Django REST framework

Lookup for vulnerabilities affecting packages.

Vulnerability_id VCID-1kpm-7xc6-vbh4

Summary A vulnerability was determined in Wooey up to 0.13.2. The impacted element is the function add_or_update_script of the file wooey/api/scripts.py of the component API Endpoint. Executing a manipulation can lead to improper authorization. It is possible to launch the attack remotely. The exploit has been publicly disclosed and may be utilized. Upgrading to version 0.13.3rc1 and 0.14.0 is sufficient to resolve this issue. This patch is called f7846fc0c323da8325422cab32623491757f1b88. The affected component should be upgraded.

Aliases

alias	CVE-2026-7142

alias	GHSA-w65c-cmxj-qrhm

Fixed_packages

url	pkg:pypi/wooey@0.13.3rc1
purl	pkg:pypi/wooey@0.13.3rc1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:pypi/wooey@0.13.3rc1

Affected_packages

url pkg:pypi/wooey@0.0.1

purl pkg:pypi/wooey@0.0.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1kpm-7xc6-vbh4

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/wooey@0.0.1

url pkg:pypi/wooey@0.0.2

purl pkg:pypi/wooey@0.0.2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1kpm-7xc6-vbh4

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/wooey@0.0.2

url pkg:pypi/wooey@0.0.3

purl pkg:pypi/wooey@0.0.3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1kpm-7xc6-vbh4

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/wooey@0.0.3

url pkg:pypi/wooey@0.0.4

purl pkg:pypi/wooey@0.0.4

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1kpm-7xc6-vbh4

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/wooey@0.0.4

url pkg:pypi/wooey@0.9.0

purl pkg:pypi/wooey@0.9.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1kpm-7xc6-vbh4

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/wooey@0.9.0

url pkg:pypi/wooey@0.9.1

purl pkg:pypi/wooey@0.9.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1kpm-7xc6-vbh4

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/wooey@0.9.1

url pkg:pypi/wooey@0.9.2

purl pkg:pypi/wooey@0.9.2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1kpm-7xc6-vbh4

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/wooey@0.9.2

url pkg:pypi/wooey@0.9.3

purl pkg:pypi/wooey@0.9.3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1kpm-7xc6-vbh4

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/wooey@0.9.3

url pkg:pypi/wooey@0.9.4

purl pkg:pypi/wooey@0.9.4

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1kpm-7xc6-vbh4

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/wooey@0.9.4

url pkg:pypi/wooey@0.9.5

purl pkg:pypi/wooey@0.9.5

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1kpm-7xc6-vbh4

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/wooey@0.9.5

url pkg:pypi/wooey@0.9.6

purl pkg:pypi/wooey@0.9.6

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1kpm-7xc6-vbh4

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/wooey@0.9.6

url pkg:pypi/wooey@0.9.8

purl pkg:pypi/wooey@0.9.8

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1kpm-7xc6-vbh4

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/wooey@0.9.8

url pkg:pypi/wooey@0.9.9

purl pkg:pypi/wooey@0.9.9

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1kpm-7xc6-vbh4

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/wooey@0.9.9

url pkg:pypi/wooey@0.9.10

purl pkg:pypi/wooey@0.9.10

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1kpm-7xc6-vbh4

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/wooey@0.9.10

url pkg:pypi/wooey@0.9.11

purl pkg:pypi/wooey@0.9.11

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1kpm-7xc6-vbh4

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/wooey@0.9.11

url pkg:pypi/wooey@0.10.dev0

purl pkg:pypi/wooey@0.10.dev0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1kpm-7xc6-vbh4

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/wooey@0.10.dev0

url pkg:pypi/wooey@0.10.0

purl pkg:pypi/wooey@0.10.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1kpm-7xc6-vbh4

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/wooey@0.10.0

url pkg:pypi/wooey@0.10.1

purl pkg:pypi/wooey@0.10.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1kpm-7xc6-vbh4

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/wooey@0.10.1

url pkg:pypi/wooey@0.11.0rc1

purl pkg:pypi/wooey@0.11.0rc1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1kpm-7xc6-vbh4

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/wooey@0.11.0rc1

url pkg:pypi/wooey@0.11.0rc2

purl pkg:pypi/wooey@0.11.0rc2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1kpm-7xc6-vbh4

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/wooey@0.11.0rc2

url pkg:pypi/wooey@0.11.0rc3

purl pkg:pypi/wooey@0.11.0rc3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1kpm-7xc6-vbh4

