Django REST framework

Lookup for vulnerabilities affecting packages.

Vulnerability_id VCID-49gh-wgmc-mfew

Summary information disclosure

Aliases

alias	CVE-2021-20180

alias	GHSA-fh5v-5f35-2rv2

Fixed_packages

url	pkg:alpm/archlinux/ansible@2.10.7-1
purl	pkg:alpm/archlinux/ansible@2.10.7-1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/ansible@2.10.7-1

url	pkg:deb/debian/ansible@2.10.7-1?distro=trixie
purl	pkg:deb/debian/ansible@2.10.7-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/ansible@2.10.7-1%3Fdistro=trixie

url	pkg:deb/debian/ansible@2.10.7%2Bmerged%2Bbase%2B2.10.17%2Bdfsg-0%2Bdeb11u1?distro=trixie
purl	pkg:deb/debian/ansible@2.10.7%2Bmerged%2Bbase%2B2.10.17%2Bdfsg-0%2Bdeb11u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/ansible@2.10.7%252Bmerged%252Bbase%252B2.10.17%252Bdfsg-0%252Bdeb11u1%3Fdistro=trixie

url	pkg:deb/debian/ansible@7.7.0%2Bdfsg-3%2Bdeb12u1?distro=trixie
purl	pkg:deb/debian/ansible@7.7.0%2Bdfsg-3%2Bdeb12u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/ansible@7.7.0%252Bdfsg-3%252Bdeb12u1%3Fdistro=trixie

url	pkg:deb/debian/ansible@12.0.0%2Bdfsg-0%2Bdeb13u1?distro=trixie
purl	pkg:deb/debian/ansible@12.0.0%2Bdfsg-0%2Bdeb13u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/ansible@12.0.0%252Bdfsg-0%252Bdeb13u1%3Fdistro=trixie

url	pkg:deb/debian/ansible@14.0.0~a4%2Bdfsg-1?distro=trixie
purl	pkg:deb/debian/ansible@14.0.0~a4%2Bdfsg-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/ansible@14.0.0~a4%252Bdfsg-1%3Fdistro=trixie

url pkg:pypi/ansible@2.8.19

purl pkg:pypi/ansible@2.8.19

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-3jxq-kxnz-6bfh

vulnerability	VCID-5mcc-gtrr-j3e4

vulnerability	VCID-95kg-bk3s-g7gx

vulnerability	VCID-b8cv-v25q-1kh3

vulnerability	VCID-enwa-2cfn-5uab

vulnerability	VCID-kgjy-7kdy-c3cg

vulnerability	VCID-m87b-eb5y-8ydf

vulnerability	VCID-qtt6-8kf8-1fbt

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/ansible@2.8.19

url pkg:pypi/ansible@2.9.18

purl pkg:pypi/ansible@2.9.18

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-3jxq-kxnz-6bfh

vulnerability	VCID-b8cv-v25q-1kh3

vulnerability	VCID-enwa-2cfn-5uab

vulnerability	VCID-kgjy-7kdy-c3cg

vulnerability	VCID-m87b-eb5y-8ydf

vulnerability	VCID-qtt6-8kf8-1fbt

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/ansible@2.9.18

Affected_packages

url pkg:alpm/archlinux/ansible@2.10.5-1

purl pkg:alpm/archlinux/ansible@2.10.5-1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-49gh-wgmc-mfew

vulnerability	VCID-5mcc-gtrr-j3e4

vulnerability	VCID-uvca-5e2n-pqew

resource_url http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/ansible@2.10.5-1

url pkg:pypi/ansible@2.8.0a1

purl pkg:pypi/ansible@2.8.0a1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-3jxq-kxnz-6bfh

