Vulnerability Instance
Lookup for vulnerabilities affecting packages.
GET /api/vulnerabilities/31270?format=api
{ "url": "http://public2.vulnerablecode.io/api/vulnerabilities/31270?format=api", "vulnerability_id": "VCID-ghbw-eqaz-jqhs", "summary": "Directus is a real-time API and App dashboard for managing SQL database content. Starting in version 11.0.0 and prior to version 11.3.0, when setting `WEBSOCKETS_GRAPHQL_AUTH` or `WEBSOCKETS_REST_AUTH` to \"public\", an unauthenticated user is able to do any of the supported operations (CRUD, subscriptions) with full admin privileges. This impacts any Directus instance that has either `WEBSOCKETS_GRAPHQL_AUTH` or `WEBSOCKETS_REST_AUTH` set to `public` allowing unauthenticated users to subscribe for changes on any collection or do REST CRUD operations on user defined collections ignoring permissions. Version 11.3.0 fixes the issue.", "aliases": [ { "alias": "CVE-2024-54151" }, { "alias": "GHSA-849r-qrwj-8rv4" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/372324?format=api", "purl": "pkg:npm/directus@11.3.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-32e6-c1bv-efea" }, { "vulnerability": "VCID-3u2p-nh39-5qag" }, { "vulnerability": "VCID-45yr-y58u-aqb8" }, { "vulnerability": "VCID-4z1u-rtza-83bj" }, { "vulnerability": "VCID-79ch-vtkp-q3cd" }, { "vulnerability": "VCID-8q3p-rrv2-jba5" }, { "vulnerability": "VCID-9dsr-kz3s-hkdx" }, { "vulnerability": "VCID-9r91-qgfa-x7ak" }, { "vulnerability": "VCID-a1y7-cmk1-4ffn" }, { "vulnerability": "VCID-ah8z-vr21-wfd6" }, { "vulnerability": "VCID-bc42-4j4d-tudj" }, { "vulnerability": "VCID-bg96-h5bt-xfbb" }, { "vulnerability": "VCID-c4eu-udp3-uuen" }, { "vulnerability": "VCID-d8vm-nuff-uffc" }, { "vulnerability": "VCID-dcw5-6ct3-b3ev" }, { "vulnerability": "VCID-ga3s-595f-2keq" }, { "vulnerability": "VCID-qfnx-egwg-ybgp" }, { "vulnerability": "VCID-rdpb-7dcd-fyby" }, { "vulnerability": "VCID-rren-vtar-23fm" }, { "vulnerability": "VCID-snux-8b2e-9kd6" }, { "vulnerability": "VCID-tp8r-hnf7-fkaf" }, { "vulnerability": "VCID-u5hw-p46t-jybc" }, { "vulnerability": "VCID-ufth-uy5w-87fe" }, { "vulnerability": "VCID-v6mk-ybv3-tyc8" }, { "vulnerability": "VCID-v9s1-9n1m-bubs" }, { "vulnerability": "VCID-y6cy-k9c2-pkcb" }, { "vulnerability": "VCID-ywqb-qrvw-hfbh" }, { "vulnerability": "VCID-z5ud-p9th-mff2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/directus@11.3.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/372325?format=api", "purl": "pkg:npm/%40directus/api@23.2.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3u2p-nh39-5qag" }, { "vulnerability": "VCID-8q3p-rrv2-jba5" }, { "vulnerability": "VCID-qfnx-egwg-ybgp" }, { "vulnerability": "VCID-rdpb-7dcd-fyby" }, { "vulnerability": "VCID-tp8r-hnf7-fkaf" }, { "vulnerability": "VCID-ufth-uy5w-87fe" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/%2540directus/api@23.2.0" } ], "affected_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/33465?format=api", "purl": "pkg:npm/directus@11.0.