulnerability":"VCID-yrzx-r3q3-43ej"},{"vulnerability":"VCID-yzq8-e9u1-3bbe"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/cakephp/cakephp@2.5.5"},{"url":"http://public2.vulnerablecode.io/api/packages/404344?format=json","purl":"pkg:composer/cakephp/cakephp@2.5.6","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-251n-1k53-57dd"},{"vulnerability":"VCID-3cx6-dpsf-xkhw"},{"vulnerability":"VCID-4nzp-mvbw-5kax"},{"vulnerability":"VCID-74cw-ufme-5yfh"},{"vulnerability":"VCID-nsq5-7j7c-hbak"},{"vulnerability":"VCID-pjc3-66nj-mqe6"},{"vulnerability":"VCID-pndg-eaey-2ydk"},{"vulnerability":"VCID-tuaz-rx17-huc6"},{"vulnerability":"VCID-ufhs-run3-kqag"},{"vulnerability":"VCID-v1q2-grgw-2fg2"},{"vulnerability":"VCID-yrzx-r3q3-43ej"},{"vulnerability":"VCID-yzq8-e9u1-3bbe"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/cakephp/cakephp@2.5.6"},{"url":"http://public2.vulnerablecode.io/api/packages/404345?format=json","purl":"pkg:composer/cakephp/cakephp@2.5.7","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-251n-1k53-57dd"},{"vulnerability":"VCID-3cx6-dpsf-xkhw"},{"vulnerability":"VCID-4nzp-mvbw-5kax"},{"vulnerability":"VCID-74cw-ufme-5yfh"},{"vulnerability":"VCID-nsq5-7j7c-hbak"},{"vulnerability":"VCID-pjc3-66nj-mqe6"},{"vulnerability":"VCID-pndg-eaey-2ydk"},{"vulnerability":"VCID-tuaz-rx17-huc6"},{"vulnerability":"VCID-ufhs-run3-kqag"},{"vulnerability":"VCID-v1q2-grgw-2fg2"},{"vulnerability":"VCID-yrzx-r3q3-43ej"},{"vulnerability":"VCID-yzq8-e9u1-3bbe"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/cakephp/cakephp@2.5.7"},{"url":"http://public2.vulnerablecode.io/api/packages/404346?format=json","purl":"pkg:composer/cakephp/cakephp@2.5.8","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-251n-1k53-57dd"},{"vulnerability":"VCID-3cx6-dpsf-xkhw"},{"vulnerability":"VCID-4nzp-mvbw-5kax"},{"vulnerability":"VCID-74cw-ufme-5yfh"},{"vulnerability":"VCID-nsq5-7j7c-hbak"},{"vulnerability":"VCID-pjc3-66nj-mqe6"},{"vulnerability":"VCID-pndg-eaey-2ydk"},{"vulnerability":"VCID-tuaz-rx17-huc6"},{"vulnerability":"VCID-ufhs-run3-kqag"},{"vulnerability":"VCID-v1q2-grgw-2fg2"},{"vulnerability":"VCID-yrzx-r3q3-43ej"},{"vulnerability":"VCID-yzq8-e9u1-3bbe"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/cakephp/cakephp@2.5.8"},{"url":"http://public2.vulnerablecode.io/api/packages/379900?format=json","purl":"pkg:composer/cakephp/cakephp@2.5.9","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-251n-1k53-57dd"},{"vulnerability":"VCID-3cx6-dpsf-xkhw"},{"vulnerability":"VCID-4nzp-mvbw-5kax"},{"vulnerability":"VCID-74cw-ufme-5yfh"},{"vulnerability":"VCID-nsq5-7j7c-hbak"},{"vulnerability":"VCID-pjc3-66nj-mqe6"},{"vulnerability":"VCID-yrzx-r3q3-43ej"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/cakephp/cakephp@2.5.9"},{"url":"http://public2.vulnerablecode.io/api/packages/388416?format=json","purl":"pkg:composer/cakephp/cakephp@2.6.