Django REST framework

Vulnerability Instance

Lookup for vulnerabilities affecting packages.

Vulnerability_idVCID-7v89-2sss-hfaz
Summarymultiple issues
Aliases
0
alias CVE-2020-13674
1
alias GHSA-j586-cj67-vg4p
Fixed_packages
0
url pkg:alpm/archlinux/drupal@9.2.6-1
purl pkg:alpm/archlinux/drupal@9.2.6-1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-6xfu-dm97-nkg4
1
vulnerability VCID-cbgv-19kg-z7a9
resource_url http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/drupal@9.2.6-1
1
url pkg:composer/drupal/core@8.9.19
purl pkg:composer/drupal/core@8.9.19
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/drupal/core@8.9.19
2
url pkg:composer/drupal/core@9.1.13
purl pkg:composer/drupal/core@9.1.13
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/drupal/core@9.1.13
3
url pkg:composer/drupal/core@9.2.6
purl pkg:composer/drupal/core@9.2.6
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/drupal/core@9.2.6
Affected_packages
0
url pkg:alpm/archlinux/drupal@9.2.0-1
purl pkg:alpm/archlinux/drupal@9.2.0-1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2fas-m6vh-myhc
1
vulnerability VCID-2t34-82p3-73c3
2
vulnerability VCID-7v89-2sss-hfaz
3
vulnerability VCID-dav9-pgdh-8yey
4
vulnerability VCID-dxtv-3ta3-n7fy
5
vulnerability VCID-gr4h-rkhw-wbac
resource_url http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/drupal@9.2.0-1
1
url pkg:composer/drupal/core@8.0.0
purl pkg:composer/drupal/core@8.0.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2989-fmjz-nkby
1
vulnerability VCID-2c5f-q858-huaw
2
vulnerability VCID-2fas-m6vh-myhc
3
vulnerability VCID-2t34-82p3-73c3
4
vulnerability VCID-31qy-vagp-83b6
5
vulnerability VCID-3pj1-y73r-vyhh
6
vulnerability VCID-3xk4-qwaq-5yaj
7
vulnerability VCID-4dpp-gg2v-q3et
8
vulnerability VCID-4p4c-7rdc-37fa
9
vulnerability VCID-4pg6-hqge-wkcb
10
vulnerability VCID-4q59-j6u4-qfhk
11
vulnerability VCID-56ze-2yw2-bfh8
12
vulnerability VCID-5c5c-m7ba-kqct
13
vulnerability VCID-5jy9-mhbb-nuh7
14
vulnerability VCID-67w7-gq9f-ukf1
15
vulnerability VCID-6c6t-kmb3-2qcm
16
vulnerability VCID-6s93-1cpz-yyg8
17
vulnerability VCID-7bq1-m8df-k3ba
18
vulnerability VCID-7ear-x9pf-yubc
19
vulnerability VCID-7n7v-41m4-97gk
20
vulnerability VCID-7v89-2sss-hfaz
21
vulnerability VCID-8qd6-8ckc-h3g5
22
vulnerability VCID-9nk8-dban-g7h9
23
vulnerability VCID-a3s2-c4k2-4ufn
24
vulnerability VCID-a4u4-ga84-wyf9
25
vulnerability VCID-a7ss-tkb6-gkge
26
vulnerability VCID-ah3h-t9qa-gudr
27
vulnerability VCID-ard5-3cjv-1beu
28
vulnerability VCID-asm8-guag-b3ep
29
vulnerability VCID-avmn-kqky-83dd
30
vulnerability VCID-ay6b-1a7z-qkas
31
vulnerability VCID-b8fw-ya7y-h7d8
32
vulnerability VCID-bq2j-t19h-zyad
33
vulnerability VCID-ckvk-xm4a-2qey
34
vulnerability VCID-dav9-pgdh-8yey
35
vulnerability VCID-deks-ns51-nbdg
36
vulnerability VCID-dhwb-tvs2-vkht
37
vulnerability VCID-dyhz-g3nv-yuc3
38
vulnerability VCID-e12q-qavs-qybu
39
vulnerability VCID-e8un-nbkk-cbf9
40
vulnerability VCID-edfu-7ege-hkf5
41
vulnerability VCID-egtv-y9w1-skgr
42
vulnerability VCID-es39-uyu2-myap
43
vulnerability VCID-hay8-hvsq-33bm
44
vulnerability VCID-j7bj-atys-qfg3
45
vulnerability VCID-jb63-xjup-1khv
46
vulnerability VCID-jrhg-3271-tqdy
47
vulnerability VCID-ks17-b29e-73au
48
vulnerability VCID-kzrs-mrga-nyej
49
vulnerability VCID-mm13-6dhq-nqfb
50
vulnerability VCID-myja-t33q-q3cv
51
vulnerability VCID-n5n3-p5yy-13d9
52
vulnerability VCID-nacy-y1qt-5yhb
53
vulnerability VCID-ng6g-hvc2-bkg4
54
vulnerability VCID-nwdx-mgsc-s3f3
55
vulnerability VCID-p54u-b18k-jyft
56
vulnerability VCID-pgnc-fq4m-3kaz
57
vulnerability VCID-pmmq-8s2m-h7dp
58
vulnerability VCID-pnme-dc73-efcb
59
vulnerability VCID-pzp5-2bpz-jfe2
60
vulnerability VCID-q6zh-decq-bkau
61
vulnerability VCID-qj1a-e46b-b7fs
62
vulnerability VCID-qsuc-53pg-zkda
63
vulnerability VCID-rd4g-h1j9-23cb
64
vulnerability VCID-rsc6-y1uv-6bfq
65
vulnerability VCID-t5ya-jzjf-ckh6
66
vulnerability VCID-t89y-c9hq-9bhk
67
vulnerability VCID-ta99-gcmk-2qc8
68
vulnerability VCID-tbhc-6qre-7kc5
