Django REST framework

Vulnerability Instance

Lookup for vulnerabilities affecting packages.

Vulnerability_idVCID-36ve-7wxt-z7fz
Summary
Magento affected by remote code execution vulnerability in the CMS page scheduled update feature
Magento versions 2.4.2 (and earlier), 2.4.2-p1 (and earlier) and 2.3.7 (and earlier) are affected by an Improper input validation vulnerability within the CMS page scheduled update feature. An authenticated attacker with administrative privilege could leverage this vulnerability to achieve remote code execution on the system.
Aliases
0
alias CVE-2021-36021
1
alias GHSA-4g27-q2w9-m8m8
Fixed_packages
0
url pkg:composer/magento/community-edition@2.3.7-p1
purl pkg:composer/magento/community-edition@2.3.7-p1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-y93w-2qcc-wqg8
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.3.7-p1
1
url pkg:composer/magento/community-edition@2.4.2-p2
purl pkg:composer/magento/community-edition@2.4.2-p2
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.2-p2
Affected_packages
0
url pkg:composer/magento/community-edition@2.3.7
purl pkg:composer/magento/community-edition@2.3.7
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-36ve-7wxt-z7fz
1
vulnerability VCID-b5hn-f1qk-z7cu
2
vulnerability VCID-nn21-hf8r-ykfd
3
vulnerability VCID-y93w-2qcc-wqg8
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.3.7
1
url pkg:composer/magento/community-edition@2.4.2-p1
purl pkg:composer/magento/community-edition@2.4.2-p1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-36ve-7wxt-z7fz
1
vulnerability VCID-b5hn-f1qk-z7cu
2
vulnerability VCID-nn21-hf8r-ykfd
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.2-p1
2
url pkg:composer/magento/community-edition@2.4.2
purl pkg:composer/magento/community-edition@2.4.2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1k4q-2ttb-13hd
1
vulnerability VCID-36ve-7wxt-z7fz
2
vulnerability VCID-b5hn-f1qk-z7cu
3
vulnerability VCID-nn21-hf8r-ykfd
4
vulnerability VCID-yvcy-4e8m-p3b8
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.2
3
url pkg:composer/magento/project-community-edition@2.0.2
purl pkg:composer/magento/project-community-edition@2.0.2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1jsp-392b-2fgb
1
vulnerability VCID-2h52-3pt6-dfcw
2
vulnerability VCID-2vsw-t8k2-4bfm
3
vulnerability VCID-2z3f-wtw6-yydf
4
vulnerability VCID-36ve-7wxt-z7fz
5
vulnerability VCID-3et4-3zad-1qfn
6
vulnerability VCID-3zcy-b3th-ukhd
7
vulnerability VCID-4dae-vty8-b7hk
8
vulnerability VCID-525q-afzj-tkcp
9
vulnerability VCID-5gxr-xksz-5ydb
10
vulnerability VCID-6p6q-ctya-q3bv
11
vulnerability VCID-6t9w-cnkz-s3c3
12
vulnerability VCID-6tx4-wexr-fkbb
13
vulnerability VCID-7hrm-jtbx-sqgm
14
vulnerability VCID-7s74-rdkp-vyaf
15
vulnerability VCID-7s7e-adr6-h3dc
16
vulnerability VCID-8hx4-r8bb-n7ge
17
vulnerability VCID-8ky6-w2nk-9bds
18
vulnerability VCID-8msu-s38a-p7e3
19
vulnerability VCID-8shb-t5zp-rqbu
20
vulnerability VCID-9cc9-npdc-8bac
21
vulnerability VCID-9vrt-uccb-myev
22
vulnerability VCID-a8gs-ervm-e3hm
23
vulnerability VCID-a9b6-tenb-afdw
24
vulnerability VCID-agtm-nkhp-dkdn
25
vulnerability VCID-az2w-5xhy-5fe4
26
vulnerability VCID-b3cn-pjp3-4yhm
27
vulnerability VCID-b4jg-dj1a-9qd5
28
vulnerability VCID-b5hn-f1qk-z7cu
29
vulnerability VCID-b9ry-u6qy-j7cc
30
vulnerability VCID-cafy-5dd8-rudj
31
vulnerability VCID-cc8x-6es1-8kc5
32
vulnerability VCID-ccx1-qacj-2qev
33
vulnerability VCID-cgwk-hn4t-n7c1
34
vulnerability VCID-cm2a-1yc5-v3cy
35
vulnerability VCID-cqjn-3z6n-sff1
36
vulnerability VCID-d2ab-j8bf-e7dx
37
vulnerability VCID-d6mk-hg8h-7qbc
38
vulnerability VCID-dj5a-35gt-u7dn
39
vulnerability VCID-dpgz-dacm-sqg6
40
vulnerability VCID-dx43-89w9-a7dg
