Export CSV

Products

1 vendor
VendorProductsCVEsKEVAvg EPSSWorst Severity
1108.2%MEDIUM

Related CVEs

1
CVE IDDescriptionSeverityCVSSKEVEPSSPublished
CVE-2026-27968Packistry is a self-hosted Composer repository designed to handle PHP package distribution. Prior to version 0.13.0, RepositoryAwareController::authorize() verified token presence and ability, but did not enforce token expiration. As a result, an expired deploy token with the correct ability could still access repository endpoints (e.g., Composer metadata/download APIs). The fix in version 0.13.0 adds an explicit expiration check, and tests now test expired deploy tokens to ensure they are rejected.MEDIUM4.38.2%Feb 26, 2026