Django REST framework

Vulnerability Instance

Lookup for vulnerabilities affecting packages.

Vulnerability_idVCID-2g67-a42m-qfbh
Summary
Improper Input Validation
Drupal core's form API has a vulnerability where certain contributed or custom modules' forms may be vulnerable to improper input validation. This could allow an attacker to inject disallowed values or overwrite data. Affected forms are uncommon, but in certain cases an attacker could alter critical or sensitive data.
Aliases
0
alias CVE-2022-25271
Fixed_packages
0
url pkg:composer/drupal/core@8.0.0
purl pkg:composer/drupal/core@8.0.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2989-fmjz-nkby
1
vulnerability VCID-2fas-m6vh-myhc
2
vulnerability VCID-2t34-82p3-73c3
3
vulnerability VCID-31qy-vagp-83b6
4
vulnerability VCID-3xk4-qwaq-5yaj
5
vulnerability VCID-4dpp-gg2v-q3et
6
vulnerability VCID-56ze-2yw2-bfh8
7
vulnerability VCID-5c5c-m7ba-kqct
8
vulnerability VCID-7v89-2sss-hfaz
9
vulnerability VCID-9nk8-dban-g7h9
10
vulnerability VCID-a3s2-c4k2-4ufn
11
vulnerability VCID-a4u4-ga84-wyf9
12
vulnerability VCID-a7ss-tkb6-gkge
13
vulnerability VCID-ah3h-t9qa-gudr
14
vulnerability VCID-ard5-3cjv-1beu
15
vulnerability VCID-asm8-guag-b3ep
16
vulnerability VCID-avmn-kqky-83dd
17
vulnerability VCID-ay6b-1a7z-qkas
18
vulnerability VCID-bq2j-t19h-zyad
19
vulnerability VCID-dav9-pgdh-8yey
20
vulnerability VCID-dyhz-g3nv-yuc3
21
vulnerability VCID-e12q-qavs-qybu
22
vulnerability VCID-e8un-nbkk-cbf9
23
vulnerability VCID-egtv-y9w1-skgr
24
vulnerability VCID-jrhg-3271-tqdy
25
vulnerability VCID-kzrs-mrga-nyej
26
vulnerability VCID-mm13-6dhq-nqfb
27
vulnerability VCID-myja-t33q-q3cv
28
vulnerability VCID-nacy-y1qt-5yhb
29
vulnerability VCID-ng6g-hvc2-bkg4
30
vulnerability VCID-p54u-b18k-jyft
31
vulnerability VCID-pgnc-fq4m-3kaz
32
vulnerability VCID-pmmq-8s2m-h7dp
33
vulnerability VCID-pnme-dc73-efcb
34
vulnerability VCID-qsuc-53pg-zkda
35
vulnerability VCID-rd4g-h1j9-23cb
36
vulnerability VCID-rsc6-y1uv-6bfq
37
vulnerability VCID-t89y-c9hq-9bhk
38
vulnerability VCID-ta99-gcmk-2qc8
39
vulnerability VCID-tpzm-u3qp-akc8
40
vulnerability VCID-w4ks-ufnz-vfav
41
vulnerability VCID-wapd-e3mu-sffn
42
vulnerability VCID-wsv7-je8g-sqet
43
vulnerability VCID-wszp-2es5-z7fy
44
vulnerability VCID-x34m-u169-1bce
45
vulnerability VCID-y1nb-prqc-suaj
46
vulnerability VCID-yq4q-hydz-vuga
47
vulnerability VCID-yygb-pp11-5udj
48
vulnerability VCID-zqer-y4s4-hqhy
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/drupal/core@8.0.0
1
url pkg:composer/drupal/core@9.2.13
purl pkg:composer/drupal/core@9.2.13
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/drupal/core@9.2.13
2
url pkg:composer/drupal/core@9.3.6
purl pkg:composer/drupal/core@9.3.6
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-r1hd-d39y-syhj
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/drupal/core@9.3.6
3
url pkg:composer/drupal/core-recommended@8.0.0
purl pkg:composer/drupal/core-recommended@8.0.0
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/drupal/core-recommended@8.0.0
4
url pkg:composer/drupal/core-recommended@9.2.13
purl pkg:composer/drupal/core-recommended@9.2.13
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/drupal/core-recommended@9.2.13
5
url pkg:composer/drupal/core-recommended@9.3.6
purl pkg:composer/drupal/core-recommended@9.3.6
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/drupal/core-recommended@9.3.6
6
url pkg:composer/drupal/drupal@8.0.0
