Django REST framework

Vulnerability Instance

Lookup for vulnerabilities affecting packages.

Vulnerability_idVCID-hytp-ymst-wydu
Summary
Aliases
0
alias CVE-2020-11671
1
alias GHSA-gmr7-m73x-6c9q
Fixed_packages
0
url pkg:composer/nilsteampassnet/teampass@3.0.0
purl pkg:composer/nilsteampassnet/teampass@3.0.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1dkf-xbbk-d7ej
1
vulnerability VCID-3ep8-e51b-wygf
2
vulnerability VCID-7uys-bmga-vyf6
3
vulnerability VCID-8ccd-ebn8-w7ca
4
vulnerability VCID-9b52-k67m-7fb9
5
vulnerability VCID-a7h6-fstf-kqee
6
vulnerability VCID-f4pc-cnmz-xuds
7
vulnerability VCID-fq8k-9rzx-d3h9
8
vulnerability VCID-gapw-p82p-5ffg
9
vulnerability VCID-gccz-1apc-nbc7
10
vulnerability VCID-hsc2-ujdn-akd9
11
vulnerability VCID-j45n-ee9b-jkfu
12
vulnerability VCID-jfjy-mp8x-7bay
13
vulnerability VCID-nerp-rft5-e7hu
14
vulnerability VCID-p8s7-qwsb-sucm
15
vulnerability VCID-s72e-wwmn-5udy
16
vulnerability VCID-sbzn-52hj-2fem
17
vulnerability VCID-ttgj-91qs-1kb1
18
vulnerability VCID-vbq8-3npj-fudc
19
vulnerability VCID-vsm8-3aay-zugs
20
vulnerability VCID-w3sd-njh7-dka9
21
vulnerability VCID-yjg1-e2zq-qbh9
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/nilsteampassnet/teampass@3.0.0
Affected_packages
0
url pkg:composer/nilsteampassnet/teampass@2.1.21
purl pkg:composer/nilsteampassnet/teampass@2.1.21
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1dkf-xbbk-d7ej
1
vulnerability VCID-3ep8-e51b-wygf
2
vulnerability VCID-7uys-bmga-vyf6
3
vulnerability VCID-8ccd-ebn8-w7ca
4
vulnerability VCID-9b52-k67m-7fb9
5
vulnerability VCID-a7h6-fstf-kqee
6
vulnerability VCID-atka-cwfk-1qft
7
vulnerability VCID-f256-8ace-tkfz
8
vulnerability VCID-f4pc-cnmz-xuds
9
vulnerability VCID-fq8k-9rzx-d3h9
10
vulnerability VCID-gapw-p82p-5ffg
11
vulnerability VCID-gccz-1apc-nbc7
12
vulnerability VCID-ge6p-wb66-23h1
13
vulnerability VCID-h7b6-7zyw-2ubd
14
vulnerability VCID-hsc2-ujdn-akd9
15
vulnerability VCID-hytp-ymst-wydu
16
vulnerability VCID-j45n-ee9b-jkfu
17
vulnerability VCID-jfjy-mp8x-7bay
18
vulnerability VCID-kasr-phan-wfe1
19
vulnerability VCID-nerp-rft5-e7hu
20
vulnerability VCID-nrku-7gg1-x7dc
21
vulnerability VCID-p8s7-qwsb-sucm
22
vulnerability VCID-rkke-dz1k-qke7
23
vulnerability VCID-s72e-wwmn-5udy
24
vulnerability VCID-sbzn-52hj-2fem
25
vulnerability VCID-sddd-pv7u-pkeh
26
vulnerability VCID-ttgj-91qs-1kb1
27
vulnerability VCID-vbq8-3npj-fudc
28
vulnerability VCID-veg8-behu-43g4
29
vulnerability VCID-vsm8-3aay-zugs
30
vulnerability VCID-w3sd-njh7-dka9
31
vulnerability VCID-w9n1-5spr-3yd5
32
vulnerability VCID-yjg1-e2zq-qbh9
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/nilsteampassnet/teampass@2.1.21
1
url pkg:composer/nilsteampassnet/teampass@2.1.26
purl pkg:composer/nilsteampassnet/teampass@2.1.26
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1dkf-xbbk-d7ej
1
vulnerability VCID-3ep8-e51b-wygf
2
vulnerability VCID-7uys-bmga-vyf6
3
vulnerability VCID-8ccd-ebn8-w7ca
4
vulnerability VCID-9b52-k67m-7fb9
5
vulnerability VCID-a7h6-fstf-kqee
6
vulnerability VCID-apxy-13pc-33e1
7
vulnerability VCID-atka-cwfk-1qft
8
vulnerability VCID-f256-8ace-tkfz
9
vulnerability VCID-f4pc-cnmz-xuds
10
vulnerability VCID-fq8k-9rzx-d3h9
11
vulnerability VCID-gapw-p82p-5ffg
12
vulnerability VCID-gccz-1apc-nbc7
13
vulnerability VCID-ge6p-wb66-23h1
14
vulnerability VCID-h7b6-7zyw-2ubd
15
vulnerability VCID-hsc2-ujdn-akd9
16
vulnerability VCID-hytp-ymst-wydu
17
vulnerability VCID-j45n-ee9b-jkfu
18
vulnerability VCID-jfjy-mp8x-7bay
19
vulnerability VCID-kasr-phan-wfe1
20
vulnerability VCID-nerp-rft5-e7hu
21
vulnerability VCID-p8s7-qwsb-sucm
22
vulnerability VCID-rkke-dz1k-qke7
23
vulnerability VCID-s72e-wwmn-5udy
24
vulnerability VCID-sbzn-52hj-2fem
25
vulnerability VCID-sddd-pv7u-pkeh
26
vulnerability VCID-ttgj-91qs-1kb1
27
vulnerability VCID-vbq8-3npj-fudc
28
vulnerability VCID-veg8-behu-43g4
29
vulnerability VCID-vsm8-3aay-zugs