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/wooey@0.11.0rc3

url pkg:pypi/wooey@0.11.0

purl pkg:pypi/wooey@0.11.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1kpm-7xc6-vbh4

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/wooey@0.11.0

url pkg:pypi/wooey@0.11.1rc2

purl pkg:pypi/wooey@0.11.1rc2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1kpm-7xc6-vbh4

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/wooey@0.11.1rc2

url pkg:pypi/wooey@0.11.1rc3

purl pkg:pypi/wooey@0.11.1rc3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1kpm-7xc6-vbh4

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/wooey@0.11.1rc3

url pkg:pypi/wooey@0.11.1rc4

purl pkg:pypi/wooey@0.11.1rc4

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1kpm-7xc6-vbh4

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/wooey@0.11.1rc4

url pkg:pypi/wooey@0.11.1rc5

purl pkg:pypi/wooey@0.11.1rc5

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1kpm-7xc6-vbh4

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/wooey@0.11.1rc5

url pkg:pypi/wooey@0.11.1rc6

purl pkg:pypi/wooey@0.11.1rc6

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1kpm-7xc6-vbh4

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/wooey@0.11.1rc6

url pkg:pypi/wooey@0.11.1rc7

purl pkg:pypi/wooey@0.11.1rc7

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1kpm-7xc6-vbh4

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/wooey@0.11.1rc7

url pkg:pypi/wooey@0.11.1

purl pkg:pypi/wooey@0.11.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1kpm-7xc6-vbh4

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/wooey@0.11.1

url pkg:pypi/wooey@0.12.0rc1

purl pkg:pypi/wooey@0.12.0rc1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1kpm-7xc6-vbh4

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/wooey@0.12.0rc1

url pkg:pypi/wooey@0.12.0rc2

purl pkg:pypi/wooey@0.12.0rc2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1kpm-7xc6-vbh4

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/wooey@0.12.0rc2

url pkg:pypi/wooey@0.12.0rc3

purl pkg:pypi/wooey@0.12.0rc3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1kpm-7xc6-vbh4

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/wooey@0.12.0rc3

url pkg:pypi/wooey@0.12.0

purl pkg:pypi/wooey@0.12.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1kpm-7xc6-vbh4

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/wooey@0.12.0

url pkg:pypi/wooey@0.13.0

purl pkg:pypi/wooey@0.13.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1kpm-7xc6-vbh4

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/wooey@0.13.0

url pkg:pypi/wooey@0.13.1

purl pkg:pypi/wooey@0.13.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1kpm-7xc6-vbh4

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/wooey@0.13.1

url pkg:pypi/wooey@0.13.2rc1

purl pkg:pypi/wooey@0.13.2rc1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1kpm-7xc6-vbh4

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/wooey@0.13.2rc1

url pkg:pypi/wooey@0.13.2rc2

purl pkg:pypi/wooey@0.13.2rc2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1kpm-7xc6-vbh4

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/wooey@0.13.2rc2

url pkg:pypi/wooey@0.13.2rc3

purl pkg:pypi/wooey@0.13.2rc3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1kpm-7xc6-vbh4

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/wooey@0.13.2rc3

url pkg:pypi/wooey@0.13.2

purl pkg:pypi/wooey@0.13.2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1kpm-7xc6-vbh4

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/wooey@0.13.2

References

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2026-7142

reference_id

reference_type

scores

value	0.00054
scoring_system	epss
scoring_elements	0.1716
published_at	2026-06-11T12:55:00Z

value	0.00054
scoring_system	epss
scoring_elements	0.17312
published_at	2026-06-14T12:55:00Z

value	0.00054
scoring_system	epss
scoring_elements	0.17338
published_at	2026-06-13T12:55:00Z

value	0.00054
scoring_system	epss
scoring_elements	0.17322
published_at	2026-06-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2026-7142

reference_url

https://github.com/wooey/Wooey

reference_id

reference_type

scores

value	6.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L

value	2.1
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P

value	LOW
scoring_system	generic_textual
scoring_elements

url

https://github.com/wooey/Wooey

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2026-7142

reference_id

reference_type

scores

value	6.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L

value	2.1
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P

value	LOW
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2026-7142

reference_url

https://vuldb.com/vuln/359741

reference_id

359741

reference_type

scores

value	6.5
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:S/C:P/I:P/A:P/E:POC/RL:OF/RC:C