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-32e6-c1bv-efea" }, { "vulnerability": "VCID-3u2p-nh39-5qag" }, { "vulnerability": "VCID-3vnr-k31f-vycv" }, { "vulnerability": "VCID-45yr-y58u-aqb8" }, { "vulnerability": "VCID-4z1u-rtza-83bj" }, { "vulnerability": "VCID-54ja-4vrx-tbgm" }, { "vulnerability": "VCID-79ch-vtkp-q3cd" }, { "vulnerability": "VCID-8q3p-rrv2-jba5" }, { "vulnerability": "VCID-9dsr-kz3s-hkdx" }, { "vulnerability": "VCID-9r91-qgfa-x7ak" }, { "vulnerability": "VCID-a1y7-cmk1-4ffn" }, { "vulnerability": "VCID-ah8z-vr21-wfd6" }, { "vulnerability": "VCID-bc42-4j4d-tudj" }, { "vulnerability": "VCID-bg96-h5bt-xfbb" }, { "vulnerability": "VCID-c4eu-udp3-uuen" }, { "vulnerability": "VCID-d8vm-nuff-uffc" }, { "vulnerability": "VCID-dcw5-6ct3-b3ev" }, { "vulnerability": "VCID-ga3s-595f-2keq" }, { "vulnerability": "VCID-gf4m-ad8j-7bbn" }, { "vulnerability": "VCID-ghbw-eqaz-jqhs" }, { "vulnerability": "VCID-jtg3-4cp8-8fe6" }, { "vulnerability": "VCID-qfnx-egwg-ybgp" }, { "vulnerability": "VCID-qrf3-cz1h-8kau" }, { "vulnerability": "VCID-rdpb-7dcd-fyby" }, { "vulnerability": "VCID-rren-vtar-23fm" }, { "vulnerability": "VCID-snux-8b2e-9kd6" }, { "vulnerability": "VCID-tp8r-hnf7-fkaf" }, { "vulnerability": "VCID-u5hw-p46t-jybc" }, { "vulnerability": "VCID-ufth-uy5w-87fe" }, { "vulnerability": "VCID-v6mk-ybv3-tyc8" }, { "vulnerability": "VCID-v9s1-9n1m-bubs" }, { "vulnerability": "VCID-y6cy-k9c2-pkcb" }, { "vulnerability": "VCID-ywqb-qrvw-hfbh" }, { "vulnerability": "VCID-z5ud-p9th-mff2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/directus@11.0.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/740846?format=api", "purl": "pkg:npm/directus@11.0.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-32e6-c1bv-efea" }, { "vulnerability": "VCID-3u2p-nh39-5qag" }, { "vulnerability": "VCID-3vnr-k31f-vycv" }, { "vulnerability": "VCID-45yr-y58u-aqb8" }, { "vulnerability": "VCID-4z1u-rtza-83bj" }, { "vulnerability": "VCID-54ja-4vrx-tbgm" }, { "vulnerability": "VCID-79ch-vtkp-q3cd" }, { "vulnerability": "VCID-8q3p-rrv2-jba5" }, { "vulnerability": "VCID-9dsr-kz3s-hkdx" }, { "vulnerability": "VCID-9r91-qgfa-x7ak" }, { "vulnerability": "VCID-a1y7-cmk1-4ffn" }, { "vulnerability": "VCID-ah8z-vr21-wfd6" }, { "vulnerability": "VCID-bc42-4j4d-tudj" }, { "vulnerability": "VCID-bg96-h5bt-xfbb" }, { "vulnerability": "VCID-c4eu-udp3-uuen" }, { "vulnerability": "VCID-d8vm-nuff-uffc" }, { "vulnerability": "VCID-dcw5-6ct3-b3ev" }, { "vulnerability": "VCID-ga3s-595f-2keq" }, { "vulnerability": "VCID-gf4m-ad8j-7bbn" }, { "vulnerability": "VCID-ghbw-eqaz-jqhs" }, { "vulnerability": "VCID-jtg3-4cp8-8fe6" }, { "vulnerability": "VCID-qfnx-egwg-ybgp" }, { "vulnerability": "VCID-qrf3-cz1h-8kau" }, { "vulnerability": "VCID-rdpb-7dcd-fyby" }, { "vulnerability": "VCID-rren-vtar-23fm" }, { "vulnerability": "VCID-snux-8b2e-9kd6" }, { "vulnerability": "VCID-tp8r-hnf7-fkaf" }, { "vulnerability": "VCID-u5hw-p46t-jybc" }, { "vulnerability": "VCID-ufth-uy5w-87fe" }, { "vulnerability": "VCID-v6mk-ybv3-tyc8" }, { "vulnerability": "VCID-v9s1-9n1m-bubs" }, { "vulnerability": "VCID-y6cy-k9c2-pkcb" }, { "vulnerability": "VCID-ywqb-qrvw-hfbh" }, { "vulnerability": "VCID-z5ud-p9th-mff2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/directus@11.0.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/740847?format=api", "purl": "pkg:npm/directus@11.0.