Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:composer/goalgorilla/open_social@11.2.11
Typecomposer
Namespacegoalgorilla
Nameopen_social
Version11.2.11
Qualifiers
Subpath
Is_vulnerabletrue
Next_non_vulnerable_version12.3.11
Latest_non_vulnerable_version13.0.0-alpha11
Affected_by_vulnerabilities
0
url VCID-k8m9-zwyn-yqgt
vulnerability_id VCID-k8m9-zwyn-yqgt
summary Missing Authorization vulnerability in Drupal Open Social allows Forceful Browsing.This issue affects Open Social: from 0.0.0 before 12.3.11, from 12.4.0 before 12.4.10.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-31686
reference_id
reference_type
scores
0
value 0.00388
scoring_system epss
scoring_elements 0.60324
published_at 2026-06-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-31686
1
reference_url https://github.com/goalgorilla/open_social
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 7.2
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/goalgorilla/open_social
2
reference_url https://github.com/goalgorilla/open_social/commit/6830b1788616fc24fb3913ce88c5d997a363a5de
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 7.2
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/goalgorilla/open_social/commit/6830b1788616fc24fb3913ce88c5d997a363a5de
3
reference_url https://github.com/goalgorilla/open_social/commit/6fa5181901d4be3a64793f29c6ce0c9bd535a42f
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 7.2
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/goalgorilla/open_social/commit/6fa5181901d4be3a64793f29c6ce0c9bd535a42f
4
reference_url https://nvd.nist.gov/vuln/detail/CVE-2025-31686
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 7.2
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2025-31686
5
reference_url https://github.com/advisories/GHSA-m9w8-wxvp-c9gv
reference_id GHSA-m9w8-wxvp-c9gv
reference_type
scores
url https://github.com/advisories/GHSA-m9w8-wxvp-c9gv
6
reference_url https://www.drupal.org/sa-contrib-2025-015
reference_id sa-contrib-2025-015
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 7.2
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U
2
value HIGH
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-29T15:28:34Z/
url https://www.drupal.org/sa-contrib-2025-015
fixed_packages
0
url pkg:composer/goalgorilla/open_social@12.3.11
purl pkg:composer/goalgorilla/open_social@12.3.11
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/goalgorilla/open_social@12.3.11
1
url pkg:composer/goalgorilla/open_social@12.4.10
purl pkg:composer/goalgorilla/open_social@12.4.10
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/goalgorilla/open_social@12.4.10
aliases CVE-2025-31686, GHSA-m9w8-wxvp-c9gv
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-k8m9-zwyn-yqgt
1
url VCID-ukbz-76ea-mqc3
vulnerability_id VCID-ukbz-76ea-mqc3
summary Improper Control of Interaction Frequency vulnerability in Drupal Open Social allows Functionality Misuse.This issue affects Open Social: from 0.0.0 before 12.3.8, from 12.4.0 before 12.4.5.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2024-13274
reference_id
reference_type
scores
0
value 0.00239
scoring_system epss
scoring_elements 0.47235
published_at 2026-06-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2024-13274
1
reference_url https://github.com/goalgorilla/open_social
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/goalgorilla/open_social
2
reference_url https://nvd.nist.gov/vuln/detail/CVE-2024-13274
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2024-13274
3
reference_url https://github.com/advisories/GHSA-63wg-87qv-rw4r
reference_id GHSA-63wg-87qv-rw4r
reference_type
scores
url https://github.com/advisories/GHSA-63wg-87qv-rw4r
4
reference_url https://www.drupal.org/sa-contrib-2024-038
reference_id sa-contrib-2024-038
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-01-14T17:08:00Z/
url https://www.drupal.org/sa-contrib-2024-038
fixed_packages
0
url pkg:composer/goalgorilla/open_social@12.3.8
purl pkg:composer/goalgorilla/open_social@12.3.8
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-k8m9-zwyn-yqgt
1
vulnerability VCID-ursh-mu5k-efdk
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/goalgorilla/open_social@12.3.8
1
url pkg:composer/goalgorilla/open_social@12.4.5
purl pkg:composer/goalgorilla/open_social@12.4.5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-k8m9-zwyn-yqgt
1
vulnerability VCID-ursh-mu5k-efdk
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/goalgorilla/open_social@12.4.5
2
url pkg:composer/goalgorilla/open_social@13.0.0-alpha11
purl pkg:composer/goalgorilla/open_social@13.0.0-alpha11
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/goalgorilla/open_social@13.0.0-alpha11
aliases CVE-2024-13274, GHSA-63wg-87qv-rw4r
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ukbz-76ea-mqc3
2
url VCID-ursh-mu5k-efdk
vulnerability_id VCID-ursh-mu5k-efdk
summary Missing Authorization vulnerability in Drupal Open Social allows Forceful Browsing.This issue affects Open Social: from 0.0.0 before 12.3.11, from 12.4.0 before 12.4.10.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-31685
reference_id
reference_type
scores
0
value 0.00374
scoring_system epss
scoring_elements 0.59485
published_at 2026-06-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-31685
1
reference_url https://github.com/goalgorilla/open_social
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H
1
value 6.8
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N/E:U
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/goalgorilla/open_social
2
reference_url https://github.com/goalgorilla/open_social/commit/52c531e156fb8653e47ab99df432c4fb9651f36e
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H
1
value 6.8
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N/E:U
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/goalgorilla/open_social/commit/52c531e156fb8653e47ab99df432c4fb9651f36e
3
reference_url https://github.com/goalgorilla/open_social/commit/6ebeed01c83dc4947a5c3689bc33b4deca574473
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H
1
value 6.8
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N/E:U
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/goalgorilla/open_social/commit/6ebeed01c83dc4947a5c3689bc33b4deca574473
4
reference_url https://nvd.nist.gov/vuln/detail/CVE-2025-31685
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H
1
value 6.8
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N/E:U
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2025-31685
5
reference_url https://github.com/advisories/GHSA-gf72-h4cp-wcm4
reference_id GHSA-gf72-h4cp-wcm4
reference_type
scores
url https://github.com/advisories/GHSA-gf72-h4cp-wcm4
6
reference_url https://www.drupal.org/sa-contrib-2025-014
reference_id sa-contrib-2025-014
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H
1
value 6.8
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N/E:U
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-29T15:29:45Z/
url https://www.drupal.org/sa-contrib-2025-014
fixed_packages
0
url pkg:composer/goalgorilla/open_social@12.3.11
purl pkg:composer/goalgorilla/open_social@12.3.11
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/goalgorilla/open_social@12.3.11
1
url pkg:composer/goalgorilla/open_social@12.4.10
purl pkg:composer/goalgorilla/open_social@12.4.10
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/goalgorilla/open_social@12.4.10
aliases CVE-2025-31685, GHSA-gf72-h4cp-wcm4
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ursh-mu5k-efdk
Fixing_vulnerabilities
Risk_scorenull
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:composer/goalgorilla/open_social@11.2.11