69
vulnerability VCID-tbk2-zprq-27c8
70
vulnerability VCID-tpzm-u3qp-akc8
71
vulnerability VCID-ughj-q27r-yfe2
72
vulnerability VCID-uq9s-79g7-rqh6
73
vulnerability VCID-uvmv-j9kx-jfeq
74
vulnerability VCID-w4ks-ufnz-vfav
75
vulnerability VCID-wapd-e3mu-sffn
76
vulnerability VCID-wgac-uvfw-8ufm
77
vulnerability VCID-wsv7-je8g-sqet
78
vulnerability VCID-wszp-2es5-z7fy
79
vulnerability VCID-x34m-u169-1bce
80
vulnerability VCID-y1nb-prqc-suaj
81
vulnerability VCID-y5mz-1wsc-w3g7
82
vulnerability VCID-yq4q-hydz-vuga
83
vulnerability VCID-yygb-pp11-5udj
84
vulnerability VCID-z2xs-z24v-c3e5
85
vulnerability VCID-zpeb-7dhc-9kcx
86
vulnerability VCID-zqer-y4s4-hqhy
87
vulnerability VCID-zvtm-9bd5-ufgy
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/drupal/core@8.0.0
2
url pkg:composer/drupal/core@9.1.0
purl pkg:composer/drupal/core@9.1.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2fas-m6vh-myhc
1
vulnerability VCID-2t34-82p3-73c3
2
vulnerability VCID-67da-qxh5-aydx
3
vulnerability VCID-7v89-2sss-hfaz
4
vulnerability VCID-dav9-pgdh-8yey
5
vulnerability VCID-pzp5-2bpz-jfe2
6
vulnerability VCID-tpzm-u3qp-akc8
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/drupal/core@9.1.0
3
url pkg:composer/drupal/core@9.2.0
purl pkg:composer/drupal/core@9.2.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2fas-m6vh-myhc
1
vulnerability VCID-2g67-a42m-qfbh
2
vulnerability VCID-2t34-82p3-73c3
3
vulnerability VCID-7v89-2sss-hfaz
4
vulnerability VCID-dav9-pgdh-8yey
5
vulnerability VCID-pzp5-2bpz-jfe2
6
vulnerability VCID-ydy1-x277-1fhj
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/drupal/core@9.2.0
References
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-13674
reference_id
reference_type
scores
0
value 0.0014
scoring_system epss
scoring_elements 0.3383
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-13674
1
reference_url https://github.com/drupal/core
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/drupal/core
2
reference_url https://github.com/drupal/core/commit/20cd85db8198c63101bd050ea973b13f2f3edef6
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/drupal/core/commit/20cd85db8198c63101bd050ea973b13f2f3edef6
3
reference_url https://github.com/drupal/core/commit/6359b3ea5aacf85399285c522c6d787a218c897c
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/drupal/core/commit/6359b3ea5aacf85399285c522c6d787a218c897c
4
reference_url https://github.com/drupal/core/commit/801910fcdfc14ee6120051089a2129e455186ad8
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/drupal/core/commit/801910fcdfc14ee6120051089a2129e455186ad8
5
reference_url https://www.drupal.org/sa-core-2021-007
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.drupal.org/sa-core-2021-007
6
reference_url https://security.archlinux.org/AVG-2407
reference_id AVG-2407
reference_type
scores
0
value High
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-2407
7
reference_url https://nvd.nist.gov/vuln/detail/CVE-2020-13674
reference_id CVE-2020-13674
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2020-13674
8
reference_url https://github.com/advisories/GHSA-j586-cj67-vg4p
reference_id GHSA-j586-cj67-vg4p
reference_type
scores
url https://github.com/advisories/GHSA-j586-cj67-vg4p
Weaknesses
0
cwe_id 1035
name OWASP Top Ten 2017 Category A9 - Using Components with Known Vulnerabilities
description Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2017.
1
cwe_id 352
name Cross-Site Request Forgery (CSRF)
description The web application does not, or can not, sufficiently verify whether a well-formed, valid, consistent request was intentionally provided by the user who submitted the request.
2
cwe_id 937
name OWASP Top Ten 2013 Category A9 - Using Components with Known Vulnerabilities
description Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2013.
Exploits
Severity_range_score4.0 - 8.9
Exploitability0.5
Weighted_severity8.0
Risk_score4.0
Resource_urlhttp://public2.vulnerablecode.io/vulnerabilities/VCID-7v89-2sss-hfaz