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-32e6-c1bv-efea" }, { "vulnerability": "VCID-3u2p-nh39-5qag" }, { "vulnerability": "VCID-3vnr-k31f-vycv" }, { "vulnerability": "VCID-45yr-y58u-aqb8" }, { "vulnerability": "VCID-4z1u-rtza-83bj" }, { "vulnerability": "VCID-54ja-4vrx-tbgm" }, { "vulnerability": "VCID-79ch-vtkp-q3cd" }, { "vulnerability": "VCID-8q3p-rrv2-jba5" }, { "vulnerability": "VCID-9dsr-kz3s-hkdx" }, { "vulnerability": "VCID-9r91-qgfa-x7ak" }, { "vulnerability": "VCID-a1y7-cmk1-4ffn" }, { "vulnerability": "VCID-ah8z-vr21-wfd6" }, { "vulnerability": "VCID-bc42-4j4d-tudj" }, { "vulnerability": "VCID-bg96-h5bt-xfbb" }, { "vulnerability": "VCID-c4eu-udp3-uuen" }, { "vulnerability": "VCID-d8vm-nuff-uffc" }, { "vulnerability": "VCID-dcw5-6ct3-b3ev" }, { "vulnerability": "VCID-ga3s-595f-2keq" }, { "vulnerability": "VCID-gf4m-ad8j-7bbn" }, { "vulnerability": "VCID-ghbw-eqaz-jqhs" }, { "vulnerability": "VCID-jtg3-4cp8-8fe6" }, { "vulnerability": "VCID-qfnx-egwg-ybgp" }, { "vulnerability": "VCID-qrf3-cz1h-8kau" }, { "vulnerability": "VCID-rdpb-7dcd-fyby" }, { "vulnerability": "VCID-rren-vtar-23fm" }, { "vulnerability": "VCID-snux-8b2e-9kd6" }, { "vulnerability": "VCID-tp8r-hnf7-fkaf" }, { "vulnerability": "VCID-u5hw-p46t-jybc" }, { "vulnerability": "VCID-ufth-uy5w-87fe" }, { "vulnerability": "VCID-v6mk-ybv3-tyc8" }, { "vulnerability": "VCID-v9s1-9n1m-bubs" }, { "vulnerability": "VCID-y6cy-k9c2-pkcb" }, { "vulnerability": "VCID-ywqb-qrvw-hfbh" }, { "vulnerability": "VCID-z5ud-p9th-mff2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/directus@11.0.2" }, { "url": "http://public2.vulnerablecode.io/api/packages/33329?format=api", "purl": "pkg:npm/directus@11.1.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-32e6-c1bv-efea" }, { "vulnerability": "VCID-3u2p-nh39-5qag" }, { "vulnerability": "VCID-3vnr-k31f-vycv" }, { "vulnerability": "VCID-45yr-y58u-aqb8" }, { "vulnerability": "VCID-4z1u-rtza-83bj" }, { "vulnerability": "VCID-79ch-vtkp-q3cd" }, { "vulnerability": "VCID-8q3p-rrv2-jba5" }, { "vulnerability": "VCID-9dsr-kz3s-hkdx" }, { "vulnerability": "VCID-9r91-qgfa-x7ak" }, { "vulnerability": "VCID-a1y7-cmk1-4ffn" }, { "vulnerability": "VCID-ah8z-vr21-wfd6" }, { "vulnerability": "VCID-bc42-4j4d-tudj" }, { "vulnerability": "VCID-bg96-h5bt-xfbb" }, { "vulnerability": "VCID-c4eu-udp3-uuen" }, { "vulnerability": "VCID-d8vm-nuff-uffc" }, { "vulnerability": "VCID-dcw5-6ct3-b3ev" }, { "vulnerability": "VCID-ga3s-595f-2keq" }, { "vulnerability": "VCID-gf4m-ad8j-7bbn" }, { "vulnerability": "VCID-ghbw-eqaz-jqhs" }, { "vulnerability": "VCID-jtg3-4cp8-8fe6" }, { "vulnerability": "VCID-qfnx-egwg-ybgp" }, { "vulnerability": "VCID-rdpb-7dcd-fyby" }, { "vulnerability": "VCID-rren-vtar-23fm" }, { "vulnerability": "VCID-snux-8b2e-9kd6" }, { "vulnerability": "VCID-tp8r-hnf7-fkaf" }, { "vulnerability": "VCID-u5hw-p46t-jybc" }, { "vulnerability": "VCID-ufth-uy5w-87fe" }, { "vulnerability": "VCID-v6mk-ybv3-tyc8" }, { "vulnerability": "VCID-v9s1-9n1m-bubs" }, { "vulnerability": "VCID-y6cy-k9c2-pkcb" }, { "vulnerability": "VCID-ywqb-qrvw-hfbh" }, { "vulnerability": "VCID-z5ud-p9th-mff2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/directus@11.1.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/767180?format=api", "purl": "pkg:npm/directus@11.1.