Django REST framework

Vulnerability Instance

Lookup for vulnerabilities affecting packages.

Vulnerability_idVCID-7ned-rdx5-fyc3
Summary
Improper Access Control
An access bypass vulnerability exists when the experimental Workspaces module. This can be mitigated by disabling the Workspaces module.
Aliases
0
alias CVE-2019-6342
1
alias GHSA-xq62-62c9-22mg
Fixed_packages
0
url pkg:composer/drupal/core@8.7.5
purl pkg:composer/drupal/core@8.7.5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2c5f-q858-huaw
1
vulnerability VCID-2fas-m6vh-myhc
2
vulnerability VCID-2t34-82p3-73c3
3
vulnerability VCID-31qy-vagp-83b6
4
vulnerability VCID-3pj1-y73r-vyhh
5
vulnerability VCID-3xk4-qwaq-5yaj
6
vulnerability VCID-4p4c-7rdc-37fa
7
vulnerability VCID-4q59-j6u4-qfhk
8
vulnerability VCID-54qh-fz2a-cyh6
9
vulnerability VCID-5jy9-mhbb-nuh7
10
vulnerability VCID-67w7-gq9f-ukf1
11
vulnerability VCID-6s93-1cpz-yyg8
12
vulnerability VCID-7v89-2sss-hfaz
13
vulnerability VCID-a3s2-c4k2-4ufn
14
vulnerability VCID-a7ss-tkb6-gkge
15
vulnerability VCID-ard5-3cjv-1beu
16
vulnerability VCID-avmn-kqky-83dd
17
vulnerability VCID-b8fw-ya7y-h7d8
18
vulnerability VCID-ckvk-xm4a-2qey
19
vulnerability VCID-dav9-pgdh-8yey
20
vulnerability VCID-deks-ns51-nbdg
21
vulnerability VCID-dyhz-g3nv-yuc3
22
vulnerability VCID-egtv-y9w1-skgr
23
vulnerability VCID-hay8-hvsq-33bm
24
vulnerability VCID-hkch-a5yn-jyg1
25
vulnerability VCID-j7bj-atys-qfg3
26
vulnerability VCID-jed8-4cv5-6bcr
27
vulnerability VCID-kzrs-mrga-nyej
28
vulnerability VCID-nacy-y1qt-5yhb
29
vulnerability VCID-p54u-b18k-jyft
30
vulnerability VCID-pzp5-2bpz-jfe2
31
vulnerability VCID-rd4g-h1j9-23cb
32
vulnerability VCID-t89y-c9hq-9bhk
33
vulnerability VCID-tp81-dw6e-9qah
34
vulnerability VCID-tpzm-u3qp-akc8
35
vulnerability VCID-uq9s-79g7-rqh6
36
vulnerability VCID-vjrr-h9sh-3bcu
37
vulnerability VCID-wsv7-je8g-sqet
38
vulnerability VCID-yq4q-hydz-vuga
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/drupal/core@8.7.5
1
url pkg:composer/drupal/drupal@8.7.5
purl pkg:composer/drupal/drupal@8.7.5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2w1s-g91k-xuhj
1
vulnerability VCID-31qy-vagp-83b6
2
vulnerability VCID-3dgm-qju3-aqh5
3
vulnerability VCID-3xk4-qwaq-5yaj
4
vulnerability VCID-4p4c-7rdc-37fa
5
vulnerability VCID-7n8f-bdkf-sqfu
6
vulnerability VCID-a7ss-tkb6-gkge
7
vulnerability VCID-ard5-3cjv-1beu
8
vulnerability VCID-avmn-kqky-83dd
9
vulnerability VCID-dyhz-g3nv-yuc3
10
vulnerability VCID-egtv-y9w1-skgr
11
vulnerability VCID-j7bj-atys-qfg3
12
vulnerability VCID-jed8-4cv5-6bcr
13
vulnerability VCID-n318-rcfy-uybg
14
vulnerability VCID-nacy-y1qt-5yhb
15
vulnerability VCID-pxwv-fhy9-ckfm
16
vulnerability VCID-rd4g-h1j9-23cb
17
vulnerability VCID-tcan-28ga-j3h1
18
vulnerability VCID-tp81-dw6e-9qah
19
vulnerability VCID-tpzm-u3qp-akc8
20
vulnerability VCID-vjrr-h9sh-3bcu
21
vulnerability VCID-wsv7-je8g-sqet
22
vulnerability VCID-xz7z-trbh-j7dk
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/drupal/drupal@8.7.5
Affected_packages
0
url pkg:composer/drupal/core@8.7.4
purl pkg:composer/drupal/core@8.7.4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2c5f-q858-huaw
1
vulnerability VCID-2fas-m6vh-myhc
2
vulnerability VCID-2t34-82p3-73c3
3
vulnerability VCID-31qy-vagp-83b6
4
vulnerability VCID-3pj1-y73r-vyhh
5
vulnerability VCID-3xk4-qwaq-5yaj
6
vulnerability VCID-4p4c-7rdc-37fa
7
vulnerability VCID-4q59-j6u4-qfhk
8
vulnerability VCID-54qh-fz2a-cyh6
9
vulnerability VCID-5jy9-mhbb-nuh7
10
vulnerability VCID-67w7-gq9f-ukf1
11
vulnerability VCID-6s93-1cpz-yyg8
12
vulnerability VCID-7ned-rdx5-fyc3
13
vulnerability VCID-7v89-2sss-hfaz
14
vulnerability VCID-a3s2-c4k2-4ufn
15
vulnerability VCID-a7ss-tkb6-gkge
16
vulnerability VCID-ard5-3cjv-1beu
17
vulnerability VCID-avmn-kqky-83dd
18
vulnerability VCID-b8fw-ya7y-h7d8
19
vulnerability VCID-ckvk-xm4a-2qey
20
vulnerability VCID-dav9-pgdh-8yey
21
vulnerability VCID-deks-ns51-nbdg
22
vulnerability VCID-dyhz-g3nv-yuc3
23
vulnerability VCID-egtv-y9w1-skgr
24
vulnerability VCID-hay8-hvsq-33bm
