Django REST framework

Vulnerability Instance

Lookup for vulnerabilities affecting packages.

Vulnerability_idVCID-dav9-pgdh-8yey
Summarymultiple issues
Aliases
0
alias CVE-2020-13675
1
alias GHSA-v8wr-r69p-mmwx
Fixed_packages
0
url pkg:alpm/archlinux/drupal@9.2.6-1
purl pkg:alpm/archlinux/drupal@9.2.6-1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-6xfu-dm97-nkg4
1
vulnerability VCID-cbgv-19kg-z7a9
resource_url http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/drupal@9.2.6-1
1
url pkg:composer/drupal/core@8.9.19
purl pkg:composer/drupal/core@8.9.19
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/drupal/core@8.9.19
2
url pkg:composer/drupal/core@9.1.13
purl pkg:composer/drupal/core@9.1.13
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/drupal/core@9.1.13
3
url pkg:composer/drupal/core@9.2.6
purl pkg:composer/drupal/core@9.2.6
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/drupal/core@9.2.6
Affected_packages
0
url pkg:alpm/archlinux/drupal@9.2.0-1
purl pkg:alpm/archlinux/drupal@9.2.0-1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2fas-m6vh-myhc
1
vulnerability VCID-2t34-82p3-73c3
2
vulnerability VCID-7v89-2sss-hfaz
3
vulnerability VCID-dav9-pgdh-8yey
4
vulnerability VCID-dxtv-3ta3-n7fy
5
vulnerability VCID-gr4h-rkhw-wbac
resource_url http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/drupal@9.2.0-1
1
url pkg:composer/drupal/core@8.0.0
purl pkg:composer/drupal/core@8.0.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2989-fmjz-nkby
1
vulnerability VCID-2c5f-q858-huaw
2
vulnerability VCID-2fas-m6vh-myhc
3
vulnerability VCID-2t34-82p3-73c3
4
vulnerability VCID-31qy-vagp-83b6
5
vulnerability VCID-3pj1-y73r-vyhh
6
vulnerability VCID-3xk4-qwaq-5yaj
7
vulnerability VCID-4dpp-gg2v-q3et
8
vulnerability VCID-4p4c-7rdc-37fa
9
vulnerability VCID-4pg6-hqge-wkcb
10
vulnerability VCID-4q59-j6u4-qfhk
11
vulnerability VCID-56ze-2yw2-bfh8
12
vulnerability VCID-5c5c-m7ba-kqct
13
vulnerability VCID-5jy9-mhbb-nuh7
14
vulnerability VCID-67w7-gq9f-ukf1
15
vulnerability VCID-6c6t-kmb3-2qcm
16
vulnerability VCID-6s93-1cpz-yyg8
17
vulnerability VCID-7bq1-m8df-k3ba
18
vulnerability VCID-7ear-x9pf-yubc
19
vulnerability VCID-7n7v-41m4-97gk
20
vulnerability VCID-7v89-2sss-hfaz
21
vulnerability VCID-8qd6-8ckc-h3g5
22
vulnerability VCID-9nk8-dban-g7h9
23
vulnerability VCID-a3s2-c4k2-4ufn
24
vulnerability VCID-a4u4-ga84-wyf9
25
vulnerability VCID-a7ss-tkb6-gkge
26
vulnerability VCID-ah3h-t9qa-gudr
27
vulnerability VCID-ard5-3cjv-1beu
28
vulnerability VCID-asm8-guag-b3ep
29
vulnerability VCID-avmn-kqky-83dd
30
vulnerability VCID-ay6b-1a7z-qkas
31
vulnerability VCID-b8fw-ya7y-h7d8
32
vulnerability VCID-bq2j-t19h-zyad
33
vulnerability VCID-ckvk-xm4a-2qey
34
vulnerability VCID-dav9-pgdh-8yey
35
vulnerability VCID-deks-ns51-nbdg
36
vulnerability VCID-dhwb-tvs2-vkht
37
vulnerability VCID-dyhz-g3nv-yuc3
38
vulnerability VCID-e12q-qavs-qybu
39
vulnerability VCID-e8un-nbkk-cbf9
40
vulnerability VCID-edfu-7ege-hkf5
41
vulnerability VCID-egtv-y9w1-skgr
42
vulnerability VCID-es39-uyu2-myap
43
vulnerability VCID-hay8-hvsq-33bm
44
vulnerability VCID-j7bj-atys-qfg3
45
vulnerability VCID-jb63-xjup-1khv
46
vulnerability VCID-jrhg-3271-tqdy
47
vulnerability VCID-ks17-b29e-73au
48
vulnerability VCID-kzrs-mrga-nyej
49
vulnerability VCID-mm13-6dhq-nqfb
50
vulnerability VCID-myja-t33q-q3cv
51
vulnerability VCID-n5n3-p5yy-13d9
52
vulnerability VCID-nacy-y1qt-5yhb
53
vulnerability VCID-ng6g-hvc2-bkg4
54
vulnerability VCID-nwdx-mgsc-s3f3
55
vulnerability VCID-p54u-b18k-jyft
56
vulnerability VCID-pgnc-fq4m-3kaz
57
vulnerability VCID-pmmq-8s2m-h7dp
58
vulnerability VCID-pnme-dc73-efcb
59
vulnerability VCID-pzp5-2bpz-jfe2
60
vulnerability VCID-q6zh-decq-bkau
61
vulnerability VCID-qj1a-e46b-b7fs
62