purl pkg:composer/drupal/drupal@8.0.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2989-fmjz-nkby
1
vulnerability VCID-31qy-vagp-83b6
2
vulnerability VCID-3xk4-qwaq-5yaj
3
vulnerability VCID-56ze-2yw2-bfh8
4
vulnerability VCID-5c5c-m7ba-kqct
5
vulnerability VCID-6rtn-zphz-sydn
6
vulnerability VCID-9nk8-dban-g7h9
7
vulnerability VCID-a4u4-ga84-wyf9
8
vulnerability VCID-a7ss-tkb6-gkge
9
vulnerability VCID-ah3h-t9qa-gudr
10
vulnerability VCID-ard5-3cjv-1beu
11
vulnerability VCID-asm8-guag-b3ep
12
vulnerability VCID-avmn-kqky-83dd
13
vulnerability VCID-ay6b-1a7z-qkas
14
vulnerability VCID-bndv-n7w9-43b4
15
vulnerability VCID-bq2j-t19h-zyad
16
vulnerability VCID-dnc7-jg8m-8fh3
17
vulnerability VCID-dyhz-g3nv-yuc3
18
vulnerability VCID-e8un-nbkk-cbf9
19
vulnerability VCID-egtv-y9w1-skgr
20
vulnerability VCID-eyew-pw17-ryfj
21
vulnerability VCID-ks17-b29e-73au
22
vulnerability VCID-mm13-6dhq-nqfb
23
vulnerability VCID-mscp-wvvx-zfh3
24
vulnerability VCID-n5n3-p5yy-13d9
25
vulnerability VCID-nacy-y1qt-5yhb
26
vulnerability VCID-ng6g-hvc2-bkg4
27
vulnerability VCID-nn8g-m52e-5kfe
28
vulnerability VCID-pmmq-8s2m-h7dp
29
vulnerability VCID-pnme-dc73-efcb
30
vulnerability VCID-r4ja-mndm-uyge
31
vulnerability VCID-rd4g-h1j9-23cb
32
vulnerability VCID-rsc6-y1uv-6bfq
33
vulnerability VCID-s5qd-cpvc-c3cd
34
vulnerability VCID-ta99-gcmk-2qc8
35
vulnerability VCID-tbah-jrah-a3fg
36
vulnerability VCID-tbk2-zprq-27c8
37
vulnerability VCID-tpzm-u3qp-akc8
38
vulnerability VCID-w3x8-db6e-kued
39
vulnerability VCID-w4ks-ufnz-vfav
40
vulnerability VCID-wapd-e3mu-sffn
41
vulnerability VCID-wsv7-je8g-sqet
42
vulnerability VCID-wszp-2es5-z7fy
43
vulnerability VCID-x34m-u169-1bce
44
vulnerability VCID-y1nb-prqc-suaj
45
vulnerability VCID-zqer-y4s4-hqhy
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/drupal/drupal@8.0.0
Affected_packages
0
url pkg:composer/drupal/core@7.0.0
purl pkg:composer/drupal/core@7.0.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2g67-a42m-qfbh
1
vulnerability VCID-6rtn-zphz-sydn
2
vulnerability VCID-84eq-cq89-9qhm
3
vulnerability VCID-9nk8-dban-g7h9
4
vulnerability VCID-a3s2-c4k2-4ufn
5
vulnerability VCID-a4u4-ga84-wyf9
6
vulnerability VCID-a7ss-tkb6-gkge
7
vulnerability VCID-bge7-rqsx-gfee
8
vulnerability VCID-e12q-qavs-qybu
9
vulnerability VCID-e69p-v2ws-vufj
10
vulnerability VCID-e8un-nbkk-cbf9
11
vulnerability VCID-ey9c-4yhy-3qa5
12
vulnerability VCID-mscp-wvvx-zfh3
13
vulnerability VCID-n5n3-p5yy-13d9
14
vulnerability VCID-pmmq-8s2m-h7dp
15
vulnerability VCID-qsuc-53pg-zkda
16
vulnerability VCID-tpzm-u3qp-akc8
17
vulnerability VCID-wsv7-je8g-sqet
18
vulnerability VCID-wszp-2es5-z7fy
19
vulnerability VCID-x34m-u169-1bce
20
vulnerability VCID-yygb-pp11-5udj
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/drupal/core@7.0.0
1
url pkg:composer/drupal/core@9.2.0
purl pkg:composer/drupal/core@9.2.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2fas-m6vh-myhc
1
vulnerability VCID-2g67-a42m-qfbh
2
vulnerability VCID-2t34-82p3-73c3
3
vulnerability VCID-7v89-2sss-hfaz
4
vulnerability VCID-dav9-pgdh-8yey
5
vulnerability VCID-ydy1-x277-1fhj
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/drupal/core@9.2.0
2
url pkg:composer/drupal/core@9.3.0
purl pkg:composer/drupal/core@9.3.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2g67-a42m-qfbh
1
vulnerability VCID-ard5-3cjv-1beu
2
vulnerability VCID-egtv-y9w1-skgr
3
vulnerability VCID-g1ew-tnk9-cuh7
4
vulnerability VCID-ydy1-x277-1fhj
