Medium severity5.5NVD Advisory· Published Dec 31, 2022· Updated Jun 17, 2026
CVE-2017-20157
CVE-2017-20157
Description
A vulnerability was found in Ariadne Component Library up to 2.x. It has been classified as critical. Affected is an unknown function of the file src/url/Url.php. The manipulation leads to server-side request forgery. Upgrading to version 3.0 is able to address this issue. It is recommended to upgrade the affected component. The identifier of this vulnerability is VDB-217140.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
arc/webPackagist | < 3.0 | 3.0 |
Affected products
2- Ariadne/Component Libraryv5Range: 2.x
Patches
Vulnerability mechanics
References
6- github.com/Ariadne-CMS/arc-web/commit/1feb1cc11e6c9f218408f15f53f537ea0d788656nvdPatchThird Party AdvisoryWEB
- github.com/Ariadne-CMS/arc-web/releases/tag/3.0nvdRelease NotesThird Party AdvisoryWEB
- github.com/advisories/GHSA-qr97-v87p-x965ghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2017-20157ghsaADVISORY
- vuldb.comnvdThird Party AdvisoryWEB
- vuldb.comnvdThird Party AdvisoryWEB
News mentions
0No linked articles in our index yet.