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-251n-1k53-57dd"},{"vulnerability":"VCID-3cx6-dpsf-xkhw"},{"vulnerability":"VCID-4nzp-mvbw-5kax"},{"vulnerability":"VCID-74cw-ufme-5yfh"},{"vulnerability":"VCID-nsq5-7j7c-hbak"},{"vulnerability":"VCID-pjc3-66nj-mqe6"},{"vulnerability":"VCID-pndg-eaey-2ydk"},{"vulnerability":"VCID-tuaz-rx17-huc6"},{"vulnerability":"VCID-ufhs-run3-kqag"},{"vulnerability":"VCID-v1q2-grgw-2fg2"},{"vulnerability":"VCID-yrzx-r3q3-43ej"},{"vulnerability":"VCID-yzq8-e9u1-3bbe"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/cakephp/cakephp@2.6.0"},{"url":"http://public2.vulnerablecode.io/api/packages/404348?format=json","purl":"pkg:composer/cakephp/cakephp@2.6.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-251n-1k53-57dd"},{"vulnerability":"VCID-3cx6-dpsf-xkhw"},{"vulnerability":"VCID-4nzp-mvbw-5kax"},{"vulnerability":"VCID-74cw-ufme-5yfh"},{"vulnerability":"VCID-nsq5-7j7c-hbak"},{"vulnerability":"VCID-pjc3-66nj-mqe6"},{"vulnerability":"VCID-pndg-eaey-2ydk"},{"vulnerability":"VCID-tuaz-rx17-huc6"},{"vulnerability":"VCID-ufhs-run3-kqag"},{"vulnerability":"VCID-v1q2-grgw-2fg2"},{"vulnerability":"VCID-yrzx-r3q3-43ej"},{"vulnerability":"VCID-yzq8-e9u1-3bbe"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/cakephp/cakephp@2.6.1"},{"url":"http://public2.vulnerablecode.io/api/packages/404349?format=json","purl":"pkg:composer/cakephp/cakephp@2.6.2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-251n-1k53-57dd"},{"vulnerability":"VCID-3cx6-dpsf-xkhw"},{"vulnerability":"VCID-4nzp-mvbw-5kax"},{"vulnerability":"VCID-74cw-ufme-5yfh"},{"vulnerability":"VCID-nsq5-7j7c-hbak"},{"vulnerability":"VCID-pjc3-66nj-mqe6"},{"vulnerability":"VCID-pndg-eaey-2ydk"},{"vulnerability":"VCID-tuaz-rx17-huc6"},{"vulnerability":"VCID-ufhs-run3-kqag"},{"vulnerability":"VCID-v1q2-grgw-2fg2"},{"vulnerability":"VCID-yrzx-r3q3-43ej"},{"vulnerability":"VCID-yzq8-e9u1-3bbe"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/cakephp/cakephp@2.6.2"},{"url":"http://public2.vulnerablecode.io/api/packages/404350?format=json","purl":"pkg:composer/cakephp/cakephp@2.6.3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-251n-1k53-57dd"},{"vulnerability":"VCID-3cx6-dpsf-xkhw"},{"vulnerability":"VCID-4nzp-mvbw-5kax"},{"vulnerability":"VCID-74cw-ufme-5yfh"},{"vulnerability":"VCID-nsq5-7j7c-hbak"},{"vulnerability":"VCID-pjc3-66nj-mqe6"},{"vulnerability":"VCID-pndg-eaey-2ydk"},{"vulnerability":"VCID-tuaz-rx17-huc6"},{"vulnerability":"VCID-ufhs-run3-kqag"},{"vulnerability":"VCID-v1q2-grgw-2fg2"},{"vulnerability":"VCID-yrzx-r3q3-43ej"},{"vulnerability":"VCID-yzq8-e9u1-3bbe"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/cakephp/cakephp@2.6.3"},{"url":"http://public2.vulnerablecode.io/api/packages/404351?format=json","purl":"pkg:composer/cakephp/cakephp@2.6.4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-251n-1k53-57dd"},{"vulnerability":"VCID-3cx6-dpsf-xkhw"},{"vulnerability":"VCID-4nzp-mvbw-5kax"},{"vulnerability":"VCID-74cw-ufme-5yfh"},{"vulnerability":"VCID-nsq5-7j7c-hbak"},{"vulnerability":"VCID-pjc3-66nj-mqe6"},{"vulnerability":"VCID-pndg-eaey-2ydk"},{"vulnerability":"VCID-tuaz-rx17-huc6"},{"vulnerability":"VCID-ufhs-run3-kqag"},{"vulnerability":"VCID-v1q2-grgw-2fg2"},{"vulnerability":"VCID-yrzx-r3q3-43ej"},{"vulnerability":"VCID-yzq8-e9u1-3bbe"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/cakephp/cakephp@2.6.4