value	6.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:O/RC:C

value	6.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L

value	6.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:O/RC:C

value	2.1
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P

value	5.3
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P

value	LOW
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-27T19:37:14Z/

url

https://vuldb.com/vuln/359741

reference_url

https://github.com/wooey/Wooey/pull/407

reference_id

407

reference_type

scores

value	6.5
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:S/C:P/I:P/A:P/E:POC/RL:OF/RC:C

value	6.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:O/RC:C

value	6.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:O/RC:C

value	6.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L

value	2.1
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P

value	5.3
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P

value	LOW
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-27T19:37:14Z/

url

https://github.com/wooey/Wooey/pull/407

reference_url

https://github.com/wooey/Wooey/issues/408

reference_id

408

reference_type

scores

value	6.5
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:S/C:P/I:P/A:P/E:POC/RL:OF/RC:C

value	6.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:O/RC:C

value	6.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:O/RC:C

value	6.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L

value	2.1
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P

value	5.3
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P

value	LOW
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-27T19:37:14Z/

url

https://github.com/wooey/Wooey/issues/408

reference_url

https://vuldb.com/submit/801533

reference_id

801533

reference_type

scores

value	6.5
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:S/C:P/I:P/A:P/E:POC/RL:OF/RC:C

value	6.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:O/RC:C

value	6.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:O/RC:C

value	6.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L

value	2.1
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P

value	5.3
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P

value	LOW
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-27T19:37:14Z/

url

https://vuldb.com/submit/801533

reference_url

https://vuldb.com/vuln/359741/cti

reference_id

cti

reference_type

scores

value	6.5
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:S/C:P/I:P/A:P/E:POC/RL:OF/RC:C

value	6.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:O/RC:C

value	6.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L

value	6.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:O/RC:C

value	2.1
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P

value	5.3
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P

value	LOW
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-27T19:37:14Z/

url

https://vuldb.com/vuln/359741/cti

reference_url

https://github.com/wooey/Wooey/commit/f7846fc0c323da8325422cab32623491757f1b88

reference_id

f7846fc0c323da8325422cab32623491757f1b88

reference_type

scores

value	6.5
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:S/C:P/I:P/A:P/E:POC/RL:OF/RC:C

value	6.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:O/RC:C

value	6.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:O/RC:C

value	6.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L

value	2.1
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P

value	5.3
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P

value	LOW
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-27T19:37:14Z/

url

https://github.com/wooey/Wooey/commit/f7846fc0c323da8325422cab32623491757f1b88

reference_url

https://github.com/advisories/GHSA-w65c-cmxj-qrhm

reference_id

GHSA-w65c-cmxj-qrhm

reference_type

scores

value	LOW
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-w65c-cmxj-qrhm

reference_url

https://github.com/wooey/Wooey/releases/tag/v0.13.3rc1

reference_id

v0.13.3rc1

reference_type

scores

value	6.5
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:S/C:P/I:P/A:P/E:POC/RL:OF/RC:C

value	6.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:O/RC:C

value	6.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:O/RC:C

value	6.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L

value	2.1
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P

value	5.3
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P

value	LOW
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-27T19:37:14Z/

url

https://github.com/wooey/Wooey/releases/tag/v0.13.3rc1

reference_url

https://github.com/wooey/Wooey/

reference_id

Wooey

reference_type

scores

value	6.5
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:S/C:P/I:P/A:P/E:POC/RL:OF/RC:C

value	6.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:O/RC:C

value	6.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:O/RC:C

value	5.3
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-27T19:37:14Z/

url

https://github.com/wooey/Wooey/

Weaknesses

cwe_id	266
name	Incorrect Privilege Assignment
description	A product incorrectly assigns a privilege to a particular actor, creating an unintended sphere of control for that actor.

cwe_id	285
name	Improper Authorization
description	The product does not perform or incorrectly performs an authorization check when an actor attempts to access a resource or perform an action.

cwe_id	937
name	OWASP Top Ten 2013 Category A9 - Using Components with Known Vulnerabilities
description	Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2013.

cwe_id	1035
name	OWASP Top Ten 2017 Category A9 - Using Components with Known Vulnerabilities
description	Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2017.

Exploits

Severity_range_score 0.1 - 6.5

Exploitability 0.5

Weighted_severity 5.9

Risk_score 3.0

Resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-1kpm-7xc6-vbh4

Vulnerability Instance