25
vulnerability VCID-hkch-a5yn-jyg1
26
vulnerability VCID-j7bj-atys-qfg3
27
vulnerability VCID-jed8-4cv5-6bcr
28
vulnerability VCID-kzrs-mrga-nyej
29
vulnerability VCID-nacy-y1qt-5yhb
30
vulnerability VCID-p54u-b18k-jyft
31
vulnerability VCID-pzp5-2bpz-jfe2
32
vulnerability VCID-rd4g-h1j9-23cb
33
vulnerability VCID-t89y-c9hq-9bhk
34
vulnerability VCID-tp81-dw6e-9qah
35
vulnerability VCID-tpzm-u3qp-akc8
36
vulnerability VCID-uq9s-79g7-rqh6
37
vulnerability VCID-vjrr-h9sh-3bcu
38
vulnerability VCID-wsv7-je8g-sqet
39
vulnerability VCID-yq4q-hydz-vuga
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/drupal/core@8.7.4
1
url pkg:composer/drupal/drupal@8.7.4
purl pkg:composer/drupal/drupal@8.7.4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2w1s-g91k-xuhj
1
vulnerability VCID-31qy-vagp-83b6
2
vulnerability VCID-3dgm-qju3-aqh5
3
vulnerability VCID-3xk4-qwaq-5yaj
4
vulnerability VCID-4p4c-7rdc-37fa
5
vulnerability VCID-7n8f-bdkf-sqfu
6
vulnerability VCID-7ned-rdx5-fyc3
7
vulnerability VCID-a7ss-tkb6-gkge
8
vulnerability VCID-ard5-3cjv-1beu
9
vulnerability VCID-avmn-kqky-83dd
10
vulnerability VCID-dyhz-g3nv-yuc3
11
vulnerability VCID-egtv-y9w1-skgr
12
vulnerability VCID-j7bj-atys-qfg3
13
vulnerability VCID-jed8-4cv5-6bcr
14
vulnerability VCID-n318-rcfy-uybg
15
vulnerability VCID-nacy-y1qt-5yhb
16
vulnerability VCID-pxwv-fhy9-ckfm
17
vulnerability VCID-rd4g-h1j9-23cb
18
vulnerability VCID-tcan-28ga-j3h1
19
vulnerability VCID-tp81-dw6e-9qah
20
vulnerability VCID-tpzm-u3qp-akc8
21
vulnerability VCID-vjrr-h9sh-3bcu
22
vulnerability VCID-wsv7-je8g-sqet
23
vulnerability VCID-xz7z-trbh-j7dk
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/drupal/drupal@8.7.4
References
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2019-6342
reference_id
reference_type
scores
0
value 0.002
scoring_system epss
scoring_elements 0.41996
published_at 2026-06-04T12:55:00Z
1
value 0.002
scoring_system epss
scoring_elements 0.4207
published_at 2026-06-05T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2019-6342
1
reference_url https://github.com/drupal/core/commit/bac9bde22bb545ff72570d8a46055c6c6e70e7c5
reference_id
reference_type
scores
url https://github.com/drupal/core/commit/bac9bde22bb545ff72570d8a46055c6c6e70e7c5
2
reference_url https://www.drupal.org/sa-core-2019-008
reference_id
reference_type
scores
url https://www.drupal.org/sa-core-2019-008
3
reference_url https://nvd.nist.gov/vuln/detail/CVE-2019-6342
reference_id CVE-2019-6342
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2019-6342
4
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/drupal/core/CVE-2019-6342.yaml
reference_id CVE-2019-6342.YAML
reference_type
scores
url https://github.com/FriendsOfPHP/security-advisories/blob/master/drupal/core/CVE-2019-6342.yaml
5
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/drupal/drupal/CVE-2019-6342.yaml
reference_id CVE-2019-6342.YAML
reference_type
scores
url https://github.com/FriendsOfPHP/security-advisories/blob/master/drupal/drupal/CVE-2019-6342.yaml
6
reference_url https://github.com/advisories/GHSA-xq62-62c9-22mg
reference_id GHSA-xq62-62c9-22mg
reference_type
scores
0
value CRITICAL
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-xq62-62c9-22mg
Weaknesses
0
cwe_id 1035
name OWASP Top Ten 2017 Category A9 - Using Components with Known Vulnerabilities
description Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2017.
1
cwe_id 20
name Improper Input Validation
description The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.
2
cwe_id 937
name OWASP Top Ten 2013 Category A9 - Using Components with Known Vulnerabilities
description Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2013.
3
cwe_id 284
name Improper Access Control
description The product does not restrict or incorrectly restricts access to a resource from an unauthorized actor.
Exploits
Severity_range_score9.0 - 10.0
Exploitability0.5
Weighted_severity0.0
Risk_scorenull
Resource_urlhttp://public2.vulnerablecode.io/vulnerabilities/VCID-7ned-rdx5-fyc3