"},{"url":"http://public2.vulnerablecode.io/api/packages/404352?format=json","purl":"pkg:composer/cakephp/cakephp@2.6.5","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-251n-1k53-57dd"},{"vulnerability":"VCID-3cx6-dpsf-xkhw"},{"vulnerability":"VCID-4nzp-mvbw-5kax"},{"vulnerability":"VCID-74cw-ufme-5yfh"},{"vulnerability":"VCID-nsq5-7j7c-hbak"},{"vulnerability":"VCID-pjc3-66nj-mqe6"},{"vulnerability":"VCID-pndg-eaey-2ydk"},{"vulnerability":"VCID-tuaz-rx17-huc6"},{"vulnerability":"VCID-ufhs-run3-kqag"},{"vulnerability":"VCID-v1q2-grgw-2fg2"},{"vulnerability":"VCID-yrzx-r3q3-43ej"},{"vulnerability":"VCID-yzq8-e9u1-3bbe"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/cakephp/cakephp@2.6.5"},{"url":"http://public2.vulnerablecode.io/api/packages/15872?format=json","purl":"pkg:composer/cakephp/cakephp@3.0.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-14jg-2a3x-r7b6"},{"vulnerability":"VCID-251n-1k53-57dd"},{"vulnerability":"VCID-3cx6-dpsf-xkhw"},{"vulnerability":"VCID-4nzp-mvbw-5kax"},{"vulnerability":"VCID-74cw-ufme-5yfh"},{"vulnerability":"VCID-9fz7-k62h-eydd"},{"vulnerability":"VCID-kptr-z8uk-wfew"},{"vulnerability":"VCID-nsq5-7j7c-hbak"},{"vulnerability":"VCID-pjc3-66nj-mqe6"},{"vulnerability":"VCID-yrzx-r3q3-43ej"},{"vulnerability":"VCID-yzq8-e9u1-3bbe"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/cakephp/cakephp@3.0.0"},{"url":"http://public2.vulnerablecode.io/api/packages/404226?format=json","purl":"pkg:composer/cakephp/cakephp@3.0.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-14jg-2a3x-r7b6"},{"vulnerability":"VCID-251n-1k53-57dd"},{"vulnerability":"VCID-3cx6-dpsf-xkhw"},{"vulnerability":"VCID-4nzp-mvbw-5kax"},{"vulnerability":"VCID-74cw-ufme-5yfh"},{"vulnerability":"VCID-9fz7-k62h-eydd"},{"vulnerability":"VCID-kptr-z8uk-wfew"},{"vulnerability":"VCID-nsq5-7j7c-hbak"},{"vulnerability":"VCID-pjc3-66nj-mqe6"},{"vulnerability":"VCID-yrzx-r3q3-43ej"},{"vulnerability":"VCID-yzq8-e9u1-3bbe"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/cakephp/cakephp@3.0.1"},{"url":"http://public2.vulnerablecode.io/api/packages/404227?format=json","purl":"pkg:composer/cakephp/cakephp@3.0.2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-14jg-2a3x-r7b6"},{"vulnerability":"VCID-251n-1k53-57dd"},{"vulnerability":"VCID-3cx6-dpsf-xkhw"},{"vulnerability":"VCID-4nzp-mvbw-5kax"},{"vulnerability":"VCID-74cw-ufme-5yfh"},{"vulnerability":"VCID-9fz7-k62h-eydd"},{"vulnerability":"VCID-kptr-z8uk-wfew"},{"vulnerability":"VCID-nsq5-7j7c-hbak"},{"vulnerability":"VCID-pjc3-66nj-mqe6"},{"vulnerability":"VCID-yrzx-r3q3-43ej"},{"vulnerability":"VCID-yzq8-e9u1-3bbe"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/cakephp/cakephp@3.0.2"},{"url":"http://public2.vulnerablecode.io/api/packages/404228?format=json","purl":"pkg:composer/cakephp/cakephp@3.0.3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-14jg-2a3x-r7b6"},{"vulnerability":"VCID-251n-1k53-57dd"},{"vulnerability":"VCID-3cx6-dpsf-xkhw"},{"vulnerability":"VCID-4nzp-mvbw-5kax"},{"vulnerability":"VCID-74cw-ufme-5yfh"},{"vulnerability":"VCID-9fz7-k62h-eydd"},{"vulnerability":"VCID-kptr-z8uk-wfew"},{"vulnerability":"VCID