30
vulnerability VCID-w3sd-njh7-dka9
31
vulnerability VCID-yjg1-e2zq-qbh9
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/nilsteampassnet/teampass@2.1.26
2
url pkg:composer/nilsteampassnet/teampass@2.1.27
purl pkg:composer/nilsteampassnet/teampass@2.1.27
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1dkf-xbbk-d7ej
1
vulnerability VCID-3ep8-e51b-wygf
2
vulnerability VCID-7uys-bmga-vyf6
3
vulnerability VCID-8ccd-ebn8-w7ca
4
vulnerability VCID-9b52-k67m-7fb9
5
vulnerability VCID-a7h6-fstf-kqee
6
vulnerability VCID-atka-cwfk-1qft
7
vulnerability VCID-f256-8ace-tkfz
8
vulnerability VCID-f4pc-cnmz-xuds
9
vulnerability VCID-fq8k-9rzx-d3h9
10
vulnerability VCID-gapw-p82p-5ffg
11
vulnerability VCID-gccz-1apc-nbc7
12
vulnerability VCID-ge6p-wb66-23h1
13
vulnerability VCID-h7b6-7zyw-2ubd
14
vulnerability VCID-hsc2-ujdn-akd9
15
vulnerability VCID-hytp-ymst-wydu
16
vulnerability VCID-j45n-ee9b-jkfu
17
vulnerability VCID-jfjy-mp8x-7bay
18
vulnerability VCID-kasr-phan-wfe1
19
vulnerability VCID-nerp-rft5-e7hu
20
vulnerability VCID-p8s7-qwsb-sucm
21
vulnerability VCID-rkke-dz1k-qke7
22
vulnerability VCID-s72e-wwmn-5udy
23
vulnerability VCID-sbzn-52hj-2fem
24
vulnerability VCID-sddd-pv7u-pkeh
25
vulnerability VCID-ttgj-91qs-1kb1
26
vulnerability VCID-vbq8-3npj-fudc
27
vulnerability VCID-veg8-behu-43g4
28
vulnerability VCID-vsm8-3aay-zugs
29
vulnerability VCID-w3sd-njh7-dka9
30
vulnerability VCID-yjg1-e2zq-qbh9
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/nilsteampassnet/teampass@2.1.27
3
url pkg:composer/nilsteampassnet/teampass@2.1.27%2B36
purl pkg:composer/nilsteampassnet/teampass@2.1.27%2B36
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2xmc-fau3-7qf1
1
vulnerability VCID-4aga-e81s-bkhm
2
vulnerability VCID-6ua5-hzh9-mqfc
3
vulnerability VCID-ezyx-712w-x7hc
4
vulnerability VCID-hytp-ymst-wydu
5
vulnerability VCID-jud6-pyfp-n7gz
6
vulnerability VCID-s7mv-kdkf-vuay
7
vulnerability VCID-x6yt-ngt4-13e8
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/nilsteampassnet/teampass@2.1.27%252B36
References
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-11671
reference_id
reference_type
scores
0
value 0.003
scoring_system epss
scoring_elements 0.53778
published_at 2026-06-11T12:55:00Z
1
value 0.003
scoring_system epss
scoring_elements 0.53903
published_at 2026-06-12T12:55:00Z
2
value 0.003
scoring_system epss
scoring_elements 0.5392
published_at 2026-06-13T12:55:00Z
3
value 0.003
scoring_system epss
scoring_elements 0.53906
published_at 2026-06-14T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-11671
1
reference_url https://github.com/nilsteampassnet/TeamPass/issues/2765
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/nilsteampassnet/TeamPass/issues/2765
2
reference_url https://nvd.nist.gov/vuln/detail/CVE-2020-11671
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2020-11671
3
reference_url https://github.com/advisories/GHSA-gmr7-m73x-6c9q
reference_id GHSA-gmr7-m73x-6c9q
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-gmr7-m73x-6c9q
Weaknesses
0
cwe_id 862
name Missing Authorization
description The product does not perform an authorization check when an actor attempts to access a resource or perform an action.
1
cwe_id 1035
name OWASP Top Ten 2017 Category A9 - Using Components with Known Vulnerabilities
description Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2017.
2
cwe_id 269
name Improper Privilege Management
description The product does not properly assign, modify, track, or check privileges for an actor, creating an unintended sphere of control for that actor.
3
cwe_id 937
name OWASP Top Ten 2013 Category A9 - Using Components with Known Vulnerabilities
description Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2013.
Exploits
Severity_range_score7.0 - 8.9
Exploitability0.5
Weighted_severity8.0
Risk_score4.0
Resource_urlhttp://public2.vulnerablecode.io/vulnerabilities/VCID-hytp-ymst-wydu