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-32e6-c1bv-efea" }, { "vulnerability": "VCID-3u2p-nh39-5qag" }, { "vulnerability": "VCID-3vnr-k31f-vycv" }, { "vulnerability": "VCID-45yr-y58u-aqb8" }, { "vulnerability": "VCID-4z1u-rtza-83bj" }, { "vulnerability": "VCID-79ch-vtkp-q3cd" }, { "vulnerability": "VCID-8q3p-rrv2-jba5" }, { "vulnerability": "VCID-9dsr-kz3s-hkdx" }, { "vulnerability": "VCID-9r91-qgfa-x7ak" }, { "vulnerability": "VCID-a1y7-cmk1-4ffn" }, { "vulnerability": "VCID-ah8z-vr21-wfd6" }, { "vulnerability": "VCID-bc42-4j4d-tudj" }, { "vulnerability": "VCID-bg96-h5bt-xfbb" }, { "vulnerability": "VCID-c4eu-udp3-uuen" }, { "vulnerability": "VCID-d8vm-nuff-uffc" }, { "vulnerability": "VCID-dcw5-6ct3-b3ev" }, { "vulnerability": "VCID-ga3s-595f-2keq" }, { "vulnerability": "VCID-gf4m-ad8j-7bbn" }, { "vulnerability": "VCID-ghbw-eqaz-jqhs" }, { "vulnerability": "VCID-jtg3-4cp8-8fe6" }, { "vulnerability": "VCID-qfnx-egwg-ybgp" }, { "vulnerability": "VCID-rdpb-7dcd-fyby" }, { "vulnerability": "VCID-rren-vtar-23fm" }, { "vulnerability": "VCID-snux-8b2e-9kd6" }, { "vulnerability": "VCID-tp8r-hnf7-fkaf" }, { "vulnerability": "VCID-u5hw-p46t-jybc" }, { "vulnerability": "VCID-ufth-uy5w-87fe" }, { "vulnerability": "VCID-v6mk-ybv3-tyc8" }, { "vulnerability": "VCID-v9s1-9n1m-bubs" }, { "vulnerability": "VCID-y6cy-k9c2-pkcb" }, { "vulnerability": "VCID-ywqb-qrvw-hfbh" }, { "vulnerability": "VCID-z5ud-p9th-mff2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/directus@11.1.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/377389?format=api", "purl": "pkg:npm/directus@11.1.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-32e6-c1bv-efea" }, { "vulnerability": "VCID-3u2p-nh39-5qag" }, { "vulnerability": "VCID-45yr-y58u-aqb8" }, { "vulnerability": "VCID-4z1u-rtza-83bj" }, { "vulnerability": "VCID-79ch-vtkp-q3cd" }, { "vulnerability": "VCID-8q3p-rrv2-jba5" }, { "vulnerability": "VCID-9dsr-kz3s-hkdx" }, { "vulnerability": "VCID-9r91-qgfa-x7ak" }, { "vulnerability": "VCID-a1y7-cmk1-4ffn" }, { "vulnerability": "VCID-ah8z-vr21-wfd6" }, { "vulnerability": "VCID-bc42-4j4d-tudj" }, { "vulnerability": "VCID-bg96-h5bt-xfbb" }, { "vulnerability": "VCID-c4eu-udp3-uuen" }, { "vulnerability": "VCID-d8vm-nuff-uffc" }, { "vulnerability": "VCID-dcw5-6ct3-b3ev" }, { "vulnerability": "VCID-ga3s-595f-2keq" }, { "vulnerability": "VCID-gf4m-ad8j-7bbn" }, { "vulnerability": "VCID-ghbw-eqaz-jqhs" }, { "vulnerability": "VCID-jtg3-4cp8-8fe6" }, { "vulnerability": "VCID-qfnx-egwg-ybgp" }, { "vulnerability": "VCID-rdpb-7dcd-fyby" }, { "vulnerability": "VCID-rren-vtar-23fm" }, { "vulnerability": "VCID-snux-8b2e-9kd6" }, { "vulnerability": "VCID-tp8r-hnf7-fkaf" }, { "vulnerability": "VCID-u5hw-p46t-jybc" }, { "vulnerability": "VCID-ufth-uy5w-87fe" }, { "vulnerability": "VCID-v6mk-ybv3-tyc8" }, { "vulnerability": "VCID-v9s1-9n1m-bubs" }, { "vulnerability": "VCID-y6cy-k9c2-pkcb" }, { "vulnerability": "VCID-ywqb-qrvw-hfbh" }, { "vulnerability": "VCID-z5ud-p9th-mff2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/directus@11.1.2" }, { "url": "http://public2.vulnerablecode.io/api/packages/376928?format=api", "purl": "pkg:npm/directus@11.2.