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/drupal/core@9.3.0
3
url pkg:composer/drupal/core-recommended@7.0.0
purl pkg:composer/drupal/core-recommended@7.0.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2g67-a42m-qfbh
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/drupal/core-recommended@7.0.0
4
url pkg:composer/drupal/core-recommended@9.2.0
purl pkg:composer/drupal/core-recommended@9.2.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2g67-a42m-qfbh
1
vulnerability VCID-ydy1-x277-1fhj
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/drupal/core-recommended@9.2.0
5
url pkg:composer/drupal/core-recommended@9.3.0
purl pkg:composer/drupal/core-recommended@9.3.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2g67-a42m-qfbh
1
vulnerability VCID-ydy1-x277-1fhj
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/drupal/core-recommended@9.3.0
6
url pkg:composer/drupal/drupal@7.0.0
purl pkg:composer/drupal/drupal@7.0.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2g67-a42m-qfbh
1
vulnerability VCID-9cr8-u5tp-yuc9
2
vulnerability VCID-9nk8-dban-g7h9
3
vulnerability VCID-a4u4-ga84-wyf9
4
vulnerability VCID-a7ss-tkb6-gkge
5
vulnerability VCID-bge7-rqsx-gfee
6
vulnerability VCID-dnc7-jg8m-8fh3
7
vulnerability VCID-e69p-v2ws-vufj
8
vulnerability VCID-e8un-nbkk-cbf9
9
vulnerability VCID-nn8g-m52e-5kfe
10
vulnerability VCID-nwza-zzn3-u3eb
11
vulnerability VCID-pmmq-8s2m-h7dp
12
vulnerability VCID-s144-c7ps-aqbj
13
vulnerability VCID-tbah-jrah-a3fg
14
vulnerability VCID-tpzm-u3qp-akc8
15
vulnerability VCID-upk3-jyze-e3gx
16
vulnerability VCID-wsv7-je8g-sqet
17
vulnerability VCID-wszp-2es5-z7fy
18
vulnerability VCID-x34m-u169-1bce
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/drupal/drupal@7.0.0
7
url pkg:composer/drupal/drupal@9.2.0
purl pkg:composer/drupal/drupal@9.2.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2g67-a42m-qfbh
1
vulnerability VCID-9cr8-u5tp-yuc9
2
vulnerability VCID-upk3-jyze-e3gx
3
vulnerability VCID-ydy1-x277-1fhj
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/drupal/drupal@9.2.0
8
url pkg:composer/drupal/drupal@9.3.0
purl pkg:composer/drupal/drupal@9.3.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2g67-a42m-qfbh
1
vulnerability VCID-9cr8-u5tp-yuc9
2
vulnerability VCID-ard5-3cjv-1beu
3
vulnerability VCID-egtv-y9w1-skgr
4
vulnerability VCID-g1ew-tnk9-cuh7
5
vulnerability VCID-upk3-jyze-e3gx
6
vulnerability VCID-ydy1-x277-1fhj
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/drupal/drupal@9.3.0
References
0
reference_url https://www.drupal.org/sa-core-2022-003
reference_id
reference_type
scores
url https://www.drupal.org/sa-core-2022-003
1
reference_url https://nvd.nist.gov/vuln/detail/CVE-2022-25271
reference_id CVE-2022-25271
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2022-25271
Weaknesses
0
cwe_id 1035
name OWASP Top Ten 2017 Category A9 - Using Components with Known Vulnerabilities
description Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2017.
1
cwe_id 20
name Improper Input Validation
description The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.
2
cwe_id 937
name OWASP Top Ten 2013 Category A9 - Using Components with Known Vulnerabilities
description Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2013.
Exploits
Severity_range_scorenull
Exploitabilitynull
Weighted_severitynull
Risk_scorenull
Resource_urlhttp://public2.vulnerablecode.io/vulnerabilities/VCID-2g67-a42m-qfbh