-nsq5-7j7c-hbak"},{"vulnerability":"VCID-pjc3-66nj-mqe6"},{"vulnerability":"VCID-yrzx-r3q3-43ej"},{"vulnerability":"VCID-yzq8-e9u1-3bbe"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/cakephp/cakephp@3.0.3"},{"url":"http://public2.vulnerablecode.io/api/packages/379997?format=json","purl":"pkg:composer/cakephp/cakephp@3.0.4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-251n-1k53-57dd"},{"vulnerability":"VCID-3cx6-dpsf-xkhw"},{"vulnerability":"VCID-4nzp-mvbw-5kax"},{"vulnerability":"VCID-74cw-ufme-5yfh"},{"vulnerability":"VCID-9fz7-k62h-eydd"},{"vulnerability":"VCID-nsq5-7j7c-hbak"},{"vulnerability":"VCID-pjc3-66nj-mqe6"},{"vulnerability":"VCID-yrzx-r3q3-43ej"},{"vulnerability":"VCID-yzq8-e9u1-3bbe"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/cakephp/cakephp@3.0.4"},{"url":"http://public2.vulnerablecode.io/api/packages/404354?format=json","purl":"pkg:composer/cakephp/cakephp@3.0.5","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-251n-1k53-57dd"},{"vulnerability":"VCID-3cx6-dpsf-xkhw"},{"vulnerability":"VCID-4nzp-mvbw-5kax"},{"vulnerability":"VCID-74cw-ufme-5yfh"},{"vulnerability":"VCID-9fz7-k62h-eydd"},{"vulnerability":"VCID-nsq5-7j7c-hbak"},{"vulnerability":"VCID-pjc3-66nj-mqe6"},{"vulnerability":"VCID-yrzx-r3q3-43ej"},{"vulnerability":"VCID-yzq8-e9u1-3bbe"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/cakephp/cakephp@3.0.5"}],"references":[{"reference_url":"https://bakery.cakephp.org/2015/05/28/cakephp_2_6_6_and_3_0_6_released.html","reference_id":"","reference_type":"","scores":[{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://bakery.cakephp.org/2015/05/28/cakephp_2_6_6_and_3_0_6_released.html"},{"reference_url":"https://github.com/cakephp/cakephp","reference_id":"","reference_type":"","scores":[{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/cakephp/cakephp"},{"reference_url":"https://github.com/cakephp/cakephp/commit/c186487151356a8d7c6e2cae05f87b9df0e59fbb","reference_id":"","reference_type":"","scores":[{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/cakephp/cakephp/commit/c186487151356a8d7c6e2cae05f87b9df0e59fbb"},{"reference_url":"https://github.com/FriendsOfPHP/security-advisories/blob/master/cakephp/cakephp/2015-05-28.yaml","reference_id":"","reference_type":"","scores":[{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/FriendsOfPHP/security-advisories/blob/master/cakephp/cakephp/2015-05-28.yaml"},{"reference_url":"https://github.com/advisories/GHSA-q79m-c546-2g63","reference_id":"GHSA-q79m-c546-2g63","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-q79m-c546-2g63"}],"weaknesses":[{"cwe_id":1035,"name":"OWASP Top Ten 2017 Category A9 - Using Components with Known Vulnerabilities","description":"Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2017."},{"cwe_id":937,"name":"OWASP Top Ten 2013 Category A9 - Using Components with Known Vulnerabilities","description":"Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2013."}],"exploits":[],"severity_range_score":"7.0 - 8.9","exploitability":"0.5","weighted_severity":"8.0","risk_score":4.0,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-4nzp-mvbw-5kax"}