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-32e6-c1bv-efea" }, { "vulnerability": "VCID-3u2p-nh39-5qag" }, { "vulnerability": "VCID-45yr-y58u-aqb8" }, { "vulnerability": "VCID-4z1u-rtza-83bj" }, { "vulnerability": "VCID-79ch-vtkp-q3cd" }, { "vulnerability": "VCID-8q3p-rrv2-jba5" }, { "vulnerability": "VCID-9dsr-kz3s-hkdx" }, { "vulnerability": "VCID-9r91-qgfa-x7ak" }, { "vulnerability": "VCID-a1y7-cmk1-4ffn" }, { "vulnerability": "VCID-ah8z-vr21-wfd6" }, { "vulnerability": "VCID-bc42-4j4d-tudj" }, { "vulnerability": "VCID-bg96-h5bt-xfbb" }, { "vulnerability": "VCID-c4eu-udp3-uuen" }, { "vulnerability": "VCID-d8vm-nuff-uffc" }, { "vulnerability": "VCID-dcw5-6ct3-b3ev" }, { "vulnerability": "VCID-ga3s-595f-2keq" }, { "vulnerability": "VCID-ghbw-eqaz-jqhs" }, { "vulnerability": "VCID-jtg3-4cp8-8fe6" }, { "vulnerability": "VCID-qfnx-egwg-ybgp" }, { "vulnerability": "VCID-rdpb-7dcd-fyby" }, { "vulnerability": "VCID-rren-vtar-23fm" }, { "vulnerability": "VCID-snux-8b2e-9kd6" }, { "vulnerability": "VCID-tp8r-hnf7-fkaf" }, { "vulnerability": "VCID-u5hw-p46t-jybc" }, { "vulnerability": "VCID-ufth-uy5w-87fe" }, { "vulnerability": "VCID-v6mk-ybv3-tyc8" }, { "vulnerability": "VCID-v9s1-9n1m-bubs" }, { "vulnerability": "VCID-y6cy-k9c2-pkcb" }, { "vulnerability": "VCID-ywqb-qrvw-hfbh" }, { "vulnerability": "VCID-z5ud-p9th-mff2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/directus@11.2.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/767181?format=api", "purl": "pkg:npm/directus@11.2.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-32e6-c1bv-efea" }, { "vulnerability": "VCID-3u2p-nh39-5qag" }, { "vulnerability": "VCID-45yr-y58u-aqb8" }, { "vulnerability": "VCID-4z1u-rtza-83bj" }, { "vulnerability": "VCID-79ch-vtkp-q3cd" }, { "vulnerability": "VCID-8q3p-rrv2-jba5" }, { "vulnerability": "VCID-9dsr-kz3s-hkdx" }, { "vulnerability": "VCID-9r91-qgfa-x7ak" }, { "vulnerability": "VCID-a1y7-cmk1-4ffn" }, { "vulnerability": "VCID-ah8z-vr21-wfd6" }, { "vulnerability": "VCID-bc42-4j4d-tudj" }, { "vulnerability": "VCID-bg96-h5bt-xfbb" }, { "vulnerability": "VCID-c4eu-udp3-uuen" }, { "vulnerability": "VCID-d8vm-nuff-uffc" }, { "vulnerability": "VCID-dcw5-6ct3-b3ev" }, { "vulnerability": "VCID-ga3s-595f-2keq" }, { "vulnerability": "VCID-ghbw-eqaz-jqhs" }, { "vulnerability": "VCID-jtg3-4cp8-8fe6" }, { "vulnerability": "VCID-qfnx-egwg-ybgp" }, { "vulnerability": "VCID-rdpb-7dcd-fyby" }, { "vulnerability": "VCID-rren-vtar-23fm" }, { "vulnerability": "VCID-snux-8b2e-9kd6" }, { "vulnerability": "VCID-tp8r-hnf7-fkaf" }, { "vulnerability": "VCID-u5hw-p46t-jybc" }, { "vulnerability": "VCID-ufth-uy5w-87fe" }, { "vulnerability": "VCID-v6mk-ybv3-tyc8" }, { "vulnerability": "VCID-v9s1-9n1m-bubs" }, { "vulnerability": "VCID-y6cy-k9c2-pkcb" }, { "vulnerability": "VCID-ywqb-qrvw-hfbh" }, { "vulnerability": "VCID-z5ud-p9th-mff2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/directus@11.2.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/372522?format=api", "purl": "pkg:npm/directus@11.2.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-32e6-c1bv-efea" }, { "vulnerability": "VCID-3u2p-nh39-5qag" }, { "vulnerability": "VCID-45yr-y58u-aqb8" }, { "vulnerability": "VCID-4z1u-rtza-83bj" }, { "vulnerability": "VCID-79ch-vtkp-q3cd" }, { "vulnerability": "VCID-8q3p-rrv2-jba5" }, { "vulnerability": "VCID-9dsr-kz3s-hkdx" }, { "vulnerability": "VCID-9r91-qgfa-x7ak" }, { "vulnerability": "VCID-a1y7-cmk1-4ffn" }, { "vulnerability": "VCID-ah8z-vr21-wfd6" }, { "vulnerability": "VCID-bc42-4j4d-tudj" }, { "vulnerability": "VCID-bg96-h5bt-xfbb" }, { "vulnerability": "VCID-c4eu-udp3-uuen" }, { "vulnerability": "VCID-d8vm-nuff-uffc" }, { "vulnerability": "VCID-dcw5-6ct3-b3ev" }, { "vulnerability": "VCID-ga3s-595f-2keq" }, { "vulnerability": "VCID-ghbw-eqaz-jqhs" }, { "vulnerability": "VCID-qfnx-egwg-ybgp" }, { "vulnerability": "VCID-rdpb-7dcd-fyby" }, { "vulnerability": "VCID-rren-vtar-23fm" }, { "vulnerability": "VCID-snux-8b2e-9kd6" }, { "vulnerability": "VCID-tp8r-hnf7-fkaf" }, { "vulnerability": "VCID-u5hw-p46t-jybc" }, { "vulnerability": "VCID-ufth-uy5w-87fe" }, { "vulnerability": "VCID-v6mk-ybv3-tyc8" }, { "vulnerability": "VCID-v9s1-9n1m-bubs" }, { "vulnerability": "VCID-y6cy-k9c2-pkcb" }, { "vulnerability": "VCID-ywqb-qrvw-hfbh" }, { "vulnerability": "VCID-z5ud-p9th-mff2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/directus@11.2.2" }, { "url": "http://public2.vulnerablecode.io/api/packages/33326?format=api", "purl": "pkg:npm/%40directus/api@22.2.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3u2p-nh39-5qag" }, { "vulnerability": "VCID-3vnr-k31f-vycv" }, { "vulnerability": "VCID-8q3p-rrv2-jba5" }, { "vulnerability": "VCID-ghbw-eqaz-jqhs" }, { "vulnerability": "VCID-qfnx-egwg-ybgp" }, { "vulnerability": "VCID-rdpb-7dcd-fyby" }, { "vulnerability": "VCID-tp8r-hnf7-fkaf" }, { "vulnerability": "VCID-ufth-uy5w-87fe" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/%2540directus/api@22.2.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/767440?format=api", "purl": "pkg:npm/%40directus/api@23.0.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3u2p-nh39-5qag" }, { "vulnerability": "VCID-3vnr-k31f-vycv" }, { "vulnerability": "VCID-8q3p-rrv2-jba5" }, { "vulnerability": "VCID-ghbw-eqaz-jqhs" }, { "vulnerability": "VCID-qfnx-egwg-ybgp" }, { "vulnerability": "VCID-rdpb-7dcd-fyby" }, { "vulnerability": "VCID-tp8r-hnf7-fkaf" }, { "vulnerability": "VCID-ufth-uy5w-87fe" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/%2540directus/api@23.0.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/377390?format=api", "purl": "pkg:npm/%40directus/api@23.1.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3u2p-nh39-5qag" }, { "vulnerability": "VCID-8q3p-rrv2-jba5" }, { "vulnerability": "VCID-ghbw-eqaz-jqhs" }, { "vulnerability": "VCID-qfnx-egwg-ybgp" }, { "vulnerability": "VCID-rdpb-7dcd-fyby" }, { "vulnerability": "VCID-tp8r-hnf7-fkaf" }, { "vulnerability": "VCID-ufth-uy5w-87fe" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/%2540directus/api@23.1.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/767441?format=api", "purl": "pkg:npm/%40directus/api@23.1.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3u2p-nh39-5qag" }, { "vulnerability": "VCID-8q3p-rrv2-jba5" }, { "vulnerability": "VCID-ghbw-eqaz-jqhs" }, { "vulnerability": "VCID-qfnx-egwg-ybgp" }, { "vulnerability": "VCID-rdpb-7dcd-fyby" }, { "vulnerability": "VCID-tp8r-hnf7-fkaf" }, { "vulnerability": "VCID-ufth-uy5w-87fe" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/%2540directus/api@23.1.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/767442?format=api", "purl": "pkg:npm/%40directus/api@23.1.