vulnerability	VCID-49gh-wgmc-mfew

vulnerability	VCID-5mcc-gtrr-j3e4

vulnerability	VCID-6smx-ju23-8qes

vulnerability	VCID-95kg-bk3s-g7gx

vulnerability	VCID-aq21-sp74-17gk

vulnerability	VCID-b8cv-v25q-1kh3

vulnerability	VCID-enwa-2cfn-5uab

vulnerability	VCID-gnq4-v5a7-m3ew

vulnerability	VCID-kgjy-7kdy-c3cg

vulnerability	VCID-m87b-eb5y-8ydf

vulnerability	VCID-mk3k-n9wn-q3ct

vulnerability	VCID-qtt6-8kf8-1fbt

vulnerability	VCID-rarq-tdjt-hff3

vulnerability	VCID-uvca-5e2n-pqew

vulnerability	VCID-xn7b-vz2e-6qdh

vulnerability	VCID-zcmk-4k97-kkd9

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/ansible@2.8.0a1

url pkg:pypi/ansible@2.9.0b1

purl pkg:pypi/ansible@2.9.0b1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-3jxq-kxnz-6bfh

vulnerability	VCID-49gh-wgmc-mfew

vulnerability	VCID-5mcc-gtrr-j3e4

vulnerability	VCID-95kg-bk3s-g7gx

vulnerability	VCID-b8cv-v25q-1kh3

vulnerability	VCID-enwa-2cfn-5uab

vulnerability	VCID-kgjy-7kdy-c3cg

vulnerability	VCID-m87b-eb5y-8ydf

vulnerability	VCID-qtt6-8kf8-1fbt

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/ansible@2.9.0b1

References

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2021-20180

reference_id

reference_type

scores

value	0.00038
scoring_system	epss
scoring_elements	0.11586
published_at	2026-05-30T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2021-20180

reference_url

https://bugzilla.redhat.com/show_bug.cgi?id=1915808

reference_id

reference_type

scores

value	5.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://bugzilla.redhat.com/show_bug.cgi?id=1915808

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

https://github.com/ansible/ansible

reference_id

reference_type

scores

value	5.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/ansible/ansible

reference_url

https://github.com/ansible/ansible/blob/v2.8.19/changelogs/CHANGELOG-v2.8.rst

reference_id

reference_type

scores

value	5.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/ansible/ansible/blob/v2.8.19/changelogs/CHANGELOG-v2.8.rst

reference_url

https://github.com/ansible/ansible/blob/v2.9.18/changelogs/CHANGELOG-v2.9.rst

reference_id

reference_type

scores

value	5.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/ansible/ansible/blob/v2.9.18/changelogs/CHANGELOG-v2.9.rst

reference_url

https://github.com/ansible/ansible/pull/73242

reference_id

reference_type

scores

value	5.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/ansible/ansible/pull/73242

reference_url

https://github.com/ansible/ansible/pull/73243

reference_id

reference_type

scores

value	5.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/ansible/ansible/pull/73243

reference_url

https://github.com/ansible/ansible/tree/v2.7.18/lib/ansible/modules/source_control

reference_id

reference_type

scores

value	5.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/ansible/ansible/tree/v2.7.18/lib/ansible/modules/source_control

reference_url

https://github.com/ansible/ansible/tree/v2.8.0a1/lib/ansible/modules/source_control

reference_id

reference_type

scores

value	5.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/ansible/ansible/tree/v2.8.0a1/lib/ansible/modules/source_control

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=985753
reference_id	985753
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=985753

reference_url	https://security.archlinux.org/ASA-202102-9
reference_id	ASA-202102-9
reference_type
scores
url	https://security.archlinux.org/ASA-202102-9

reference_url

https://security.archlinux.org/AVG-1437

reference_id

AVG-1437

reference_type

scores

value	Medium
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-1437

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2021-20180

reference_id

CVE-2021-20180

reference_type

scores

value	5.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2021-20180

reference_url

https://github.com/advisories/GHSA-fh5v-5f35-2rv2

reference_id

GHSA-fh5v-5f35-2rv2

reference_type

scores

value	MODERATE
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-fh5v-5f35-2rv2

Weaknesses

cwe_id	1035
name	OWASP Top Ten 2017 Category A9 - Using Components with Known Vulnerabilities
description	Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2017.

cwe_id	532
name	Insertion of Sensitive Information into Log File
description	Information written to log files can be of a sensitive nature and give valuable guidance to an attacker or expose sensitive user information.

cwe_id	937
name	OWASP Top Ten 2013 Category A9 - Using Components with Known Vulnerabilities
description	Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2013.

Exploits

Severity_range_score 4.0 - 6.9

Exploitability 0.5

Weighted_severity 6.2

Risk_score 3.1

Resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-49gh-wgmc-mfew

Vulnerability Instance