Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:composer/drupal/core@9.2.13
Typecomposer
Namespacedrupal
Namecore
Version9.2.13
Qualifiers
Subpath
Is_vulnerablefalse
Next_non_vulnerable_version9.2.16
Latest_non_vulnerable_version11.2.8
Affected_by_vulnerabilities
Fixing_vulnerabilities
0
url VCID-2g67-a42m-qfbh
vulnerability_id VCID-2g67-a42m-qfbh
summary 
Improper Input Validation
Drupal core's form API has a vulnerability where certain contributed or custom modules' forms may be vulnerable to improper input validation. This could allow an attacker to inject disallowed values or overwrite data. Affected forms are uncommon, but in certain cases an attacker could alter critical or sensitive data.
references
0
reference_url https://www.drupal.org/sa-core-2022-003
reference_id
reference_type
scores
url https://www.drupal.org/sa-core-2022-003
1
reference_url https://nvd.nist.gov/vuln/detail/CVE-2022-25271
reference_id CVE-2022-25271
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2022-25271
fixed_packages
0
url pkg:composer/drupal/core@8.0.0
purl pkg:composer/drupal/core@8.0.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2989-fmjz-nkby
1
vulnerability VCID-2fas-m6vh-myhc
2
vulnerability VCID-2t34-82p3-73c3
3
vulnerability VCID-31qy-vagp-83b6
4
vulnerability VCID-3xk4-qwaq-5yaj
5
vulnerability VCID-4dpp-gg2v-q3et
6
vulnerability VCID-56ze-2yw2-bfh8
7
vulnerability VCID-5c5c-m7ba-kqct
8
vulnerability VCID-7v89-2sss-hfaz
9
vulnerability VCID-9nk8-dban-g7h9
10
vulnerability VCID-a3s2-c4k2-4ufn
11
vulnerability VCID-a4u4-ga84-wyf9
12
vulnerability VCID-a7ss-tkb6-gkge
13
vulnerability VCID-ah3h-t9qa-gudr
14
vulnerability VCID-ard5-3cjv-1beu
15
vulnerability VCID-asm8-guag-b3ep
16
vulnerability VCID-avmn-kqky-83dd
17
vulnerability VCID-ay6b-1a7z-qkas
18
vulnerability VCID-bq2j-t19h-zyad
19
vulnerability VCID-dav9-pgdh-8yey
20
vulnerability VCID-dyhz-g3nv-yuc3
21
vulnerability VCID-e12q-qavs-qybu
22
vulnerability VCID-e8un-nbkk-cbf9
23
vulnerability VCID-egtv-y9w1-skgr
24
vulnerability VCID-jrhg-3271-tqdy
25
vulnerability VCID-kzrs-mrga-nyej
26
vulnerability VCID-mm13-6dhq-nqfb
27
vulnerability VCID-myja-t33q-q3cv
28
vulnerability VCID-nacy-y1qt-5yhb
29
vulnerability VCID-ng6g-hvc2-bkg4
30
vulnerability VCID-p54u-b18k-jyft
31
vulnerability VCID-pgnc-fq4m-3kaz
32
vulnerability VCID-pmmq-8s2m-h7dp
33
vulnerability VCID-pnme-dc73-efcb
34
vulnerability VCID-qsuc-53pg-zkda
35
vulnerability VCID-rd4g-h1j9-23cb
36
vulnerability VCID-rsc6-y1uv-6bfq
37
vulnerability VCID-t89y-c9hq-9bhk
38
vulnerability VCID-ta99-gcmk-2qc8
39
vulnerability VCID-tpzm-u3qp-akc8
40
vulnerability VCID-w4ks-ufnz-vfav
41
vulnerability VCID-wapd-e3mu-sffn
42
vulnerability VCID-wsv7-je8g-sqet
43
vulnerability VCID-wszp-2es5-z7fy
44
vulnerability VCID-x34m-u169-1bce
45
vulnerability VCID-y1nb-prqc-suaj
46
vulnerability VCID-yq4q-hydz-vuga
47
vulnerability VCID-yygb-pp11-5udj
48
vulnerability VCID-zqer-y4s4-hqhy
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/drupal/core@8.0.0
1
url pkg:composer/drupal/core@9.2.13
purl pkg:composer/drupal/core@9.2.13
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/drupal/core@9.2.13
2
url pkg:composer/drupal/core@9.3.6
purl pkg:composer/drupal/core@9.3.6
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-r1hd-d39y-syhj
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/drupal/core@9.3.6
aliases CVE-2022-25271
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-2g67-a42m-qfbh
1
url VCID-ydy1-x277-1fhj
vulnerability_id VCID-ydy1-x277-1fhj
summary 
Incorrect Authorization
The Quick Edit module does not properly check entity access in some circumstances. This could result in users with the "access in-place editing" permission viewing some content they are are not authorized to access. Sites are only affected if the QuickEdit module (which comes with the Standard profile) is installed.
references
0
reference_url https://www.drupal.org/sa-core-2022-004
reference_id
reference_type
scores
url https://www.drupal.org/sa-core-2022-004
1
reference_url https://nvd.nist.gov/vuln/detail/CVE-2022-25270
reference_id CVE-2022-25270
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2022-25270
fixed_packages
0
url pkg:composer/drupal/core@9.2.13
purl pkg:composer/drupal/core@9.2.13
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/drupal/core@9.2.13
1
url pkg:composer/drupal/core@9.3.6
purl pkg:composer/drupal/core@9.3.6
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-r1hd-d39y-syhj
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/drupal/core@9.3.6
aliases CVE-2022-25270
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ydy1-x277-1fhj
Risk_scorenull
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:composer/drupal/core@9.2.13