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3u2p-nh39-5qag" }, { "vulnerability": "VCID-8q3p-rrv2-jba5" }, { "vulnerability": "VCID-ghbw-eqaz-jqhs" }, { "vulnerability": "VCID-qfnx-egwg-ybgp" }, { "vulnerability": "VCID-rdpb-7dcd-fyby" }, { "vulnerability": "VCID-tp8r-hnf7-fkaf" }, { "vulnerability": "VCID-ufth-uy5w-87fe" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/%2540directus/api@23.1.2" }, { "url": "http://public2.vulnerablecode.io/api/packages/767443?format=api", "purl": "pkg:npm/%40directus/api@23.1.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3u2p-nh39-5qag" }, { "vulnerability": "VCID-8q3p-rrv2-jba5" }, { "vulnerability": "VCID-ghbw-eqaz-jqhs" }, { "vulnerability": "VCID-qfnx-egwg-ybgp" }, { "vulnerability": "VCID-rdpb-7dcd-fyby" }, { "vulnerability": "VCID-tp8r-hnf7-fkaf" }, { "vulnerability": "VCID-ufth-uy5w-87fe" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/%2540directus/api@23.1.3" } ], "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-54151", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00525", "scoring_system": "epss", "scoring_elements": "0.6754", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00525", "scoring_system": "epss", "scoring_elements": "0.67529", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00525", "scoring_system": "epss", "scoring_elements": "0.67542", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.00525", "scoring_system": "epss", "scoring_elements": "0.67438", "published_at": "2026-06-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-54151" }, { "reference_url": "https://github.com/directus/directus", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/directus/directus" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2024-54151", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-54151" }, { "reference_url": "https://github.com/directus/directus/commit/ce0397d16cf767b5293cd57f626c5349b5732a21", "reference_id": "ce0397d16cf767b5293cd57f626c5349b5732a21", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2024-12-10T16:10:28Z/" } ], "url": "https://github.com/directus/directus/commit/ce0397d16cf767b5293cd57f626c5349b5732a21" }, { "reference_url": "https://github.com/advisories/GHSA-849r-qrwj-8rv4", "reference_id": "GHSA-849r-qrwj-8rv4", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-849r-qrwj-8rv4" }, { "reference_url": "https://github.com/directus/directus/security/advisories/GHSA-849r-qrwj-8rv4", "reference_id": "GHSA-849r-qrwj-8rv4", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2024-12-10T16:10:28Z/" } ], "url": "https://github.com/directus/directus/security/advisories/GHSA-849r-qrwj-8rv4" } ], "weaknesses": [ { "cwe_id": 200, "name": "Exposure of Sensitive Information to an Unauthorized Actor", "description": "The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information." }, { "cwe_id": 937, "name": "OWASP Top Ten 2013 Category A9 - Using Components with Known Vulnerabilities", "description": "Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2013." }, { "cwe_id": 1035, "name": "OWASP Top Ten 2017 Category A9 - Using Components with Known Vulnerabilities", "description": "Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2017." } ], "exploits": [], "severity_range_score": "7.0 - 8.9", "exploitability": "0.5", "weighted_severity": "8.0", "risk_score": 4.0, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ghbw-eqaz-jqhs" }