vulnerability VCID-qsuc-53pg-zkda
63
vulnerability VCID-rd4g-h1j9-23cb
64
vulnerability VCID-rsc6-y1uv-6bfq
65
vulnerability VCID-t5ya-jzjf-ckh6
66
vulnerability VCID-t89y-c9hq-9bhk
67
vulnerability VCID-ta99-gcmk-2qc8
68
vulnerability VCID-tbhc-6qre-7kc5
69
vulnerability VCID-tbk2-zprq-27c8
70
vulnerability VCID-tpzm-u3qp-akc8
71
vulnerability VCID-ughj-q27r-yfe2
72
vulnerability VCID-uq9s-79g7-rqh6
73
vulnerability VCID-uvmv-j9kx-jfeq
74
vulnerability VCID-w4ks-ufnz-vfav
75
vulnerability VCID-wapd-e3mu-sffn
76
vulnerability VCID-wgac-uvfw-8ufm
77
vulnerability VCID-wsv7-je8g-sqet
78
vulnerability VCID-wszp-2es5-z7fy
79
vulnerability VCID-x34m-u169-1bce
80
vulnerability VCID-y1nb-prqc-suaj
81
vulnerability VCID-y5mz-1wsc-w3g7
82
vulnerability VCID-yq4q-hydz-vuga
83
vulnerability VCID-yygb-pp11-5udj
84
vulnerability VCID-z2xs-z24v-c3e5
85
vulnerability VCID-zpeb-7dhc-9kcx
86
vulnerability VCID-zqer-y4s4-hqhy
87
vulnerability VCID-zvtm-9bd5-ufgy
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/drupal/core@8.0.0
2
url pkg:composer/drupal/core@9.1.0
purl pkg:composer/drupal/core@9.1.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2fas-m6vh-myhc
1
vulnerability VCID-2t34-82p3-73c3
2
vulnerability VCID-67da-qxh5-aydx
3
vulnerability VCID-7v89-2sss-hfaz
4
vulnerability VCID-dav9-pgdh-8yey
5
vulnerability VCID-pzp5-2bpz-jfe2
6
vulnerability VCID-tpzm-u3qp-akc8
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/drupal/core@9.1.0
3
url pkg:composer/drupal/core@9.2.0
purl pkg:composer/drupal/core@9.2.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2fas-m6vh-myhc
1
vulnerability VCID-2g67-a42m-qfbh
2
vulnerability VCID-2t34-82p3-73c3
3
vulnerability VCID-7v89-2sss-hfaz
4
vulnerability VCID-dav9-pgdh-8yey
5
vulnerability VCID-pzp5-2bpz-jfe2
6
vulnerability VCID-ydy1-x277-1fhj
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/drupal/core@9.2.0
References
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-13675
reference_id
reference_type
scores
0
value 0.00797
scoring_system epss
scoring_elements 0.7435
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-13675
1
reference_url https://github.com/drupal/core
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/drupal/core
2
reference_url https://www.drupal.org/sa-core-2021-008
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://www.drupal.org/sa-core-2021-008
3
reference_url https://security.archlinux.org/AVG-2407
reference_id AVG-2407
reference_type
scores
0
value High
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-2407
4
reference_url https://nvd.nist.gov/vuln/detail/CVE-2020-13675
reference_id CVE-2020-13675
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2020-13675
5
reference_url https://github.com/advisories/GHSA-v8wr-r69p-mmwx
reference_id GHSA-v8wr-r69p-mmwx
reference_type
scores
url https://github.com/advisories/GHSA-v8wr-r69p-mmwx
Weaknesses
0
cwe_id 1035
name OWASP Top Ten 2017 Category A9 - Using Components with Known Vulnerabilities
description Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2017.
1
cwe_id 434
name Unrestricted Upload of File with Dangerous Type
description The product allows the attacker to upload or transfer files of dangerous types that can be automatically processed within the product's environment.
2
cwe_id 937
name OWASP Top Ten 2013 Category A9 - Using Components with Known Vulnerabilities
description Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2013.
3
cwe_id 284
name Improper Access Control
description The product does not restrict or incorrectly restricts access to a resource from an unauthorized actor.
Exploits
Severity_range_score7.0 - 10.0
Exploitability0.5
Weighted_severity9.0
Risk_score4.5
Resource_urlhttp://public2.vulnerablecode.io/vulnerabilities/VCID-dav9-pgdh-8yey