41
vulnerability VCID-e9zx-zy9y-2fcp
42
vulnerability VCID-egy6-nku7-zyap
43
vulnerability VCID-eygc-ra9u-gyej
44
vulnerability VCID-fz5y-um7w-63f4
45
vulnerability VCID-fzam-yuyg-qyd5
46
vulnerability VCID-fzm9-e6bg-r7aw
47
vulnerability VCID-gedj-39p5-ubd6
48
vulnerability VCID-hbau-7tvg-cygz
49
vulnerability VCID-hh8a-mgkk-3yb5
50
vulnerability VCID-j124-q39m-mkby
51
vulnerability VCID-j5vp-2jrx-ukf4
52
vulnerability VCID-j6ss-8f4e-e7g2
53
vulnerability VCID-jhd5-tqph-3ufu
54
vulnerability VCID-jr49-4fs3-8qcp
55
vulnerability VCID-kezx-5nw5-hfen
56
vulnerability VCID-kxnm-y19k-mqg2
57
vulnerability VCID-m5z8-hz81-j7b7
58
vulnerability VCID-m83v-51cy-uqar
59
vulnerability VCID-md7v-w5aq-t7h1
60
vulnerability VCID-mhvf-2keh-2qar
61
vulnerability VCID-mjb6-7au8-5fdx
62
vulnerability VCID-msac-ptqf-pyg1
63
vulnerability VCID-mtr5-suag-2bdj
64
vulnerability VCID-nn21-hf8r-ykfd
65
vulnerability VCID-p222-28c1-vfhy
66
vulnerability VCID-qfw5-3tdu-x7g4
67
vulnerability VCID-qj4x-u7gx-9uf1
68
vulnerability VCID-qp7s-amch-v3cd
69
vulnerability VCID-qrwc-3gsb-zkfy
70
vulnerability VCID-qzqd-271b-ybfj
71
vulnerability VCID-r4bw-w4t9-23ek
72
vulnerability VCID-r7nh-arcj-8fb3
73
vulnerability VCID-rbjk-3gcs-2qb5
74
vulnerability VCID-re84-qg3k-3ub3
75
vulnerability VCID-rf6p-ct86-5bgz
76
vulnerability VCID-ruru-fwmn-5kes
77
vulnerability VCID-s4bp-kzfu-8qfy
78
vulnerability VCID-s5e2-d6n8-kkbr
79
vulnerability VCID-scg7-ugdn-53b9
80
vulnerability VCID-tc3m-4bkg-qkcf
81
vulnerability VCID-te3b-exz5-zke1
82
vulnerability VCID-th7y-aj51-mbaj
83
vulnerability VCID-tvz9-8s4d-gbg6
84
vulnerability VCID-tzug-ckkn-dyft
85
vulnerability VCID-upcj-z3c1-ubcf
86
vulnerability VCID-w3zd-fezc-nuhd
87
vulnerability VCID-wjfe-wh5k-1qft
88
vulnerability VCID-ws6y-k3tx-r3gb
89
vulnerability VCID-wzu6-rbsv-mkde
90
vulnerability VCID-x46d-a16g-nkg9
91
vulnerability VCID-xsq8-ztqh-ubb8
92
vulnerability VCID-y4r1-yr69-uuf6
93
vulnerability VCID-y7x4-664r-3fbk
94
vulnerability VCID-y93w-2qcc-wqg8
95
vulnerability VCID-yuvf-e7hk-kqf9
96
vulnerability VCID-yyq6-dvyx-3bb9
97
vulnerability VCID-zt9b-9sjx-7qb4
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/magento/project-community-edition@2.0.2
References
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-36021
reference_id
reference_type
scores
0
value 0.01308
scoring_system epss
scoring_elements 0.80129
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-36021
1
reference_url https://github.com/magento/magento2
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/magento/magento2
2
reference_url https://helpx.adobe.com/security/products/magento/apsb21-64.html
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://helpx.adobe.com/security/products/magento/apsb21-64.html
3
reference_url https://nvd.nist.gov/vuln/detail/CVE-2021-36021
reference_id CVE-2021-36021
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2021-36021
4
reference_url https://github.com/advisories/GHSA-4g27-q2w9-m8m8
reference_id GHSA-4g27-q2w9-m8m8
reference_type
scores
url https://github.com/advisories/GHSA-4g27-q2w9-m8m8
Weaknesses
0
cwe_id 20
name Improper Input Validation
description The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.
1
cwe_id 937
name OWASP Top Ten 2013 Category A9 - Using Components with Known Vulnerabilities
description Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2013.
2
cwe_id 1035
name OWASP Top Ten 2017 Category A9 - Using Components with Known Vulnerabilities
description Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2017.
Exploits
Severity_range_score9.0 - 10.0
Exploitability0.5
Weighted_severity9.0
Risk_score4.5
Resource_urlhttp://public2.vulnerablecode.io/vulnerabilities/VCID-36ve-7wxt-z7fz